There is a particular irony playing out in the personal injury legal market right now. Firms that built their practices on consumer protection lawsuits — TCPA class actions among them — are now on the receiving end of those exact same suits.
The culprit is almost always the same: an intake operation that moved fast on follow-up and slow on compliance. Automated text campaigns sent without proper consent. Calls to reassigned numbers. Opt-out requests that got processed a week too late.
The Telephone Consumer Protection Act carries statutory damages of $500 to $1,500 per violation. When your intake team is sending hundreds of automated texts per day, class action exposure compounds quickly. Several PI firms have settled TCPA cases for seven figures without ever winning at trial.
This article covers the five TCPA mistakes that appear most often in PI intake operations, the consent standards that eliminate exposure, and the operational practices that protect your firm without slowing down your speed-to-lead.
What the TCPA Actually Requires
The Telephone Consumer Protection Act of 1991, as amended and interpreted through FCC rulemakings, restricts calls and texts to cell phones made using an automatic telephone dialing system (ATDS), an artificial voice, or a prerecorded message. The core requirements:
- Prior express written consent is required before making autodialed calls or sending automated texts to a cell phone for marketing or solicitation purposes.
- For purely informational messages, prior express consent (oral or written) is required if an ATDS is used to reach a cell phone.
- Consent must be obtained from the person whose number you are calling, not from someone claiming to represent them.
- Consent must be revocable at any time by any reasonable means, and revocation must be honored promptly.
- The Do-Not-Call Registry applies to all telemarketing calls regardless of technology used.
Law firms do not get a professional exemption. The TCPA applies to any entity — including law firms and their vendors — that communicates with prospective clients using covered technology.
The 5 Most Common TCPA Mistakes in PI Intake
1. Sending Automated Texts Without Written Consent
This is the most frequent exposure point. A lead submits a form. The CRM automatically sends a text acknowledging receipt and asking if they are available to talk. No consent language appeared on the form. The text goes out via an automated platform. That is a TCPA violation.
The fix is straightforward: every intake form and landing page must include explicit TCPA consent language with a checkbox. The language should state that by checking the box, the person authorizes the firm (named specifically) to contact them via autodialed calls and automated texts at the number provided, and that consent is not required as a condition of any service. The checkbox must be unchecked by default and require active selection.
Storing proof of consent — with timestamp, IP address, and form version — is equally critical. If a plaintiff's attorney subpoenas your consent records, you need to produce them.
2. Using Lead Vendor Data Without Auditing Consent Quality
Many PI firms buy leads from third-party generators. Those leads arrive with a consent notation in the data feed — but the consent may be defective, revoked, or obtained via a lead form that listed dozens of companies the consumer "agreed" to be contacted by.
The FCC's 2024 one-to-one consent ruling tightened this significantly: consent must be obtained specifically for each company that will contact the consumer. A blanket "I consent to be contacted by partners" checkbox no longer satisfies the TCPA for outbound automated calls or texts.
Before using any purchased lead list for automated outreach, audit the consent language your vendor is collecting. Request the actual form copy. If the consent is not specific to your firm or does not meet written consent standards, those leads should receive only manually-dialed outreach — no automation.
3. Failing to Honor Opt-Out Requests Immediately
A lead replies STOP to a text. A caller says "please stop calling me." An email arrives asking to be removed from outreach.
Each of these is a valid opt-out under the TCPA. Each must be honored promptly. Any automated message sent after a valid opt-out — even one — converts a potential technical violation into a willful violation, tripling the per-message statutory damages.
Operationally, this means your intake platform must process STOP replies automatically and propagate opt-outs to every outreach system immediately. Manual processes — "we'll update the list at end of day" — are a liability. If someone texts STOP at 9:02 AM and gets another automated text at 9:47 AM, that gap is indefensible.
TCPA violations are $500 per message. A single day of outreach to leads who previously opted out — across a 500-message campaign — creates $250,000 in exposure before a plaintiff's attorney even picks up the phone.
4. Calling Reassigned Numbers
Cell phone numbers are reassigned constantly. A lead who consented to contact six months ago may have changed carriers and lost that number. The number is now active — just with a different person who never heard of your firm and never consented to anything.
Calling a reassigned number with an ATDS or prerecorded voice is a TCPA violation even when you had valid consent from the original subscriber. The FCC has allowed a single "safe harbor" call to discover that a number has been reassigned — but only if you honor the reassignment and stop calling.
The practical fix: use a number reassignment database (several vendors offer real-time API lookups) to scrub your outreach lists before any automated campaign. Flag numbers that have been reassigned since you obtained consent and route them to manual review only.
5. Treating "Inquiry = Consent" for All Future Outreach
A lead called your office in January about a car accident case. The case settled in March. Your intake team pulls that number in May for a mass text about a new practice area.
The consent obtained in January covered contact related to the January inquiry. It does not automatically extend to new marketing campaigns on unrelated topics — particularly not via automated text.
Consent obtained through a specific intake form is tied to the purpose stated on that form. Repurposing past leads for new campaigns requires fresh consent collection unless you have a broad, clearly-stated authorization that covers future communications.
The Consent Language That Works
Compliant TCPA consent for PI intake needs to appear on every intake form and landing page where you collect phone numbers for automated follow-up. The language must:
- Identify your firm by name (and any DBA doing business as)
- Specify that contact will be made via autodialed calls, prerecorded messages, and/or automated texts
- State clearly that consent is not a condition of service
- Appear adjacent to the phone number field with no pre-checked boxes
- Include a way to opt out (e.g., "Reply STOP to unsubscribe")
"By submitting this form and checking this box, I authorize [Firm Name] to contact me at the phone number provided using an automatic telephone dialing system or prerecorded/artificial voice messages for informational and case-related purposes. I understand that consent is not a condition of retaining legal services and that I may opt out at any time by replying STOP."
Store every submission with a timestamp, IP address, and the exact form version that collected the consent. Use version control on your landing pages so you can produce the specific consent language a person saw on a specific date if challenged.
Operational TCPA Compliance: What Your Intake Platform Needs
Consent language handles the front end. Operations handle the back end. Here is what a compliant intake operation needs in place:
| Requirement | What It Means Operationally | Risk if Missing |
|---|---|---|
| Consent recordkeeping | Timestamp + IP + form version stored per submission | Cannot defend any TCPA claim |
| Automated opt-out processing | STOP reply suppresses all future automated outreach within seconds | Willful violation at $1,500 per message after opt-out |
| DNC list scrubbing | Federal and state DNC registry lookups before any outreach campaign | $500–$1,500 per DNC violation + state penalties |
| Number reassignment checks | API lookup before automated outreach to aged lead lists | TCPA violation despite valid original consent |
| Vendor consent audit | Written verification of consent methodology from every lead vendor | Inheriting third-party liability for defective consent |
| Quiet hours enforcement | Platform-level block on outreach before 8 AM or after 9 PM in recipient's time zone | TCPA and state law violations |
The Manual Dial Safe Harbor
TCPA compliance requirements apply specifically to automated outreach. A live intake agent manually dialing a number from a CRM is not subject to the ATDS restrictions. The agent still must comply with DNC rules and state telemarketing laws — but the core TCPA consent burden is narrower.
This matters for high-value leads. When you receive a lead that came in through a vendor with questionable consent documentation, routing that lead to a human caller rather than an automated sequence allows you to make contact immediately without triggering TCPA exposure.
The caveat: "manual dial" means the human physically selects and dials each number without predictive dialing software managing the sequence. A platform that auto-queues the next call and connects the agent the moment the previous call ends may still qualify as an ATDS in some circuits.
If your intake software uses any form of predictive or power dialing, confirm with your platform vendor whether it qualifies as an ATDS under current FCC guidance and the jurisdiction where your cases originate.
TCPA Compliance Does Not Slow Down Speed-to-Lead
The most common pushback from intake managers is that compliance slows them down — that adding consent checkboxes reduces form conversions, or that waiting to verify consent before texting costs cases.
The data does not support this. Properly worded consent disclosures reduce form conversion by less than 2% in most A/B tests. The firms with the highest intake conversion rates — those running 40 to 50 percent lead-to-sign ratios — all have compliant consent systems in place. They have to: a class action would end the operation entirely.
Speed-to-lead and TCPA compliance are not in tension. The consent language goes on the form once. The opt-out logic is built into the platform once. The number reassignment scrub runs automatically before campaigns. None of these steps add meaningful delay to any individual outreach — they only affect the setup and vendor audit work done in advance.
The operational cost of compliance is a week of setup. The litigation cost of non-compliance can be a decade of settlement payments.
How Outsourced Intake Affects TCPA Liability
If you use an outsourced intake provider, you do not fully offload TCPA exposure. Law firms can be held liable for the TCPA violations of their vendors as "vicarious liability" principals if the firm controlled or directed the vendor's outreach practices, or if the firm ratified non-compliant conduct by continuing the relationship after learning of violations.
When evaluating an outsourced intake provider, the TCPA compliance questions to ask:
- What consent language does your intake form use, and can I see the current version?
- How do you process opt-out requests received by text, phone, or email?
- Do you scrub contact lists against DNC registries before outreach campaigns?
- What technology do you use for outbound messaging — is it classified as an ATDS?
- How do you verify consent quality for leads purchased from third-party vendors?
- What indemnification do you provide in the event of a TCPA claim arising from your outreach?
A provider that cannot answer these questions clearly is a liability exposure, not an operational asset.
The Bottom Line
The TCPA is not going away. The FCC's one-to-one consent rule tightened it in 2024. State mini-TCPA statutes in Florida, Oklahoma, and other jurisdictions have added further restrictions. The plaintiff's bar targeting law firms specifically is active and well-funded.
The compliance steps are not complex. The consent language takes an afternoon. The platform configuration takes a day. The vendor audit takes a week. None of it requires outside counsel if your intake operation is straightforward — and all of it is dramatically cheaper than one class action settlement.
Firms that run clean intake operations — compliant consent, real-time opt-out processing, proper recordkeeping — tend to run better intake operations overall. The disciplines that eliminate TCPA exposure (documented processes, real-time data, consistent execution) are the same disciplines that produce high conversion rates.
Get the compliance foundation in place once. Then focus entirely on speed, persistence, and conversion — without a TCPA class action sitting in the background.
Frequently Asked Questions
Does the TCPA apply to law firms doing intake calls?
Yes. The TCPA applies to any person or entity that uses an automatic telephone dialing system, artificial or prerecorded voice, or sends automated texts to cell phones without prior express written consent. Personal injury law firms and their intake vendors are not exempt. Several courts have ruled that even informational messages require consent when sent via automated systems to cell phones.
What is the penalty for a TCPA violation by a law firm?
TCPA violations carry statutory damages of $500 per violation, rising to $1,500 per willful violation. Because intake operations contact hundreds or thousands of leads per month, class action exposure can reach into the tens of millions of dollars. The plaintiff's bar actively files TCPA cases against law firms — often the same PI firms that handle consumer class actions for their own clients.
Can a PI law firm text leads without consent?
Only if the text is sent manually and the lead provided their phone number in connection with the subject matter of the message. In practice, most intake platforms send texts through automated systems, which requires prior express written consent. Include clear TCPA consent language in every intake form before initiating any automated outreach.
What should a law firm do if a lead asks to stop receiving calls or texts?
Stop immediately. Any opt-out request — replying STOP, saying "stop calling," or emailing to be removed — must be honored within a reasonable time (best practice: immediately). The number goes on your internal do-not-contact list and is excluded from all future automated outreach. Continuing to contact someone after they have opted out converts a possible violation into a clearly willful one at $1,500 per message.
HQ Intake Is Built for TCPA-Compliant Operations
Our intake platform includes compliant consent collection, real-time opt-out processing, and DNC scrubbing as standard. We handle the compliance infrastructure so your team focuses entirely on converting leads into signed cases.
Talk to Our Team