If you run outbound calling or texting and you buy leads, hire a dialing vendor, or work through affiliates, here is a ruling worth pinning to the wall. On May 15, 2026, a federal judge in the Western District of Washington threw out TCPA claims against two insurance companies in Sundstrom v. Ocean Reef Media LLC, finding the plaintiff never plausibly explained why those insurers should answer for calls a different company allegedly placed. For operators, that is a rare piece of good news — and a clear roadmap for how to keep yourself out of the same complaint.
What happened
The plaintiff received marketing calls and sued not just the entity that dialed, but the insurers whose products were ultimately being pitched. The theory was vicarious liability: hold the brand at the end of the funnel responsible for the conduct of the lead generator at the front of it. The court was not persuaded. It dismissed the claims against the insurers because the complaint offered conclusions — “they were agents,” “they authorized this” — without the concrete facts a court needs to make that link plausible. Speculative inferences, the judge held, are not enough.
Why operators should care
TCPA liability has never stopped at the company that physically pressed “send.” Under the FCC’s long-standing agency framework, a brand can be on the hook for a vendor’s or affiliate’s calls if it controlled the manner and means of those calls, ratified them, or cloaked the caller in apparent authority. That is exactly how a plaintiff’s lawyer tries to reach the deeper pockets. Sundstrom does not erase that exposure. What it does is confirm that a plaintiff has to actually plead the relationship — who directed whom, what the contract said, who set the script, who controlled the lists — and cannot simply name every company in the chain and hope discovery fills the gap.
That cuts both ways. It is a defense win if your paperwork and your day-to-day practice genuinely keep you at arm’s length from a vendor. It is a loaded gun pointed at you if they do not, because the same facts that defeat a vague complaint will sink a well-pleaded one.
The operator checklist
Treat Sundstrom as a prompt to audit how much control you exert over the people dialing on your behalf. Read your vendor contracts: do they assign TCPA compliance, consent capture, and list scrubbing to the vendor in writing, with indemnification? Look at practice, not just paper — if your team writes the scripts, approves the call windows, hands over the lists, and monitors the dialer, a court will see an agency relationship no matter what the contract title says. Keep consent records that travel with the lead, so you can show where a phone number came from and what the consumer actually agreed to. And require proof, not promises, that your partners are scrubbing against do-not-call data and known litigants before any campaign goes out.
For operators, the cheapest line of defense is also the most overlooked: scrub your call and text lists before you dial. TCPALitigatorList.com maintains the most widely used database of known TCPA plaintiffs and serial filers. Running an outbound list through it takes minutes and keeps professional litigants off your campaigns before they ever pick up the phone — which, given how fast statutory damages add up, is one of the highest-return compliance steps an operator can build into a launch checklist.
The takeaway
The win in Sundstrom went to defendants who could not be plausibly tied to the calls. The lesson for everyone else is that the tie is built — or avoided — long before a complaint is filed. Tighten your vendor governance now, and a future plaintiff will have nothing concrete to plead. Leave it loose, and the next court may have plenty.
Sources
Faegre Drinker — “Washington Federal Court Dismisses TCPA Claims, Finding Insufficient Allegations of Vicarious Liability”; Sundstrom v. Ocean Reef Media LLC, No. 26-5036, 2026 WL 1361646 (W.D. Wash. May 15, 2026).