05/2026 by ParisR

Checks Are Going Out in the Zales TCPA Settlement — Here’s the Operator Lesson Behind the Headlines

This month, settlement checks started landing in mailboxes for the Zales TCPA class action — up to $100 each, across roughly 75,000 phone numbers, out of a $7.54 million fund. It is a useful moment to look past the headline number, because the three biggest TCPA settlements making news right now each fail in a different, very preventable way. For operators, they read less like legal news and more like a punch list.

Three settlements, three distinct mistakes

Zales — $7.54M. The jeweler was sued for sending marketing texts to numbers on the National Do Not Call Registry. The class definition is the lesson: numbers registered on the DNC list for at least 30 days that then received at least two texts within a 12-month period. That is a pure list-hygiene failure — texting people who had told the government, in writing, to leave them alone.

Truist Bank — $4.1M. The bank settled claims it placed prerecorded calls about accounts to the wrong people — roughly 6,000 numbers that were not the account holders and had not consented to anything. The plaintiff alleged he got two dozen robocalls meant for someone else. That is a wrong-number and data-quality failure: calling reassigned or mistyped numbers without a process to catch them.

Everything Breaks — about $995K. The warranty company settled claims of repeated telemarketing robocalls to consumers on the National Do Not Call Registry. Same root cause as Zales, smaller company, smaller fund — proof the exposure is not just a big-brand problem.

The volume behind the settlements

None of this is happening in a vacuum. More TCPA class actions were filed in the first quarter of 2026 than in any quarter in recorded history. The plaintiffs’ bar has industrialized the work: intake, list analysis, demand letters, and class definitions are now a repeatable pipeline. When filing volume is at an all-time high, the question for an outbound operation is not whether your practices will be tested but when.

The operator punch list

Scrub every outbound list against the National Do Not Call Registry on a fresh cycle — not a download from last quarter — and keep your internal do-not-call suppression synchronized across every system and brand. Build reassigned-number checking into your dialing so you stop calling numbers that changed hands; the FCC’s Reassigned Numbers Database exists for exactly this. Treat a wrong-number complaint as a stop signal, not a data-entry note. And keep consent and suppression records you can actually produce, because in every one of these cases the company’s inability to prove a clean practice is what turned a complaint into a fund.

For operators, the cheapest line of defense is also the most overlooked: scrub your call and text lists before you dial. TCPALitigatorList.com maintains the most widely used database of known TCPA plaintiffs and serial filers. Running an outbound list through it takes minutes and keeps professional litigants off your campaigns before they ever pick up the phone — which, given how fast statutory damages add up, is one of the highest-return compliance steps an operator can build into a launch checklist.

The takeaway

Zales, Truist, and Everything Breaks did not lose to exotic legal theories. They lost to stale lists, wrong numbers, and opt-outs that did not propagate. Those are operational problems with operational fixes — and in a record-setting filing environment, fixing them is cheaper than funding the next settlement.

Sources

Top Class Actions — “$7.54M Zales TCPA class action settlement”; Class Action.org — “$4.1M Truist Bank Settlement”; CompliancePoint — “Truist Bank Settles $4.1M TCPA Lawsuit”; Top Class Actions — “Everything Breaks $995,000 TCPA settlement”; CompliancePoint / Shipkevich PLLC — 2026 TCPA litigation trend reporting.

05/2026 by ParisR

There’s a New TCPA Lawsuit Going Around — and It’s About What Shows Up on the Screen

Operators have spent two years bracing for the obvious TCPA traps: consent, quiet hours, do-not-call scrubbing. Here is the one most teams have not even put on the board. Plaintiffs’ lawyers have found a new claim, and it has nothing to do with whether the recipient consented. It is about what your call or text actually displayed on the recipient’s phone — the caller ID — and a string of 2026 rulings just confirmed consumers can sue over it.

The rule nobody was watching

Buried in the FCC’s telemarketing regulations, 47 C.F.R. 64.1601(e) requires telemarketers to transmit caller identification information — a name and a number a consumer can call back to make a do-not-call request. For years this was treated as a technical rule enforced, if at all, by regulators. In 2026 that changed. Multiple federal courts have now held that consumers have a private right of action to sue over caller ID failures, and that the requirement applies not just to voice calls but to marketing text messages.

What the recent cases show

The picture is genuinely mixed, which is exactly why it is dangerous. In Zelma v. Ram, decided in the District of New Jersey on May 19, 2026, the court gave defendants something to like: displaying the recognizable brand name “RE/MAX” next to the number was enough to satisfy the caller ID requirement. But in Novia v. Mobiz, a Massachusetts federal court let a caller ID claim over marketing texts survive the pleading stage, and a second court has now recognized a private right of action for SMS caller ID failures. Translation: a defective sender ID on a text blast is now a viable class claim, and the safe-harbor line — what counts as adequate identification — is still being drawn case by case.

Why this hits operators hard

Most outbound text programs were never built with this rule in mind. Short codes, rotating 10DLC numbers, alphanumeric sender IDs, and “no-reply” configurations are everywhere — and several of those setups arguably fail to give the consumer a name plus a callable number for do-not-call requests. Because TCPA damages run $500 to $1,500 per message, a single campaign sent from a non-compliant sender ID to a large list is a ready-made class action, even if every recipient opted in. Consent does not cure a caller ID defect.

What to do this week

Pull up your last five outbound campaigns on an actual phone and look at what displays. Does the recipient see an identifiable business name? Is there a number they can call back — one that is monitored — to ask not to be contacted? For voice, confirm your transmitted CNAM and ANI resolve to your business, not a blank or a spoofed-looking string. For texts, make sure the sender identity and the opt-out path are unambiguous. And watch the states: Florida’s 2026 legislature is weighing strict caller identification mandates that would go further than the federal rule.

The takeaway

The caller ID claim is attractive to plaintiffs precisely because it sidesteps the hardest part of a TCPA case — proving lack of consent — and turns instead on a technical display detail the defendant either got right or did not. Get it right before a plaintiff checks it for you.

Sources

Zelma v. Ram, 2026 WL 1398784 (D.N.J. May 19, 2026); National Law Review — “MAX TCPA Clarity”; Buchanan Ingersoll & Rooney — “Calling for Clarity: Navigating New Caller ID TCPA Claims”; Bubeck Law — “A New TCPA Risk: Caller ID Requirements for Marketing Texts?”; 47 C.F.R. 64.1601(e).

05/2026 by ParisR

A Federal Court Just Drew a Cleaner Line Between You and Your Lead Vendors

If you run outbound calling or texting and you buy leads, hire a dialing vendor, or work through affiliates, here is a ruling worth pinning to the wall. On May 15, 2026, a federal judge in the Western District of Washington threw out TCPA claims against two insurance companies in Sundstrom v. Ocean Reef Media LLC, finding the plaintiff never plausibly explained why those insurers should answer for calls a different company allegedly placed. For operators, that is a rare piece of good news — and a clear roadmap for how to keep yourself out of the same complaint.

What happened

The plaintiff received marketing calls and sued not just the entity that dialed, but the insurers whose products were ultimately being pitched. The theory was vicarious liability: hold the brand at the end of the funnel responsible for the conduct of the lead generator at the front of it. The court was not persuaded. It dismissed the claims against the insurers because the complaint offered conclusions — “they were agents,” “they authorized this” — without the concrete facts a court needs to make that link plausible. Speculative inferences, the judge held, are not enough.

Why operators should care

TCPA liability has never stopped at the company that physically pressed “send.” Under the FCC’s long-standing agency framework, a brand can be on the hook for a vendor’s or affiliate’s calls if it controlled the manner and means of those calls, ratified them, or cloaked the caller in apparent authority. That is exactly how a plaintiff’s lawyer tries to reach the deeper pockets. Sundstrom does not erase that exposure. What it does is confirm that a plaintiff has to actually plead the relationship — who directed whom, what the contract said, who set the script, who controlled the lists — and cannot simply name every company in the chain and hope discovery fills the gap.

That cuts both ways. It is a defense win if your paperwork and your day-to-day practice genuinely keep you at arm’s length from a vendor. It is a loaded gun pointed at you if they do not, because the same facts that defeat a vague complaint will sink a well-pleaded one.

The operator checklist

Treat Sundstrom as a prompt to audit how much control you exert over the people dialing on your behalf. Read your vendor contracts: do they assign TCPA compliance, consent capture, and list scrubbing to the vendor in writing, with indemnification? Look at practice, not just paper — if your team writes the scripts, approves the call windows, hands over the lists, and monitors the dialer, a court will see an agency relationship no matter what the contract title says. Keep consent records that travel with the lead, so you can show where a phone number came from and what the consumer actually agreed to. And require proof, not promises, that your partners are scrubbing against do-not-call data and known litigants before any campaign goes out.

The takeaway

The win in Sundstrom went to defendants who could not be plausibly tied to the calls. The lesson for everyone else is that the tie is built — or avoided — long before a complaint is filed. Tighten your vendor governance now, and a future plaintiff will have nothing concrete to plead. Leave it loose, and the next court may have plenty.

Sources

Faegre Drinker — “Washington Federal Court Dismisses TCPA Claims, Finding Insufficient Allegations of Vicarious Liability”; Sundstrom v. Ocean Reef Media LLC, No. 26-5036, 2026 WL 1361646 (W.D. Wash. May 15, 2026).

05/2026 by ParisR

If a Plaintiff Can Sue OpenAI for Their Customer’s Texts, Every Outbound Operator Should Be Paying Attention

There’s a TCPA complaint sitting in a Virginia federal court that should be on every outbound operator’s radar — not because of the consumer who filed it, but because of who he sued.

In Lowry v. OpenAI, the plaintiff alleges he received unwanted marketing text messages from a company called Fresh Start Group, sent via Twilio-provisioned numbers, that were generated using OpenAI’s platform. So far, so unremarkable. The unusual move is that the complaint names OpenAI itself and Twilio as defendants — not just the company that actually sent the messages.

The platform liability theory

The theory: under the TCPA, you can be liable if you ’cause’ a call or text to be initiated — not just if you physically dial. The complaint argues that by providing the AI platform that generated the messages and the telephony infrastructure that delivered them, OpenAI and Twilio caused the messages and should share liability with the downstream caller.

If that theory survives — and even if it only survives early motions long enough to drive a settlement — it reshapes the TCPA risk model for every operator that uses an AI agent or a CPaaS provider in their outbound stack. Which, in 2026, is basically all of them.

The exposure math

The complaint seeks to represent a class of every U.S. consumer who received marketing messages generated on OpenAI’s platform, where the recipient’s number was on the DNC list and OpenAI did not have consent. At $500 per call with a four-year TCPA lookback, the theoretical class damages run into the trillions. That number is obviously aspirational, but it is the number plaintiff’s counsel will use at the settlement table.

Twilio is not new to this argument. The company received an FCC cease-and-desist letter in 2024 over allegedly enabling illegal robocall traffic. The platform-liability theory in Lowry didn’t appear from nowhere — it’s the legal extension of years of regulatory pressure on the infrastructure layer.

Why this matters even if you’re not Twilio or OpenAI

For operators, the practical implication is not ‘we should stop using AI or CPaaS providers.’ The implication is that the indemnity and consent structure of your vendor agreements just got a lot more important. If your CPaaS or AI vendor takes a settlement-driven hit from a Lowry-style case, every contract clause about pass-through liability, indemnity, and audit rights becomes live.

Three operator action items:

1. Read your CPaaS terms of service. Most CPaaS providers explicitly disclaim TCPA liability and push it back to the customer. That’s fine until a court holds the CPaaS provider liable anyway — at which point the disclaimer becomes a contract fight, not a liability shield.

2. Document your consent-to-platform chain. If a platform-liability case lands and the platform comes asking, you want a clean record of how every number on your campaign ended up there with consent.

3. Watch the FCC’s posture. The FCC has already issued cease-and-desist letters to infrastructure providers and has ruled that AI-generated voices are ‘artificial or prerecorded voice’ under the TCPA. The trend is toward more, not less, liability up the stack.

If you run an outbound calling or texting program, the cheapest insurance against any of this is screening your dial list before you hit send. TCPALitigatorList.com maintains a continuously updated database of known TCPA plaintiffs and serial litigators so operators can scrub their files and quietly remove the numbers most likely to turn a routine campaign into a class action. A few minutes of list hygiene beats a few months of discovery every time.

The bigger arc

The TCPA was written in 1991 for a world of human dialers calling from cubicles. The legal system has spent 35 years stretching its concepts of ‘call,’ ‘caller,’ and ‘consent’ to cover autodialers, prerecorded voice, ringless voicemail, SMS, and now AI-generated messages routed through stack-of-stack platforms.

Lowry v. OpenAI is the next chapter of that stretch: holding whoever provided the technology that caused the message, not just the entity whose name was on the customer-facing brand. Watch this case closely. Whether it wins or settles, it will move where TCPA liability lands for the next decade.

Sources

National Law Review: New TCPA Complaint Names OpenAI and Twilio
Henson Legal: OpenAI and Twilio Sued for Customers’ TCPA Violations
Lowry v. OpenAI Complaint (PDF)

05/2026 by ParisR

Ringless Voicemail Isn’t a Loophole Anymore — Two 2026 Cases Are Sending That Message Loud and Clear

For years, ringless voicemail (RVM) vendors sold the same comforting story to operators: drop a message straight into a consumer’s voicemail without actually placing a call, and you sidestep the TCPA. That story is dead. Two 2026 cases have driven a stake through it, and any operator still running RVM campaigns without TCPA-grade consent is sitting on an unsexploded class action.

The $6.5M warning shot

National Retail Solutions (NRS), a point-of-sale technology provider, agreed to pay over $6.5 million to resolve a TCPA class action alleging it used ringless voicemail technology without the level of consent the statute requires. The class is limited to RVMs sent by a single provider, with over 50,000 class members each set to receive more than $100. The ceiling on what NRS sent is almost certainly much higher than the class that got certified.

The case is a clean operator-side cautionary tale. NRS wasn’t a fly-by-night dialer shop. It was a B2B technology company that ran a growth program through a marketing channel its leadership probably believed was compliant. The compliance belief was wrong, the scale was high, and the bill is $6.5M.

The GoHighLevel realtor case

The second case to know is the Britney Gaitan / GoHighLevel matter out of Las Vegas. A solo realtor used GoHighLevel — a popular all-in-one marketing platform — to send ringless voicemails to expired listings. A court certified a class against her on the theory that the voicemails were prerecorded calls under the TCPA, and that she had no documentation of consent from class members.

The operator-level lesson here is brutal. You don’t need to be a Fortune 500 telemarketer to face TCPA class exposure. You need to run a single high-volume RVM campaign without consent records, and you can lose your business.

Why courts keep treating RVM as TCPA-regulated

The FCC settled this question in 2022 with a Declaratory Ruling that ringless voicemails to wireless phones are subject to the TCPA’s robocall provisions because they are calls made using an artificial or prerecorded voice. Every court ruling since has reinforced that position, including a 2025 decision in Taylor v. Kit Insurance holding that identical voicemail content is enough at the pleading stage to allege a prerecorded call.

The vendor story — that RVMs aren’t ‘calls’ because they bypass the ring — has been rejected by the FCC and the courts. If your vendor is still pitching that line, find a new vendor.

Operator checklist if you run RVM

Treat RVM exactly like a robocall. Same prior express written consent. Same DNC scrubbing. Same revocation handling. Same recordkeeping. There is no separate compliance lane.

Audit your consent records by source. If you can’t produce, per number, a time-stamped, source-traceable consent record for the specific channel and specific purpose, you don’t have consent.

Get rid of legacy lists. Old lead lists are where TCPA class actions are born. If a list pre-dates your current consent process, retire it.

Document your platform’s defaults. Many marketing platforms ship with consent assumptions baked in. If those assumptions don’t match your actual lead flow, you’re carrying the risk, not the platform.

Bottom line

The RVM industry spent a decade selling a workaround that the FCC and the courts have now explicitly rejected. Operators who continue to rely on the workaround are betting against settled regulatory and judicial positions. The NRS $6.5M settlement and the GoHighLevel class certification are the two numbers that should end the bet.

Sources

National Law Review: Ringless Voicemail Triggers $6.5M TCPA Settlement for NRS
TCPAWorld: GoHighLevel Realtor TCPA Class Action
FCC Declaratory Ruling on Ringless Voicemail

05/2026 by ParisR

Tennessee Just Quietly Rewrote the Rules for Automated Calling — Here’s What Operators Need to Do Before July 1

If you run outbound calling or texting programs that touch Tennessee residents, mark a date on your wall: July 1, 2026. That’s when Tennessee’s new automated-telemarketing oversight law — HB 2408 / SB 2659 — takes effect, and it’s going to change the day-to-day mechanics of how you operate in the state.

The bill cleared both chambers without a single dissenting vote (94-0 in the House on April 6, 33-0 in the Senate on April 21), was signed by the Speaker on April 30, and was transmitted to Governor Lee on May 7. If he signs it — and there’s no political reason to think he won’t — the amendment applies to conduct occurring on or after July 1, 2026.

What actually changed

The bill amends Tennessee’s existing telephone and text-message solicitation framework by bolting on a new oversight mechanism aimed squarely at large-scale automated campaigns. The headline practical changes are new reporting requirements, expanded recordkeeping obligations, and tighter solicitation limits for any business running automated dialers or mass-text platforms into Tennessee numbers.

The key word is oversight. Tennessee already has TCPA-style consent and DNC rules on the books. What was missing was visibility — the state regulator had no clean way to see who was running large automated campaigns into the state. The amendment fixes that by requiring covered callers to file reports and retain records that the regulator can pull on demand.

Why this matters operationally

The federal TCPA gets the attention, but state-level enforcement is where most operators actually get caught. State regulators have shorter ramps to enforcement, can act on a complaint without a class plaintiff, and increasingly coordinate with sister states under the 51-AG Anti-Robocall Task Force. Tennessee adding a reporting regime is a textbook case of the state-level squeeze that’s been building all year.

For operators, the practical to-do list before July 1 is short but real:

1. Inventory your Tennessee traffic. Pull the last 12 months of dialer and SMS logs and segment by state. If Tennessee is a meaningful slice, you are in scope.

2. Audit your consent records. The reporting regime won’t be friendly to operators who can’t produce a clean, time-stamped consent record for each number. Now is the time to fix gaps in lead documentation.

3. Pin down your vendor stack. If you use third-party dialers, SMS aggregators, or lead vendors, your recordkeeping is only as good as theirs. Get contractual commitments in writing that they’ll preserve and produce records on the timelines the new law demands.

4. Rethink your suppression process. Reporting obligations mean every preventable violation becomes a visible one. Front-loading suppression — DNC scrubs, internal-DNC propagation, litigator screening — is the cheapest risk reduction you can do.

The bigger picture

Tennessee is not an outlier. New York raised its DNC fine ceiling to $20,000 per violation. Mississippi shifted its no-call enforcement to the AG. The pattern is clear: while the FCC is loosening at the federal level, states are tightening, and the tightening comes with real teeth.

Operators who treat TCPA compliance as a single federal program are going to keep getting surprised. The compliance map is now a 50-state patchwork, and Tennessee just added another patch with a deadline.

Sources

TCPAWorld: Tennessee’s New Solicitation Oversight Law
Receivables Info: Tennessee Legislature Approves New Automated Telemarketing Restrictions
LegiScan: Tennessee HB 2408

05/2026 by ParisR

$28M and Counting: What SiriusXM’s TCPA Settlement Reveals About Your Internal DNC List

SiriusXM’s $28 million TCPA settlement hit its final approval hearing on May 11, 2026, in the Central District of Illinois. The case — Campbell v. SiriusXM Radio, Inc., No. 2:22-cv-2261 — covers consumers who received more than one telemarketing call from SiriusXM within a 12-month period between April 27, 2019, and October 31, 2025, despite either being on the National Do Not Call Registry or having asked to be added to SiriusXM’s internal Do Not Call list. The operational lesson buried inside the case is more important than the headline number.

The “internal DNC” failure mode

The National DNC Registry is a known compliance surface. Most callers scrub against it. But the internal DNC list — the list of consumers who have specifically asked your company to stop calling them — is where SiriusXM (and most large outbound callers) repeatedly bleeds. The plaintiffs in Campbell were able to assemble a class because the company couldn’t reliably honor its own internal opt-out requests across a six-year window. That’s an operational data problem, not a legal one.

The TCPA requires that an internal DNC request be honored within a reasonable time — typically construed as 30 days — and that the request persist indefinitely once made. For any large outbound calling operation, this means an internal DNC list has to: (1) capture every opt-out across every channel (phone, web, text reply, email, mail), (2) propagate that opt-out to every system that initiates contact, and (3) survive every data migration, vendor switch, and platform consolidation that happens over the years.

Where it breaks

The places SiriusXM almost certainly broke down are the places most operators break down:

Channel fragmentation. Customer asks an inbound rep to stop calling. That rep notes it in the support CRM. The outbound dialer reads from a different system. The opt-out doesn’t propagate. Next call goes out two weeks later.

Vendor and platform changes. Migration from one telephony platform to another, or one CRM to another, frequently drops the historical DNC flag. Suddenly a number that’s been opted out for three years is “fresh” again from the dialer’s perspective.

Reassigned numbers. The number that opted out belongs to one person. Two years later, the number belongs to someone else. Your DNC list still has the opt-out. Now you’re not calling the person who asked you to stop — but the rules around this are nuanced and have moved repeatedly in recent years.

Affiliate and partner calls. Calls placed by partners, resellers, or acquisition targets on your behalf. The opt-out you captured doesn’t make it into their dialers. The customer experiences these as calls from you.

The class-action economics

Per the settlement framework, SiriusXM’s $28 million covers a class spanning roughly six and a half years. Per-claimant payouts are capped (claim deadline was March 21, 2026), but the structural cost — attorney’s fees, claims administration, ongoing class-counsel oversight — is significant. The settlement also triggers internal remediation obligations: SiriusXM’s internal DNC processes will be under heightened scrutiny going forward, and any future violation in this area carries dramatically increased exposure.

For operators, the math to internalize: the $28M number is the visible cost. The invisible cost is the ongoing operational discipline required to keep this from happening again. Most companies eat that invisible cost only after the visible one materializes.

One operational hedge worth building into your dialing stack: scrub every outbound list against known TCPA plaintiffs before you launch. TCPALitigatorList.com maintains a continuously updated database of numbers tied to professional plaintiffs and frequent TCPA filers, and a five-minute suppression pass against that file is a lot cheaper than a single class certification fight.

An operator’s audit checklist

Five things to verify about your internal DNC infrastructure this week:

First, every channel where a customer can request to stop being contacted feeds into a single source-of-truth opt-out table. Second, that table is read by every system that initiates outbound contact, with a documented SLA on propagation (24 hours is reasonable; 30 days is the legal ceiling, not the operational target). Third, opt-outs persist through every data migration, with explicit reconciliation steps in the migration playbook. Fourth, partner and affiliate calling is governed by a contractual requirement that your DNC list be shared and honored. Fifth, you have a quarterly audit process that picks 25 random opt-outs and verifies that no contact has gone out since the opt-out date. If you can’t pass that audit cleanly, you’re a Campbell defendant waiting to happen.

Sources

Campbell v. SiriusXM Radio, Inc., No. 2:22-cv-2261 (C.D. Ill.); settlement website sxmtcpasettlement.com; Inside Radio and TopClassActions reporting.

05/2026 by ParisR

eXp Realty’s TCPA Nightmare Just Got Worse — and It’s a Wake-Up Call for Anyone Running Independent Reps

If you run any kind of distributed sales force — independent agents, 1099 reps, franchisees, partners — the eXp Realty saga is the case study you cannot afford to ignore. In early May 2026, the U.S. District Court for the Western District of Washington denied eXp’s motion to stay the certified TCPA class action in Usanovic v. eXp Realty, pushing the case toward trial. This follows a March 2026 class certification covering unsolicited calls placed by eXp agents using Mojo and Vulcan7 dialers from May 2019 through September 2023. The exposure is massive, and the operational lesson is brutal.

The legal posture

eXp tried the usual stall: requesting a stay pending appeal, hoping to extract a more favorable settlement posture before trial. The court refused. That means the case proceeds with a certified class, with eXp facing potential statutory damages of $500 to $1,500 per call across an unquantified but very large class period.

The structural problem for eXp is that the courts have already held — in a prior phase of this litigation — that eXp can be directly liable for calls made by its independent agents. That holding is the part of this case that should be keeping operators of agent-based businesses awake at night. The “they’re independent contractors, not employees” defense did not save eXp. The agency relationship — the brand, the training, the lead provisioning, the platform — was enough to expose the parent.

What this means operationally

If your business model involves any version of “we provide the platform, they make the calls,” you have an eXp problem in latent form. The question isn’t whether your agents are technically independent contractors. The question is whether a court can find enough connective tissue — co-branded training materials, lead lists you provide, a script you wrote, a dialer you pay for — to attribute their TCPA violations to you.

The practical hedges every operator running a distributed sales force should be implementing right now:

Lead provenance auditing. The Usanovic court honed in on the fact that lead vendors testified they did not have consent on the leads they sold to eXp agents. If you provide leads — or facilitate lead purchases — you need vendor reps in writing attesting to consent capture, with the underlying documentation available on demand.

Dialer governance. If your platform integrates with or pays for dialer software your agents use (Mojo, Vulcan7, PhoneBurner, etc.), you may be inheriting a control relationship that supports vicarious liability. At minimum, document that the agents — not you — make the dialing decisions, and require dialer-level compliance training as a condition of access.

Training records. The training you provide to agents about TCPA compliance is now plaintiff-discoverable evidence, in both directions. If your training is thin, that’s a problem. If your training is robust but agents ignored it, that’s actually evidence that supports a “we did our part” defense. Document everything.

The wider implication

Real estate, insurance, financial services, MLM, home services — any industry built on a 1099 sales force and a corporate brand is in the blast radius of the eXp ruling’s logic. The defense playbook of “they’re independent, don’t blame us” is collapsing under courts that are willing to look at the actual operational relationship. If you’re running an agent network and you haven’t stress-tested your structure against a vicarious-liability TCPA theory, that work should start this quarter, not next.

Note the timing of the existing eXp Realty settlement history: a separate $26.9 million settlement is already on the books. The Usanovic case is in addition to that. Operators sometimes mentally categorize TCPA exposure as a one-time settlement event. eXp is the reminder that it can be a recurring, multi-year, multi-case bleed.

What to do this week

Pull your agent agreements. Specifically check the indemnification language: are your agents indemnifying you for TCPA violations, or are you indemnifying them? If it’s the latter, that’s not just a contractual issue — it’s a signal to plaintiffs’ counsel about who controls the calling behavior. Then audit your lead provisioning: do you provide, recommend, or facilitate access to the leads your agents call? Each of those words carries different exposure. Document accordingly.

Sources

Usanovic v. eXp Realty, 2026 WL 864633 (W.D. Wash. March 30, 2026); stay denial reporting from TCPAWorld (May 1, 2026); National Law Review coverage of direct-liability holding.

05/2026 by ParisR

Operators, This Tennessee TCPA Ruling Is Your New Lead-Consent Playbook

A federal judge in the Eastern District of Tennessee just handed TCPA defendants a rare procedural win — and it should reframe how operators think about lead documentation. On May 11, 2026, U.S. District Judge Katherine A. Crytzer denied the plaintiff’s Rule 56(d) request in Brockington v. Hume Health, LLC, refusing to defer summary judgment so the plaintiff could fish for more discovery on her consent claim. The decision (2026 WL 1284850) is the kind of small, technical ruling that quietly changes the math on whether a TCPA class action is worth bringing in the first place.

What actually happened

Sheri Butler Brockington sued Hume Health alleging it called and texted her in violation of the TCPA and the National Do Not Call Registry rules. Hume Health moved for summary judgment, attaching its evidence of consent: a Facebook lead form Brockington had filled out, complete with the “SIGN UP” click that allegedly authorized the contact. Instead of opposing the motion on its merits, the plaintiff asked the court to delay summary judgment under Rule 56(d), claiming she needed more discovery to challenge the lead’s authenticity.

Judge Crytzer wasn’t having it. She held that Brockington failed to identify specific facts she expected to find or explain how additional discovery would actually defeat the consent defense. Bare assertions that “more discovery might reveal something” don’t clear the Rule 56(d) bar. The court will now decide the summary judgment motion on the existing record — a record that includes Hume Health’s lead documentation.

Why this matters for operators

For anyone running outbound calling or texting off paid lead sources, the practical lesson is brutal and useful: the quality of your consent record at the moment of capture determines whether a TCPA case lives or dies. Hume Health is in this position because it has a screenshot, a timestamp, an IP address, and a clean audit trail tying Brockington’s number to the form submission. That documentation is what flipped a class action from “discovery nightmare” to “summary judgment in 90 days.”

If your lead capture pipeline can’t produce that artifact on demand for any phone number on any list, you’re a Rule 56(d) request away from being on the wrong side of this ruling. Operators should be auditing three things this week: (1) whether their lead vendors retain raw form-submission data with full metadata, (2) whether that data is retrievable per-number on a one-day SLA, and (3) whether the disclosure language above the submit button actually clears Reyes v. Lincoln Automotive Financial Services and the broader “clear and conspicuous” standard.

The Rule 56(d) angle is the real signal

What’s notable about Brockington isn’t the consent fight itself — that’s still pending. It’s that the court refused to let a TCPA plaintiff use discovery as leverage to extract a settlement. Rule 56(d) fishing expeditions have been one of the most reliable tools in the professional plaintiff playbook: file a thin complaint, survive the motion to dismiss, demand discovery, and let the defense costs do the rest. A court willing to deny that move on a clear record changes the calculus for both sides.

Expect more defendants to push for early summary judgment on consent when they have the receipts. And expect plaintiffs’ counsel to scrutinize lead provenance harder before filing — because the cases where lead data is clean and dated are now the cases that end fastest.

What to do Monday morning

Three concrete actions for operators reading this: First, pull a random sample of 25 phone numbers off your most recent dialer list and try to produce the underlying consent artifact (form, source URL, timestamp, IP, disclosure text shown at submit). If you can’t, escalate to the lead vendor today. Second, get your lead-storage retention policy in writing — many vendors quietly delete raw submission data after 90 days, which is exactly when you need it most. Third, make sure your dialer’s “do not contact” logic is wired to the same source-of-truth that holds consent records, so a revocation request actually propagates.

Sources

Brockington v. Hume Health, LLC, 2026 WL 1284850 (E.D. Tenn. May 11, 2026); coverage at National Law Review and LitNews.ai.

05/2026 by ParisR

Federal TCPA Is Loosening. State AGs Are Tightening. Operators, Pay Attention.

While the FCC is busy proposing to roll back federal telemarketing rules, state attorneys general are heading the opposite direction. The state-level TCPA and DNC enforcement environment in 2026 is meaningfully more aggressive than it was even a year ago, and operators running national outbound programs need to update their compliance map.

Three signals to know

New York raised the per-violation ceiling to $20,000. The state’s maximum fine for violations of its Do-Not-Call list is now $20,000 per call. For a moderate-volume violation, that math is brutal — a single misfired campaign of 1,000 calls into New York can theoretically support a $20 million state-level penalty in addition to whatever federal TCPA damages a private plaintiff might pursue.

Mississippi shifted DNC enforcement to the AG. H.B. 1225 transferred authority over the state’s No-Call program to the Mississippi Attorney General’s office, materially increasing both the resourcing and the political incentive behind state-level enforcement. AG offices are structurally better suited than agency-level staff to bring high-profile enforcement actions, and Mississippi is now positioned to do exactly that.

The 51-AG anti-robocall task force is active. All 50 state attorneys general plus the District of Columbia AG have organized into the Anti-Robocall Litigation Task Force, sharing information, coordinating on multistate enforcement, and developing joint litigation strategy. That coordination materially raises the ceiling on what state-level enforcement can do — multistate actions with the leverage of federal-class enforcement, but with state-law theories of liability.

The strategic shift

For most of TCPA history, the federal layer was the binding constraint. State rules existed but were enforced lightly; the action was in private litigation under the federal statute. That picture is flipping. The federal rulebook is loosening as the FCC proposes to scrap revoke-all, abandon-rate caps, company-specific DNC requirements, and prescriptive callback rules. State AGs and state legislatures are stepping into that vacuum with stricter rules, higher penalty ceilings, and more aggressive enforcement.

The net effect for operators is a more fragmented compliance landscape. A national outbound program now faces a federal rulebook that’s getting simpler, plus a state-by-state patchwork that’s getting more complex. The compliance investment has to shift accordingly: less federal-rule monitoring, more state-rule monitoring; less reliance on FCC guidance, more reliance on AG enforcement signaling.

What operators should be doing

Three operational priorities for the next two quarters:

Build state-level rules into your dialer logic. If your platform treats TCPA compliance as a single set of rules applied uniformly across all dials, you have a structural problem. The rules around quiet hours, consent, DNC scope, and registration vary by state and are increasingly diverging. Your dialer needs to know the called party’s state, apply the state-specific rule, and log the decision for audit.

Track state DNC registrations separately. The federal DNC list is the floor, not the ceiling. There are now 14 states with active state-level DNC registries; some of them have content the federal list doesn’t. Suppression has to run against both layers.

Tune your monitoring for AG announcements. Subscribe to state AG press releases, monitor multistate task-force announcements, and tag your compliance dashboard for any enforcement signaling specific to your industry. By the time a state AG files an action, the operating environment has typically been telegraphed for weeks.

If you’re running an outbound calling or texting program, screening your lists against known TCPA litigators before you dial is one of the cheapest forms of insurance you can buy. TCPALitigatorList.com maintains a continuously updated database of plaintiffs who have already filed TCPA suits — feed it into your dialer’s suppression layer and skip the numbers that have a documented history of turning a single text into a five-figure demand letter.

The bigger picture

The federal-state compliance balance in TCPA is shifting in ways that will materially shape outbound operations through 2027. Operators who treat the federal rollback as an “all-clear” signal are setting themselves up for state-level enforcement surprise. The smarter posture is to view the federal layer as one of many sources of compliance obligation — and increasingly, not the most important one.

Sources: Searchbug 2026 state laws; Hollingsworth on state AG enforcement; Mac Murray Shuster.