TCPA Compliance Guide

Understanding call recording consent and AI disclosure requirements

Legal Disclaimer

This guide is for informational purposes only and does not constitute legal advice. Laws and regulations vary by jurisdiction and change over time. We strongly recommend consulting with a qualified attorney to ensure compliance with all applicable laws in your specific situation.

1. Overview

When using AI voice agents to handle phone calls, you must comply with federal and state laws regarding:

  • Call recording consent
  • AI/automated system disclosure
  • Telemarketing regulations (if applicable)
  • Do Not Call (DNC) registry compliance

Non-compliance can result in significant fines ranging from $500 to $1,500 per violation.

2. Federal Laws

2.1 TCPA (Telephone Consumer Protection Act)

The TCPA regulates calls made using automated systems, including AI-generated voices. In February 2024, the FCC clarified that AI-generated voices are considered "artificial or prerecorded" under TCPA.

  • Requires prior express consent for automated calls
  • Marketing calls require prior express written consent
  • Must provide opt-out mechanism
  • Penalties: $500-$1,500 per violation

2.2 Federal Wiretap Act

Federal law follows "one-party consent" - meaning at least one party to the conversation must consent to recording. Since your business is a party, federal law is satisfied if you consent to your own recordings.

However: State laws may impose stricter requirements.

3. State Consent Requirements

States fall into two categories for call recording consent:

One-Party Consent

Only one person in the conversation needs to consent. Since you (the business) consent to your own recordings, this is automatically satisfied.

Includes: Most states (38+)

Two-Party/All-Party Consent

ALL parties must consent to recording. You must notify the caller AND they must agree (explicitly or by continuing the call after disclosure).

Includes: 12 states (see list below)

Two-Party Consent States

California(CA)
Connecticut(CT)
Florida(FL)
Illinois(IL)
Maryland(MD)
Massachusetts(MA)
Michigan(MI)
Montana(MT)
Nevada(NV)
New Hampshire(NH)
Pennsylvania(PA)
Washington(WA)

Best Practice: Universal Disclosure

Since you cannot always know where callers are located, the safest approach is to always disclose recording and AI use at the start of every call. This ensures compliance with the strictest state laws.

4. AI Disclosure Requirements

4.1 California AB 2905 (Effective Jan 2025)

California requires disclosure when callers are interacting with AI:

  • Must disclose AI at the beginning of the call
  • Penalty: $500 per undisclosed AI call
  • Applies to both inbound and outbound calls

4.2 FCC Requirements

The FCC requires clear disclosure when using AI-generated voices:

  • Immediate disclosure of AI use at call start
  • Easy opt-out mechanism for automated calls
  • Recognition of opt-out keywords ("stop," "unsubscribe," etc.)

5. Compliance Checklist

Enable Recording Disclosure

Include "This call may be recorded" in your AI agent's greeting

Enable AI Disclosure

Include "You are speaking with an AI assistant" in your greeting

Provide Human Escalation

Allow callers to request a callback from a human representative

Document Consent

Maintain records of when disclosure was provided (CallsOrbit does this automatically)

Retain Records for 5 Years

Keep consent documentation for at least 5 years (TCPA requirement)

6. Do Not Call (DNC) Compliance

If you make outbound calls (marketing, follow-ups), you must comply with DNC requirements:

  • Scrub against National DNC Registry: Check phone numbers against the FTC's DNC list every 31 days minimum
  • Maintain internal DNC list: Honor opt-out requests from anyone who asks not to be called
  • Process opt-outs within 10 days: Act on DNC requests promptly
  • Keep records: Document your DNC compliance procedures

Note for Inbound Calls

DNC requirements primarily apply to outbound calls. If you are only receiving inbound calls (customers calling you), DNC scrubbing is not required for those calls.

7. Penalties for Non-Compliance

ViolationPenalty
TCPA violation (per call)$500 - $1,500
California AB 2905 (per undisclosed AI call)$500
DNC Registry violationUp to $43,792
CCPA/CPRA violation (per incident)$2,500 - $7,500
Illinois BIPA (biometric data)$1,000 - $5,000

Note: These penalties can be multiplied by the number of violations. Class action lawsuits can result in millions in damages.

8. How CallsOrbit Helps

CallsOrbit provides tools to help you maintain compliance:

  • Automatic Disclosure: Option to prepend recording and AI disclosure to all calls
  • Consent Timestamps: We record when disclosure was provided for each call
  • Recording Storage: Secure storage of call recordings with configurable retention
  • Human Escalation: Built-in capability for callers to request human callback
  • Data Deletion: Tools to delete recordings and data on request

9. Recommended Disclosure Script

We recommend including the following in your AI agent's greeting:

Recommended Disclosure (Concise)

"Hi, this call may be recorded and you're speaking with an AI assistant. How can I help you today?"

Alternative (With Business Name)

"Hi, thanks for calling [Business Name]. This call may be recorded and I'm an AI assistant. How can I help?"

These disclosures address both recording consent and AI transparency requirements in a single, concise statement. Callers who continue the conversation after this disclosure are deemed to have consented (implied consent).

10. Resources

11. Questions?

For questions about compliance features or implementing disclosures:

CallsOrbit Support

Email: support@callsorbit.com

For legal advice specific to your situation, please consult with a qualified attorney specializing in telecommunications law.