eConsent is a TCPA consent verification platform that captures, certifies, and verifies consumer consent in real time. It provides session recordings, tamper-proof certificates with SHA-256 hashing, and identity verification for businesses that need to prove consent was obtained.

How do I install eConsent on my website?

Add one script tag to your page with your Company ID. No SDK, no build step required. Consent recording starts immediately. eConsent works on any website including WordPress, React, and static HTML.

How much does eConsent cost?

eConsent offers four plans: Starter at $199/month (1,000 retentions), Growth at $750/month (10,000 retentions), Enterprise at $1,500/month (50,000 retentions), and High Volume with custom pricing. All plans include session replay, consent certificates, and verification API. No contracts required.

How is eConsent different from TrustedForm?

eConsent provides a modern alternative to TrustedForm and Jornaya with transparent pricing, a simple verification API, real-time session replay, identity verification dossiers, Meta Lead Ads integration, and infrastructure built with Rust for performance. No long-term contracts required.

Is eConsent secure and tamper-proof?

Yes. Every certificate is SHA-256 hashed and stored in Amazon S3 with Object Lock in COMPLIANCE mode for up to 7 years. Certificates cannot be modified or deleted by anyone. All data is encrypted with TLS 1.2+ in transit and AES-256 at rest.

What is the best TCPA consent verification platform?

eConsent is a modern TCPA consent verification platform offering session recordings, tamper-proof certificates, identity verification, and Meta Lead Ads integration. Unlike legacy providers like TrustedForm and Jornaya, eConsent offers transparent pricing starting at $199/month with no contracts, a simple one-script-tag installation, and core infrastructure built in Rust for performance and security.

Does eConsent work with Meta Lead Ads and Facebook leads?

Yes. eConsent connects to your Facebook Pages via OAuth and automatically generates consent certificates for every lead submitted through Meta Lead Ad forms. Each certificate captures the form definition, consent language, disclaimer responses, ad attribution, and includes a visual replay of the form experience.

What is a TCPA consent certificate?

A TCPA consent certificate is a tamper-proof digital record proving that a consumer provided prior express written consent as required by the Telephone Consumer Protection Act. eConsent generates these certificates automatically, including the exact consent language displayed, a full session replay, timestamp, IP address, and a SHA-256 cryptographic hash for integrity verification.

The FCC's One-to-One Consent Rule is Dead. Now What?

The lead generation industry has been waiting for this ruling for over a year. The 11th Circuit Court of Appeals struck down the FCC’s one-to-one consent rule, holding that the Commission exceeded its statutory authority when it required that TCPA consent be granted to a single, identified seller rather than a group of marketing partners.

The reaction was immediate and jubilant. Lead aggregators, ping-post platforms, and performance marketing networks collectively exhaled. The rule that threatened to dismantle the multi-buyer lead distribution model was dead on arrival.

But the celebration is premature. The underlying legal risks that motivated the FCC’s rule have not disappeared. And the companies that interpret this ruling as a return to business as usual are the ones most likely to end up in court.

The FCC adopted the one-to-one consent rule in December 2023, with an original effective date of January 27, 2025. The rule amended 47 C.F.R. Section 64.1200 to require that prior express written consent for telemarketing calls and texts be granted to a single, identified seller.

Under the existing framework before the rule, a lead form could list multiple marketing partners in its disclosure language and obtain consent for all of them in a single transaction. A consumer checking one box might be consenting to receive calls from dozens of companies. The one-to-one rule would have ended that practice.

Specifically, the rule required:

Consent must identify one specific seller. A consent form listing “Company A and its marketing partners” would no longer be valid. The consumer would need to separately consent to each entity that intended to contact them.
No blanket consent to partner lists. The common practice of embedding a link to a list of hundreds of marketing partners in small text below a consent disclosure would not satisfy the rule.
Logically and topically related requirement. The call or text must relate to the subject matter of the website or interaction where consent was obtained. A consumer providing information about home insurance could not be contacted about auto warranties.
Consent could not be transferred. The entity identified in the consent disclosure must be the entity that makes the call. Consent obtained by Company A could not be used by Company B.

For the lead generation industry, which is built on collecting consent once and distributing leads to multiple buyers, this rule represented an existential threat to the business model.

Why the 11th Circuit Struck It Down

The 11th Circuit’s decision focused on the FCC’s statutory authority, not the policy merits of the rule. The court found that the TCPA grants consumers the right to give or withhold consent, but does not grant the FCC authority to dictate the specific form that consent must take beyond what Congress specified in the statute.

The court applied the major questions doctrine, holding that the FCC’s one-to-one consent requirement represented a significant expansion of regulatory authority that would have major economic consequences for the lead generation industry. Under the major questions doctrine, agencies cannot adopt rules with significant economic and political implications without clear congressional authorization.

The court noted that the lead generation industry generates billions of dollars annually and that the one-to-one rule would have fundamentally restructured the industry’s business model. That kind of regulatory change, the court held, requires explicit congressional authorization that the TCPA does not provide.

This is important context. The 11th Circuit did not rule that one-to-one consent is bad policy. It did not rule that the current system of multi-party consent is compliant. It ruled that the FCC does not have the authority to impose this specific requirement through rulemaking. The distinction matters.

What Still Applies

The death of the one-to-one rule does not create a regulatory vacuum. Significant TCPA requirements remain fully in effect.

The FCC’s regulation requiring prior express written consent for telemarketing calls and texts - 47 C.F.R. Section 64.1200(a)(2) - was not affected by the 11th Circuit’s ruling. (The Fifth Circuit’s Bradford ruling questions this requirement separately, but that is a different legal issue in a different jurisdiction.)

For most businesses in most jurisdictions, you still need documented, written consent that includes a clear and conspicuous disclosure before making telemarketing calls or sending marketing texts.

The requirement that consent disclosures be clear and conspicuous remains a cornerstone of TCPA compliance. Burying partner lists in 8-point font behind a “view partners” link has always been legally risky, and the 11th Circuit ruling does not change that. Courts routinely find that disclosures consumers cannot reasonably be expected to read or understand do not constitute valid consent.

The “Reasonable Reliance” Standard Is Under Pressure

For years, lead buyers have defended TCPA claims by arguing that they “reasonably relied” on consent obtained by a third-party lead generator. The argument goes: the lead generator collected consent, sold me the lead, and I had no reason to believe the consent was invalid.

This defense has always been fact-dependent, and courts have been increasingly skeptical. In multiple recent decisions, courts have held that lead buyers cannot simply assume consent is valid without conducting any verification. The question is shifting from “did someone collect consent?” to “did you verify that consent was actually collected, and that it was valid?”

The death of the one-to-one rule does not strengthen the reasonable reliance defense. If anything, it weakens it, because the companies that were preparing for one-to-one compliance were also building the verification infrastructure that would support a reasonable reliance argument. Without the regulatory pressure to build those systems, companies that revert to minimal verification are more exposed, not less.

State Laws Continue to Expand

While the FCC’s rule is dead at the federal level, state legislatures are not waiting. Florida’s telemarketing statute imposes significant requirements on lead-based calling. California continues to expand its consumer privacy protections. Multiple states are considering or have enacted TCPA-equivalent statutes with their own consent requirements.

A compliance program built only around the federal minimum - especially a federal minimum that just got more permissive - is a program that ignores the fastest-growing source of telemarketing liability.

The Plaintiff’s Bar Has Not Gone Home

Here is the reality that the post-ruling celebration overlooks: TCPA plaintiff attorneys are still filing cases. They were filing cases before the one-to-one rule was adopted. They were filing cases while the rule was stayed pending litigation. They are filing cases now.

The one-to-one rule would have given plaintiffs a bright-line violation to allege: “the consent form listed multiple sellers, which violates the one-to-one requirement.” With that bright line gone, plaintiff attorneys revert to the arguments they have been making successfully for years:

The consent disclosure was not clear and conspicuous
The consumer did not understand they were consenting to calls from the defendant specifically
The disclosure was too long, too small, or too confusing to constitute informed consent
The consent form was defective (pre-checked boxes, conditioned on purchase, missing required language)
The defendant cannot produce evidence that consent was actually given by the specific plaintiff

These arguments worked before the one-to-one rule, and they work after it. The rule’s demise removes one potential cause of action. It does not remove the underlying litigation risk.

This is the paradox of the 11th Circuit ruling. Without the FCC rule forcing a higher standard, the companies that voluntarily maintain high standards will be the ones best positioned to survive litigation.

When every lead buyer was going to be required to verify that consent was granted specifically to them, the industry was moving toward full consent verification as a baseline. With that requirement gone, verification becomes a competitive differentiator and a litigation defense strategy rather than a regulatory mandate.

The companies that invest in thorough consent verification - consent certificates that capture the full consent transaction, session recordings that show exactly what the consumer experienced, tamper-evident documentation that courts accept - gain two advantages:

In litigation, they can actually prove that consent was obtained. When a plaintiff alleges “I never consented to calls from this company,” the defendant that can produce a consent certificate showing the plaintiff’s interaction with a consent form that clearly identified the defendant is in a fundamentally stronger position than the defendant that can only say “the lead generator told us they had consent.”

In lead quality, they can identify and reject leads where consent is questionable before making the call. A lead that arrives with a verified consent certificate from a platform like eConsent is a lead you can call with confidence. A lead that arrives with nothing but a phone number and a timestamp is a lead that might be a lawsuit waiting to happen.

The Voluntary Compliance Advantage

The history of consumer protection regulation shows a consistent pattern: industries that self-regulate effectively avoid the most restrictive mandatory regulation. Industries that treat the absence of regulation as permission to cut corners eventually face regulatory responses that are more restrictive than what voluntary compliance would have required.

The FCC adopted the one-to-one rule because the Commission believed the industry was not adequately protecting consumers under the existing framework. The 11th Circuit struck the rule down on procedural grounds, not because the underlying consumer protection concerns were invalid.

If the industry responds to the ruling by reverting to the practices that prompted the rule in the first place - sprawling partner lists, minimal disclosure, no consent verification - the regulatory response will come. It may come from Congress directly, which would not face the same major questions doctrine limitation. It may come from state legislatures. It may come from the FTC under its unfair and deceptive practices authority.

The companies that maintain high consent standards voluntarily are the ones that will be best positioned regardless of what regulatory framework emerges next.

What You Should Do Now

Do not dismantle your one-to-one compliance preparations. If you invested in consent verification infrastructure, granular consent tracking, or improved disclosure language in preparation for the one-to-one rule, keep those systems in place. They make you more defensible in litigation, even if they are no longer regulatory mandated.
Audit your consent forms for clear and conspicuous compliance. The one-to-one rule is gone, but the clear-and-conspicuous standard is not. Review your consent disclosures through the lens of what a plaintiff’s attorney would argue. If your disclosure requires scrolling, clicking, or squinting to find the relevant information, it is vulnerable.
Implement consent verification for every lead you purchase. Do not rely on the lead generator’s assurance that consent was collected. Require consent certificates or equivalent documentation that proves what the consumer saw and agreed to. Platforms like eConsent provide this verification at the point of consent collection, creating evidence that travels with the lead.
Review your “reasonable reliance” defense posture. If you buy leads from third parties, document your verification process. Courts are increasingly requiring lead buyers to demonstrate that they took affirmative steps to verify consent, not just that they assumed it existed. A documented verification workflow is essential.
Monitor state-level legislative developments. The federal standard just got more permissive. State legislatures are moving in the opposite direction. Ensure your compliance program accounts for the most restrictive standard applicable to your operations, not just the federal baseline.

The one-to-one consent rule is dead. The need for verifiable, documented, defensible consent is very much alive. The companies that understand the difference will be the ones that thrive in the litigation environment that is not going away.

The FCC's One-to-One Consent Rule is Dead. Now What?

Why the 11th Circuit Struck It Down

What Still Applies

The “Reasonable Reliance” Standard Is Under Pressure

State Laws Continue to Expand

The Plaintiff’s Bar Has Not Gone Home

The Voluntary Compliance Advantage

What You Should Do Now

Protect every lead. Prove every consent.

Stay ahead on TCPA compliance

The FCC's One-to-One Consent Rule is Dead. Now What?

What the One-to-One Consent Rule Would Have Required

Why the 11th Circuit Struck It Down

What Still Applies

Prior Express Written Consent Is Still Required

Consent Must Be Clear and Conspicuous

The “Reasonable Reliance” Standard Is Under Pressure

State Laws Continue to Expand

The Plaintiff’s Bar Has Not Gone Home

Why Consent Verification Matters More Now

The Voluntary Compliance Advantage

What You Should Do Now

Protect every lead. Prove every consent.

Stay ahead on TCPA compliance

Before you go...