The TCPA one-to-one consent rule: what changed and how to comply
One-to-one consent is the principle that a consumer's consent to be contacted should apply to one identified seller at a time — not to a long list of unnamed 'marketing partners' bundled behind a single checkbox. For outreach teams, the practical takeaway is: know exactly who the consumer agreed to hear from, and do not rely on broad shared-consent language, especially for purchased leads.
The "one-to-one consent" concept has been one of the most discussed developments in TCPA compliance, particularly for anyone who buys leads or works with lead-generation and comparison-shopping sites. The regulatory details around it have shifted, so this post focuses on the durable principle rather than the status of any single rule on a given date. It is general information, not legal advice — the specifics here move, and your counsel should confirm the current state of play before you change your program.
The problem it addresses
For years, a common lead-generation pattern worked like this: a consumer fills out a form on a comparison site and clicks a single checkbox consenting to be contacted by "our partners." Behind that checkbox could be dozens or hundreds of companies the consumer never saw named. That single click was then treated as consent for every one of them to call and text.
The one-to-one consent principle challenges that model. The core idea is that consent to receive marketing calls or texts should be given to one specific, identified seller at a time, not handed out in bulk to an unnamed list. A consumer should reasonably understand who they are agreeing to hear from.
What one-to-one consent means in practice
Where the principle applies, compliant consent tends to have these characteristics:
- The seller is clearly identified to the consumer at the moment of consent — by name, not as an anonymous "partner."
- Consent is specific to that seller, rather than a blanket authorization shared across many companies.
- The consent is logically related to the interaction the consumer initiated. If someone asked about auto insurance, consent that stretches to unrelated products is on shakier ground.
The effect is to make purchased or shared "consent" much less reliable as a defense unless you can show the consumer actually agreed to hear from you specifically.
What this means for outreach teams
If you generate your own leads with clear, named, per-seller consent, the principle is largely reinforcing good practice you should already follow. The bigger implications are for teams that buy or share leads:
- Do not assume a purchased lead carries valid consent for you. Ask the seller to show exactly what the consumer agreed to and whether you were identified.
- Get the underlying consent record, not just an assurance. You want the disclosure language, the timestamp, and evidence that your company was named or that consent was specific.
- Be skeptical of "marketing partners" checkboxes. Broad, bundled consent is precisely the model the principle pushes against.
- Document your due diligence. If you relied on a lead vendor, keep the record of what they represented and provided.
Because the details move, build for the principle
Regulatory requirements in this area have been proposed, revised, and litigated, and the precise obligations can differ by the date and forum. Rather than betting your program on the exact contours of a single rule, the resilient approach is to operate as though consent must be specific and seller-identified. That posture is defensible under the strict version and still good practice under a looser one. Confirm the current requirements with counsel before relying on any specific interpretation.
How Fivra fits
Fivra gives you the operational controls around consent-based outreach: DNC and suppression screening before contacts are messaged, automatic account-wide STOP handling, and exportable audit logs of screening and send activity. What Fivra cannot do is validate the quality of consent attached to a lead you bought — that diligence, and the decision about which leads meet your standard, stays with you. None of this is legal advice.
FAQ
What is one-to-one consent?
It is the principle that a consumer's consent to be contacted by marketing calls or texts should apply to one specific, identified seller at a time, rather than being bundled behind a single checkbox for many unnamed companies.
Does one-to-one consent affect purchased leads?
Significantly. It makes broad, shared "partner" consent much less reliable as a defense. If you buy leads, you generally need evidence that the consumer agreed to hear from your company specifically.
Is the one-to-one consent rule currently in effect?
The regulatory details in this area have shifted through proposals, revisions, and litigation, and can differ by date and forum. Treat the underlying principle as durable guidance and confirm the current legal status with counsel before changing your program.
What consent records should I get from a lead vendor?
Ask for the actual consent record — the disclosure language shown, the timestamp, and evidence that your company was named or that consent was specific to you — not just a general assurance that consent exists.
How should I handle "marketing partners" checkboxes?
Be skeptical. Broad, bundled consent behind a single checkbox for unnamed partners is the model the one-to-one principle pushes against, and it is weak as a defense.
Can Fivra verify that my leads have valid consent?
No. Fivra provides screening, suppression, and audit-log tooling for outreach, but it cannot validate the quality of consent attached to a purchased lead. That diligence is yours, and this is general information, not legal advice.
Outreach at volume. Compliance by default.
Fivra pairs high-volume SMS broadcasting with a built-in power dialer and real-time TCPA & DNC screening — one platform for high-volume teams.
Get started