TCPA exposure reaches beyond the entity that physically places a call or text. Sellers, platforms, carriers, and even individual officers can face direct or vicarious liability when control, authority, or ratification is present.
Quick Article Takeaways
- TCPA liability follows control, authority, and benefit, not labels. Courts and the FCC look beyond “independent contractor” language to who directs scripts, systems access, cadence, and who keeps the revenue flowing after complaints.
- Sellers can be liable for third-party telemarketers. The FCC’s 2013 ruling and subsequent court decisions anchor vicarious liability on actual/apparent authority and ratification, making operational governance and documented remediation critical.
- Contractual provisions will not protect sellers from potential liability. While indemnification and compliance covenants are important, courts look to the actual course of conduct between seller and marketer to determine whether to impose liability.
- Platforms and carriers are not immune. Active facilitation or failure to act on known illegal traffic can create direct exposure, especially as the FCC tightens blocking and opt-out obligations.
TCPA Liability is Broader Than “Who Dialed”
TCPA liability can attach to multiple actors participating in or benefiting from unlawful calls or texts. Beyond the marketer who “makes” or “initiates” a call, courts, the FCC, and plaintiffs scrutinize platform involvement, carrier conduct, corporate officer participation, and the seller–telemarketer relationship. The more an entity designs, directs, or benefits from a campaign—and the less it responds when problems surface—the greater the exposure to direct or vicarious liability theories.
This is due to the legal principle of vicarious liability, in which a person or entity can be held responsible for the wrongful actions of another person, even if they didn’t directly commit the wrongdoing themselves. In contrast, the person or entity that engaged in the wrongful act bears direct liability for the consequences. Depending upon the circumstances, various participants in the lead chain can be held directly or vicariously liable for a TCPA violation.
Direct TCPA liability
Primary Callers and Message Senders: The most straightforward path to liability is for the entity that “makes” or “initiates” calls or texts using an ATDS, artificial voice, or prerecorded voice without the required consent. This includes in-house programs and external telemarketers acting as direct dialers.
Platform Providers and Dialing Services: Technology vendors face direct liability when they are “so involved in the placing of a specific telephone call as to be directly liable for making it,” a standard grounded in FCC rulings and forfeiture actions. Offering spoofing features, scripting assistance, granular control over call flows, or otherwise architecting campaign execution can cross the line from “passive intermediary” to direct participant. The FCC has imposed multimillion-dollar forfeitures in cases finding platform-level participation in illegal calling.
Voice Service Providers and Carriers: Courts have recognized potential direct exposure for carriers that are actively involved in facilitating scam robocalls or that have actual notice of illegal traffic and fail to take effective steps. Heightened carrier obligations to mitigate illegal texts and calls continue to evolve through FCC proceedings and orders.
Corporate Officers and Directors: Individuals can face direct personal liability where they directly participate in, authorize, or control unlawful conduct. Some courts require specific actions (e.g., approving scripts), while others credit broader operational control and policy-setting as sufficient to impose personal responsibility.
Vicarious TCPA liability
Sellers and Service Providers: Outsourcing telemarketing does not insulate a seller. Under the FCC’s 2013 Dish Network ruling, sellers may be vicariously liable for third-party telemarketers under federal common-law agency principles—actual authority, apparent authority, and ratification. Courts look past “independent contractor” labels to the real-world relationship: provision of scripts or tradenames, access to systems and customer data, quality controls, and performance oversight all matter.
Insurance and Financial Institutions: Courts have sustained agency-based claims where insurers or financial institutions authorized affiliates or lead vendors to use approved scripts, brands, or proprietary data—classic “manifestations” supporting actual or apparent authority.
Lead Generators and Buyers: Lead generators face direct exposure for their own conduct and can create vicarious exposure for downstream buyers when agency indicators exist. Buyers relying on affiliates and sub-affiliates must police consent provenance and marketing conduct to avoid ratification or authority-based liability.
Agency Theories
To hold a party vicariously liable for the acts of another party requires litigants to employ an agency theory. The key concept behind agency theories is that certain relationships create a legal responsibility where one party (usually the one with more control and resources) must answer for the conduct of another party who is acting on their behalf or under their direction.
TCPA litigants typically utilize one of the following agency theories when attempting to hold a seller liable for calls or texts placed by a marketer:
Actual Authority: Actual authority is just that- it is created by the seller’s actual authority over the marketer. This can be in the form of express instructions, or implied authority from the seller’s conduct and expectations. Courts vet whether the seller’s directions reasonably led the marketer to believe it was authorized to act as it did.
Apparent Authority: Apparent authority turns on the seller’s manifestations to the consumer or outward-facing signals traceable to the seller (e.g., shared branding, system access, or representations) that reasonably suggested the marketer acted on the seller’s behalf.
Ratification: Agency by ratification arises when a seller accepts the benefits of a marketer’s unauthorized acts with knowledge or willfully blinds itself to the fact that those acts are taking place. Continuing to accept sales or leads after receiving complaints or demand letters, while failing to remediate, can support ratification claims.
Key Considerations That Courts Weigh Heavily
It’s important to note that the imposition of vicarious liability under an agency theory is not automatic. The only parties held expressly liable for TCPA violations in the statute are those who “make” or “initiate” a call, so plaintiffs must be able to present evidence sufficient to convince a court that others should also be held responsible. The following are critical factors courts review to make that determination.
Control and Oversight: Detailed control over messaging, cadence, lead use, list sourcing, KPIs, and QA—especially with the ability to halt campaigns—supports agency. Contractual disclaimers carry less weight than actual operational control.
Access to Proprietary Systems and Data: Granting marketers access to CRM records, pricing, or internal tools suggests agency and blurs “independent” status.
Financial Incentives: Compensation structures that reward higher volumes or outcomes likely to induce violations can support vicarious liability narratives.
Knowledge and Response: Knowledge of violations coupled with inaction bolsters theories of ratification. Tracking complaints, promptly suspending vendors, and remedial audits cut against arguments of agency by ratification.
Contract Terms: Necessary but not Sufficient
Many sellers rely on contractual terms to help protect them against vicarious liability claims. However, while such terms are important, they cannot shield the seller all by themselves.
Indemnification: Indemnity and compliance covenants are valuable for risk transfer between contracting parties but do not defeat plaintiffs’ agency theories because consumers are not parties to those contracts. Courts prioritize the real relationship and conduct over boilerplate.
Agency Disclaimers: Disclaimers do not control where facts show authority, control, or ratification. Robust operational governance and documented enforcement of contractual compliance are more persuasive than labels.
Practical Controls to Reduce Direct and Vicarious Exposure
Fortunately, sellers do have the power to limit their TCPA exposure, but the following steps must be taken well before a violation arises.
Third Party Governance: Sellers should conduct rigorous vendor onboarding, script approvals, and pre-launch testing. Ideally, they should also require proof of compliant consent flows and document QA reviews and remedial actions. In addition, sellers must suspend or terminate noncompliant partners swiftly and maintain records to that effect.
Contract + Conduct: Sellers cannot rely on contractual provisions for complete protection. Instead, they must complement indemnity, audit rights, data lineage warranties, and sub-vendor flow-down obligations with actual, periodic audits and consequence frameworks. In other words, contractual disclaimers are insufficient without provable oversight.
Officer Oversight and Personal Liability: For large companies, board-level reporting on complaint trends, vendor remediation, and opt-out trends can help demonstrate corporate governance and reduces individual exposure where jurisdictions consider operational control.
Carrier and Platform Safeguards: Carriers and dialing platforms must always monitor traffic for patterns of illegal calling, disable spoofing features not compliant with law, enforce opt-out performance, and maintain documentation of mitigation steps to rebut “active facilitation” allegations.
