Regulatory Report: April 2026

Below is a recap of the essential regulatory updates for contact compliance professionals for April.  

This is a marketing blog and is not intended, nor should it be interpreted, as legal advice. Please seek legal counsel for full interpretations of all rules and laws outlined in this blog.

Good Intentions, Real Consequences: The Protecting American Consumers from Robocalls Act Returns 

Senator Dick Durbin and Representatives Jan Schakowsky and Kevin Mullin have reintroduced the Protecting American Consumers from Robocalls Act, a bill aimed at closing gaps in the Telephone Consumer Protection Act (TCPA) that scammers have long exploited. The intent is legitimate – Americans lost over $1.1 billion to phone scams in 2025. But the bill’s reach goes well beyond bad actors. 

Four changes warrant close attention for any business running outbound call or text programs: 

• DNC Scope – Do Not Call (DNC) Registry protections would expand beyond residential lines to all telephone subscribers – the bill text is broad, but sponsors specifically highlight small businesses, allowing them to register their numbers for protection; outbound programs calling those numbers would need to honor those registrations  
• Private Right of Action – triggers after just one call, down from the current threshold of two or more calls within 12 months; again, sponsors specifically call out small businesses as intended beneficiaries  
• Damages – shift from “up to $500” to a minimum $500 per violation, removing ceiling ambiguity and increasing baseline exposure  
• (This modified ATDS definition would effectively reverse the Supreme Court’s 2021 definition in Facebook v. Duguid) ATDS Definition – broadened to include any system that dials from a stored list without human intervention, potentially capturing most predictive and automated dialers in use today 

 If enacted, the Federal Communications Commission (FCC) would have 270 days to revise DNC regulations accordingly. The bill is in its early stages – but its reintroduction is worth monitoring closely, particularly the ATDS expansion. 

See the bill here.

Courts Say Verbal Consent May Suffice – But Proving It Is Another Story 

A Maryland federal judge has ruled that written consent is not required under the Telephone Consumer Protection Act (TCPA) to make telemarketing calls – adding to a growing wave of courts pushing back on the Federal Communications Commission’s (FCC) long-standing rule that telemarketers must obtain consent in writing before placing calls. The decision in Bradley v. DentalPlans.com threw out a consumer class action, finding that verbal consent is enough under the law as written. 

The ruling follows the Fifth Circuit’s earlier decision in Bradford v. Sovereign Pest, which reached the same conclusion. Both cases trace back to the Supreme Court’s 2024 Loper Bright ruling, which stripped courts of their longstanding practice of simply deferring to how federal agencies interpret the laws they enforce – opening old FCC rules up to fresh scrutiny. 

And it may not stop there. Duane Morris notes that these two rulings represent only the middle ground – some courts are going even further, questioning whether the FCC ever had the authority to interpret the TCPA at all. The landscape is shifting fast. 

For outbound calling programs, the practical message is this: verbal consent may now hold up in certain jurisdictions, but that is not a reason to loosen consent practices.  

As Bubeck Law pointedly notes: 

• In TCPA litigation the burden of proving consent falls on the caller – and proving verbal consent without a recording or reliable documentation can be extremely difficult, especially years after the fact 
• “Bradford is significant but contained. It narrows one federal consent requirement in one circuit. It does not eliminate do-not-call exposure, override state statutes, or remove the need to document consent carefully.” 

Written consent creates a clear evidentiary record that verbal consent simply cannot match.  

This must be understood: these rulings are not national 

• Bradford binds only federal courts in Texas, Louisiana, and Mississippi 
• Bradley adds the District of Maryland to the mix 
• Outside those jurisdictions, the FCC’s written consent requirement remains in effect and courts continue to apply it 

State telemarketing laws add another layer – many states expressly require written consent for prerecorded marketing calls regardless of what federal courts decide.  

What felt like settled ground six months ago no longer is – and with different rules now applying depending on where your activity or your customers are located, a patchwork of consent standards is quickly becoming the new reality. Monitor this one closely. 

Is a Text Message a Phone Call? Courts Still Can’t Agree – And That’s Your Problem 

One of the most consequential unsettled questions in outbound compliance right now is deceptively simple: does a text message count as a “telephone call” under the Telephone Consumer Protection Act (TCPA)? The answer – depending on which court is hearing your case – is increasingly either yes or no, and courts are actively going in opposite directions. 

The root cause: the Supreme Court’s McLaughlin decision freed lower courts from deferring to the Federal Communications Commission’s (FCC) long-standing interpretation that texts are calls. Courts now interpret the TCPA’s plain language independently – and are reaching very different conclusions. 

Three late-March 2026 rulings show just how fragmented it’s become: 

• Richards v. Fashion Nova, No. 1:25-cv-01145-TWP-MKK (S.D. Ind. Mar. 26, 2026)  
  • Texts are NOT calls. Dismissed.  
  • The court relied on Webster’s Dictionary definition of “telephone” as an instrument for reproducing sounds – concluding texts simply weren’t contemplated when the TCPA was enacted in 1991 
• Richards v. Shein Distribution Corporation, No. 1:25-cv-01385-TWP-TAB (S.D. Ind. Mar. 26, 2026) 
  • Texts are NOT calls. Dismissed.  
  • Identical reasoning, same judge, same day. Both courts stated plainly: “It is not for a court to legislate by reading into the TCPA something that is not there”
• Rubin v. Staples, Inc., No. 2:25-cv-15515 (D.N.J. Mar. 31, 2026) 
  • Nuanced. The New Jersey court concluded texts can qualify as calls under § 227(c)(5) – but dismissed the case anyway on pleading grounds.  
  • Staples won on a technicality, not the underlying legal question 

The Indiana cases carry extra weight. As Bubeck Law previously stated, both Richards cases had been stayed pending the Seventh Circuit’s ruling on this exact question. These March decisions represent those courts finally picking a side. The Seventh Circuit’s ruling – whenever it comes – will be a defining moment. 

The overall scorecard still favors texts-as-calls, roughly 2-to-1 as of late April 2026, but that number obscures what matters most: the gap has narrowed sharply since late 2025, the texts ≠ calls decisions tend to be the side gaining more traction in later rulings, and with no circuit court having squarely ruled, venue is increasingly outcome-determinative – the same SMS campaign can be dismissed in Indiana and survive to class discovery in Illinois.

For businesses running SMS outreach programs, the bottom line is straightforward even if the law is not: treat texts like calls. Consent certification, Do Not Call (DNC) list certification, and immediate opt-out honoring remain non-negotiable – because which legal standard applies depends on where a case is filed, and that’s not always within your control. Where the plaintiff resides, where your company is headquartered, and where the violation is deemed to have occurred can all determine jurisdiction. Until the circuit courts – starting with the Seventh – bring clarity, compliant outreach practices are your best and only consistent defense. 

Don’t Mistake CFPB’s Retreat for Regulatory Relief – The FTC Is Stepping Up 

The Trump Administration’s FY2027 budget proposes $427 million for the Federal Trade Commission (FTC) – an 11% increase – with $18 million earmarked specifically for Telemarketing Sales Rule (TSR) enforcement.  

• For debt relief and credit counseling companies, this is a direct signal: TSR oversight isn’t softening. The FTC’s authority under the TSR operates independently of the Consumer Financial Protection Bureau (CFPB), which has significantly pulled back its broad enforcement activity (it’s now more targeted on areas of highest consumer harm.) As state regulators step in to fill that gap, the FTC is moving in the opposite direction – resourced and ready. 
• For telemarketers broadly, the message is the same: a dedicated enforcement budget means the FTC is positioned to remain active. The agency’s five-year strategic plan through 2030 explicitly flags telemarketing as a continued enforcement priority. 

Worth noting – TSR enforcement funding is partially self-funded through its own fee mechanisms, making it less vulnerable to broader budget-cycle shifts than other federal programs. Under the TSR, each non-compliant call or text can trigger a separate penalty – and for high-volume outbound operations, that exposure adds up fast.  

Companies with outbound calling or texting programs have every reason to treat TSR compliance as an ongoing priority – this budget just reinforces it. 

Note: Budget proposal is subject to Congressional approval. 

4.2 Billion Robocalls in March – The Highest Since July 2025 and Climbing 

The YouMail Robocall Index is out for March 2026, and the headline number is hard to ignore:  

• 4.2 billion robocalls* reached U.S. consumers 
• 9.8% increase from February 
• Highest monthly volume since July 2025, breaking a six-month streak averaging under 4 billion

At 135.7 million calls per day and 1,571 per second, the scale is staggering. But for outbound calling teams, the more telling stat is what’s driving the volume.  

• Telemarketing and scam calls account for roughly 2.3 billion of those calls – about 55% of the total

 That’s the environment your calls are landing in. When over half of all robocalls are telemarketing or scam-related, carriers are blocking more aggressively and consumers are answering less – making it harder for compliant outbound programs to reach the people they’re trying to serve. 

The good news: March’s increase was largely driven by legitimate categories – notifications up 17% and payment reminders up 14% – not a surge in scam activity.

For compliant outbound programs, that distinction matters – it signals that carriers and regulators are increasingly able to differentiate between scam traffic and legitimate calling activity, which is exactly the environment where good compliance practices pay off. 

Clean contact list certification, proper consent, and caller identity best practices aren’t just compliance checkboxes – they’re what separates your calls from the noise. 

*YouMail defines a robocall as any call detected through its network as being automated, using audio fingerprints, call-pattern analytics, and user reports, and includes both legitimate automated calls and illegal scam or telemarketing calls. 

YouMail measures the total call volume captured via its network, while PIRG focuses on consumer‐reported scam/telemarketing calls. 

The FCC Is Coming for Foreign Call Traffic – And the BPO Model Is in the Crosshairs 

The Federal Communications Commission (FCC) has been building a regulatory framework around foreign call traffic since October 2025, and the regulatory trajectory is unmistakable: offshore and nearshore outbound operations face a level of scrutiny they’ve never seen before. For telemarketers, debt collectors, and the business process outsourcing (BPO) vendors that serve them, the cumulative impact of these proposals warrants immediate attention. 

The exposure may not stay within FCC-regulated industries: the National Retail Federation (NRF) has already filed formal opposition, warning the framework could spread to retail and other sectors.  

The key actions to date: 

• Call Branding Further Notice of Proposed Rulemaking (FNPRM) (Oct. 2025) – Would require calls originating outside the U.S. to carry a visible foreign-origin indicator, potentially devastating answer rates for offshore outbound programs 
• Call Center Onshoring NPRM (Mar. 27, 2026) – Proposes capping foreign-staffed calls at roughly 30% of volume, mandatory English proficiency certification, start-of-call disclosures for offshore routing, sensitive data restricted to U.S.-only agents, and a hard prohibition on call centers in foreign adversary nations including China, Russia, Iran, and North Korea 
• Numbering Policies NPRM (Mar. 27, 2026) – Targets how telephone numbers are obtained and managed, signaling that number rotation arrangements used by some offshore operations may become enforcement triggers 
• $4.5 million fine against Voxbeam (Apr. 2, 2026) – A direct enforcement signal: gateway providers accepting traffic from unregistered foreign sources face significant per-call exposure 
• Know Your Customer (KYC) FNPRM (Apr. 9, 2026) – Proposes per-call penalties for originating providers that skip customer verification, scaling fines to call volume and harm caused

Industry Pushback: Retailers Push Back The Onshoring NPRM has already drawn opposition beyond telecom. The NRF filed a letter this week citing “serious concerns,” arguing offshore operations are already subject to rigorous oversight and that mandatory caps, disclosures, and transfer requirements would create bottlenecks and longer queues. NRF’s deeper worry: that the FCC’s framework becomes a template emulated across sectors. For BPOs serving retail alongside telecom clients, that’s worth tracking in comment filings. 

FCC Chair Carr posted about it on X, seeking comment. 

The FCC isn’t waiting for final rules to act – the Voxbeam fine sent a clear message. And with the Onshoring NPRM published in the Federal Register on Apr. 23, 2026, the comment clock is running – submitted comments due May 26, reply comments June 22. For outbound programs relying on offshore or nearshore operations, the time to audit foreign call volume, pressure-test vendor contracts, and model compliance scenarios starts today – not when final rules arrive. 

Note: Items above reflect proposals at various stages of the rulemaking process. 

Know Your Traffic – Or Pay the Price: The FCC Makes Its Point 

The Federal Communications Commission (FCC) has been sending a consistent message since October 2025 across multiple proposed rulemakings: foreign robocall traffic is a top enforcement priority – and providers who don’t actively police it will be held accountable. 

The latest proof: a $4.5 million proposed fine against Voxbeam Telecommunications for routing over 60,000 calls from Axfone – a Czech provider never registered in the FCC’s Robocall Mitigation Database (RMD) – into U.S. networks.  

Approximately 80% of the caller IDs were spoofing Chase and Bank of America numbers in apparent bank impersonation scams – specifically, their fraud departments and customer service lines.  

The red flags were there:  

• A dormant Axfone account inactive since 2018 was suddenly reactivated. 
• Massive call volume was generated in just four days. 
• Voxbeam had incorrectly certified in the RMD that it was not a gateway provider – despite traceback data showing it clearly functioned as one. 

Voxbeam missed it. 

Voxbeam did act fast once notified – blocking Axfone’s traffic within 24 hours and earning a 20% penalty reduction from $5.625M to $4.5M. The FCC was unmoved on the core violation: fast response helps, but it doesn’t excuse the failure to screen upfront. 

Lessons Learned: 

• Verify every foreign upstream provider is listed in the RMD before accepting their traffic (regardless of relationship tenure.) 
• Ensure your RMD filings accurately reflect your actual role. 
• Treat sudden traffic spikes from long-dormant accounts as an immediate red flag. 

For businesses relying on outbound calling, the signal is loud and clear: access to the call network now requires active justification, not assumption. 

Washington’s CEMA Penalties Drop June 11 – But Email Marketers Aren’t Off the Hook 

Washington State’s Commercial Electronic Mail Act (CEMA) has been amended, cutting statutory damages from $500 to $100 per email and adding a knowledge requirement – meaning senders are no longer automatically liable if a subject line turns out to be misleading. House Bill 2274, signed in March and effective June 11, 2026, was a direct response to roughly 100 lawsuits triggered by a 2025 Washington Supreme Court ruling that expanded the law’s reach to any false or misleading email subject line. 

The relief is real – but limited. The changes don’t apply retroactively, so companies already facing CEMA claims are still on the hook for the original $500 penalty. Some are pushing back harder – clothing retailer DXL is arguing in court that a $500-per-email penalty with no requirement to prove actual harm is simply unconstitutional. District courts have so far rejected similar challenges in cases against Macy’s and FullBeauty Brands. 

Promotional emails with urgency-driven subject lines remain a prime target, and CEMA violations still constitute per se violations of Washington’s Consumer Protection Act – keeping plaintiffs’ burden low.  

If you’re marketing to Washington residents, now is the time to review what your subject lines are promising. 

The FCC Wants to Know Your Customer – Better Than You Do Now 

The Federal Communications Commission (FCC) is moving to significantly tighten Know Your Customer (KYC) requirements for originating voice service providers – the carriers and platforms through which outbound calls first enter the phone network. A draft Further Notice of Proposed Rulemaking (FNPRM) is scheduled for vote at the FCC’s April 30 Open Meeting, and the direction is clear: the existing principles-based KYC standard isn’t working, and the FCC is done waiting. 

Under the proposed framework: 

Industry is already pushing back. The Voice on the Net Coalition (VON) filed comments ahead of the vote, and CTIA’s April 13 ex parte urged the FCC to preserve flexibility – pointing to existing KYC and Know Your Business (KYB) tools like Branded Calling ID as evidence that market-driven solutions are already working. Their core argument: rigid, uniform rules risk stifling legitimate calls while scammers adapt around them. 

The FCC is expressly seeking comment on whether requirements should be risk-based and calibrated to customer type, service model, and call volume rather than applied identically across the board – and that’s where the opportunity lies for compliant outbound programs. Stronger upstream KYC ultimately benefits legitimate callers: it raises the bar for network access and helps ensure your calls aren’t swept up in blocking actions aimed at bad traffic.  

The comment window opens 30 days after Federal Register publication – worth watching closely. 

May 2026 Holiday Telephone Solicitation Bans

Please be aware of the following U.S. holiday telephone solicitation bans for the month of May 2026: 

1. On May 4, 2026, the state of Rhode Island prohibits unsolicited sales and marketing calls in observance of Rhode Island Independence Day. 
2. On May 25, 2026, the states of Alabama, Louisiana**, Nebraska*, Pennsylvania, Rhode Island, and Utah prohibit unsolicited sales and marketing calls in observance of Memorial Day. 

Other holidays may be proclaimed by the Governor in each state throughout the year. 

*Nebraska does not prohibit calls on Sundays or legal holidays; however, it does restrict the use of prerecorded messages to 1pm to 9pm on these days (subject to certain exceptions). 

**At the time of this publication, the LA Governor had not yet proclaimed Memorial Day a state holiday – see https://lpsc.louisiana.gov/DNC_Holidays 

Please be aware of the following Canadian holiday telephone solicitation bans for the month of May 2026: 

1. On May 18, 2026, the province of British Columbia prohibits unsolicited sales and marketing calls in observance of Victoria Day.  

Gryphon has updated its existing service parameters to reflect these solicitation bans. Please contact us with any questions at 866-366-6822. 

New York State of Emergency Issued through May 24, 2026 

Consistent with prior communications, Executive Orders declaring disaster emergencies in the State of New York trigger telemarketing restrictions under the Nuisance Call Act.   

The Nuisance Call Act makes it unlawful for any telemarketer to make unsolicited telemarketing sales calls to areas of the state under an emergency declaration.     

Consistent with prior communications, Executive Orders declaring disaster emergencies in the State of New York trigger telemarketing restrictions under the Nuisance Call Act.

The Nuisance Call Act makes it unlawful for any telemarketer to make unsolicited telemarketing sales calls to areas of the state under an emergency declaration.

Executive Order 52.8 declaring a State Disaster Emergency in the State of New York arising from concerns due to Federal Actions related to vaccine access, has been extended through May 17, 2026.

Executive Order 47.17 declaring a State Disaster Emergency in the State of New York ordering into active service the New York National Guard to assist authorities in guaranteeing public order (correctional facilities), is in effect through May 24, 2026.

Gryphon AI has extended State of Emergency blocks for New York to May 24, 2026, to ensure compliance with the above Executive Orders.

Contact the Gryphon AI Helpdesk with any questions at 866-366-6822.

About Gryphon AI

Staying updated with the latest regulatory changes is crucial for any enterprise aiming to minimize risk and maximize reach. Gryphon AI is the only automatic, real-time, intelligent contact compliance solution on the market that delivers compliant, real-time intelligence into every customer conversation.      

With Gryphon AI, enterprises can stay ahead of the regulatory curve and efficiently manage all regulatory changes, ensuring seamless compliance and operational excellence.      

To learn more about how Gryphon AI can help you manage these updates, reach out to us today.