AI Meets TCPA: Navigating Business Compliance Risks in Phone Communications

As artificial intelligence continues to transform business communications, companies will continue to face significant—and in some cases, increased—legal risks under the Telephone Consumer Protection Act (TCPA) when choosing to utilize AI-powered calling and messaging technologies. The Federal Communications Commission’s (FCC) recent regulatory actions in the past year confirm that AI-powered tools are not exempt from its reach, and the FCC has gone so far as to establish that AI-generated voices fall squarely within the TCPA’s restrictions, which creates numerous liability traps for those who fail to comply.

Recent AI-Targeted Additions to TCPA Regulations

In February 2024, the FCC unanimously adopted a Declaratory Ruling that fundamentally changed the compliance landscape for AI in telecommunications. The ruling explicitly confirmed that the TCPA’s restrictions on “artificial or prerecorded voice” encompass current AI technologies that generate human voices and makes it clear that the FCC not only intends to regulate AI technology the same way it governs the use of other tools under existing TCPA frameworks, but that it will do so without AI-specific exceptions. The immediate impact of this ruling was significant: effective immediately upon the Declaratory Ruling, any business utilizing AI-generated voices in outbound calls was required to comply with all TCPA requirements. These requirements include: (i) obtaining prior express consent from called parties; (ii) providing proper identification information; (iii) and honoring opt-out requests.

The FCC did not stop with this declaration. In August 2024, the Commission proposed new rules specifically targeting AI-generated calls and text messages. There, the FCC created a formal definition of “AI-generated calls,” which requires businesses to disclose a future intent to use AI-generated calls when obtaining consent from consumers and mandating consumer disclosure of AI-generated voices in each instance they are used.

Even more recent was the FCC’s proposed one-to-one consent rule, which was set to take effect in January 2025, and would have required marketers to obtain prior express written consent “one seller at a time” and sought to mandate that subsequent calls and texts be “logically and topically associated with the interaction that prompted the consent.” However, on the eve of the date that rule was set to take effect, the Eleventh Circuit Court of Appeals vacated the proposed rule, finding that the FCC had exceeded its statutory authority.

While certain challenges and court action may delay or invalidate certain proposals altogether, such efforts signal that the FCC is intent on regulating AI in telecommunications, and that compliance requirements will likely continue to become more stringent over time.

Strategic Risk Mitigation Approaches

Although the TCPA’s restrictions related to AI tools may seem daunting, there are many ways in which businesses can protect themselves from the potential of severe financial liability resulting from misuse of the same. First, businesses should implement—and enforce adherence to—comprehensive consent protocols. Such protocols should include, at a minimum: (i) reviewing and updating consent language to explicitly apply to AI-generated communications; (ii) maintaining detailed consent records, which include timestamps and identification of the disclosures that were provided; and (iii) implementing systems to track consent revocations and comply with opt-out requests expeditiously. Businesses should also consider employing their own requirements, including but not limited to requiring explicit disclosure of when AI is being utilized, training representatives to appropriately explain how AI is being used, and ensuring that AI systems are utilizing a script that includes requisite disclosures.

In addition to the risks AI tools may present, AI is also a valuable partner in a business’s fight to maintain compliance with the TCPA. For example, AI tools can help mitigate certain TCPA risks by: (i) flagging numbers on the Do Not Call Registry; (ii) tracking consumer consent and opt-out requests as they occur; and (iii) analyzing a business’s communication patterns to consistently ensure adequate compliance monitoring. In addition to educating themselves on how not to use AI, businesses can similarly benefit from learning how and when to appropriately do so.

Conclusion: Navigating the AI-TCPA Intersection

The integration of AI technologies into telecommunications presents both opportunities and significant legal risks. The FCC’s recent actions make it clear that regulatory authorities are focused on ensuring that AI advancements do not undermine the TCPA’s purposes with respect to consumer protections, and that businesses wishing to leverage AI in their communication strategies must approach these technologies with a thorough understanding—and caution—of the evolving regulatory landscape.

By treating TCPA compliance as an integral part of AI strategy rather than as an afterthought, businesses can minimize legal exposure while still benefiting from the efficiencies and capabilities that AI communication technologies offer. As always, DarrowEverett continues to monitor the TCPA’s evolution and is readily available to assist our clients in properly navigating compliance with—and defending themselves against—the same.

——————————————————————–

This DarrowEverett Insight should not be construed as legal advice or a legal opinion. This Insight is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. The contents are intended for general informational purposes only, and you are urged to consult your attorney concerning any particular situation and any specific legal question you may have. Please reach out to us if you need help addressing any of the issues discussed in this Insight, or any other issues or concerns you may have relating to your business. We are ready to help guide you through these challenging times.

This Insight does not constitute written tax advice as described in 31 C.F.R. §10, et seq. and is not intended or written by us to be used and/or relied on as written tax advice for any purpose including, without limitation, the marketing of any transaction addressed herein. Any U.S. federal tax advice rendered by DarrowEverett LLP shall be conspicuously labeled as such, shall include a discussion of all relevant facts and circumstances, as well as of any representations, statements, findings, or agreements (including projections, financial forecasts, or appraisals) upon which we rely, applicable to transactions discussed therein in compliance with 31 C.F.R. §10.37, shall relate the applicable law and authorities to the facts, and shall set forth any applicable limits on the use of such advice.