H.R. 6449 amends section 227 of the Communications Act to create criminal liability for willful and knowing violations of the Telephone Consumer Protection Act (TCPA), and to increase civil penalties for providing inaccurate caller-identification information. The bill establishes a base criminal penalty of up to one year in prison (or a fine), and an aggravated offense carrying up to three years when specific criteria are met.
This is a structural change to TCPA enforcement: the bill supplies prosecutors with a criminal statute keyed to large-scale or repeat robocall operations, intent to use calls for other felonies, or aggregate victim loss, while also escalating monetary exposure for spoofing. Compliance officers, telecom providers, and businesses that use automated calling or texting systems will need to reassess risk, recordkeeping, and vendor controls in light of possible criminal exposure for certain violations.
At a Glance
What It Does
The bill adds a new subsection to 47 U.S.C. 227 making willful and knowing TCPA violations a crime punishable by up to one year in prison (or a fine), and defines an aggravated offense with harsher penalties under specified conditions. It also increases statutory penalties for providing inaccurate caller-identification information.
Who It Affects
Robocall operators, telemarketers, firms that deploy automatic telephone dialing systems and prerecorded voice messages, messaging/text vendors, VoIP providers and intermediaries that transmit mass calls, and entities that rely on caller ID management services.
Why It Matters
By criminalizing select TCPA conduct and doubling spoofing fines, the bill changes enforcement incentives and escalates consequences for large-scale or repeat offenders. That shift creates new legal risk for organizations that rely on automated outreach and raises practical questions about how regulators and prosecutors will measure and prove offenses.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
H.R. 6449 inserts a criminal enforcement regime into the TCPA by adding a new subsection that targets intentional violations. Under the bill, a person who acts ‘willfully and knowingly’ in breaching section 227 faces criminal punishment—up to one year behind bars or a criminal fine.
The statute then sets out circumstances that aggravate the offense and raise the maximum prison term to three years.
The aggravated-offense trigger is multi-pronged. It covers defendants with prior convictions under the new criminal subsection, large-volume operations that exceed specified call-count thresholds, cases where calls were used to facilitate another felony or a conspiracy to commit a felony, and situations where the scheme caused aggregated loss of $5,000 or more to one or more victims over a year.
The bill treats text messages sent to mobile phones via an automatic telephone dialing system as ‘‘calls’’ for purposes of these provisions and explicitly includes communications to any North American Numbering Plan number, including emergency numbers.To avoid narrow interpretations of culpability, the bill defines ‘‘initiate’’ broadly to include sending, making, or transmitting a call. The text also tightens penalties for spoofing and inaccurate caller-ID information by raising statutory fines (the bill doubles two existing $10,000 penalty references to $20,000).
Finally, the bill makes a technical change to adjust an internal cross-reference in section 227 to the newly added criminal subsection.Collectively, these changes expand the TCPA’s enforcement tools: prosecutors get a criminal statute aimed at willful misconduct and large-scale operations, while civil monetary exposure for caller-ID manipulation increases. The bill leaves intact—though overlays—TCPA’s civil remedies, so affected entities could face parallel civil and criminal risk depending on how facts map to the new aggravated criteria.
The Five Things You Need to Know
The base criminal penalty for a willful, knowing violation of 47 U.S.C. 227 is imprisonment for up to 1 year, a criminal fine under Title 18, or both.
An aggravated offense raises the maximum imprisonment to 3 years if the defendant has a prior conviction under the same subsection, used calls to further a felony or conspiracy, caused aggregate losses of $5,000+ in a year, or exceeded numeric call thresholds.
The numeric thresholds that trigger aggravated treatment are 100,000 calls in 24 hours, 1,000,000 calls in 30 days, or 10,000,000 calls in one year.
The bill explicitly treats texts sent to mobile phones via an automatic telephone dialing system—and messages to any NANP number, including emergency numbers—as ‘calls’ under the new criminal provisions.
It doubles two existing TCPA penalty references for providing inaccurate caller-identification information from $10,000 to $20,000.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Short title
Provides the Act’s name: the Deter Obnoxious, Nefarious, and Outrageous Telephone Calls Act of 2025 (DO NOT Call Act). This is purely a stylistic provision with no legal effect on interpretation, but the name signals congressional intent to target aggressive robocall and spoofing behavior.
Criminal liability for willful and knowing TCPA violations
Adds a new criminal subsection that imposes prison and fine exposure for ‘‘willful and knowing’’ violations of the TCPA. Practically, prosecutors must prove mens rea—willfulness and knowledge—before pursuing criminal charges, which is a higher bar than many civil TCPA claims. The provision also establishes the aggravated-offense criteria: prior conviction under the new subsection, use of calls in furtherance of a felony or conspiracy, aggregate victim loss of $5,000+ in a year, or surpassing one of three specific call-volume thresholds. That structure creates multiple factual pathways to elevated criminal exposure and invites prosecutors to aggregate activity across time and victims to reach statutory triggers.
Broad definition of 'call' and 'initiate' that includes texts and emergency numbers
Defines ‘‘call’’ to include messages to any North American Numbering Plan number—including emergency numbers—and expressly includes text messages sent to mobile phones via an automatic telephone dialing system when sent without prior consent or as an emergency message. It also defines ‘‘initiate’’ to include sending, making, or transmitting. These definitional choices broaden the statute’s reach to modern messaging channels and reduce arguments that a defendant did not technically ‘initiate’ a communication—an important practical point for cases involving intermediaries or layered vendor chains.
Volume-based triggers for harsher penalties
Specifies three concrete volume thresholds—100,000 calls in 24 hours, 1,000,000 calls in 30 days, and 10,000,000 calls in a year—that automatically qualify an offense as aggravated. For enforcement, these bright-line numbers simplify charging decisions but raise evidentiary questions about how to count calls (attempts vs. completed communications, duplicates, cross-jurisdiction transmissions) and which entity in a chain of suppliers carries culpability when many parties touch a campaign.
Higher statutory fines for spoofing and false caller-ID information
Amends section 227(e)(5) to raise two references to $10,000 fines for providing inaccurate caller-identification information to $20,000. This increases civil monetary exposure for wrongful spoofing and creates a larger financial disincentive for entities that manipulate or falsify caller ID records. The provision does not create a new criminal offense for spoofing by itself, but it elevates the civil penalty landscape that operates alongside the new criminal subsection.
This bill is one of many.
Codify tracks hundreds of bills on Privacy across all five countries.
Explore Privacy in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Consumers fed up with unwanted automated calls and texts — the combination of criminal penalties for willful misconduct and higher spoofing fines raises the potential deterrence level against large-scale robocall operations.
- Federal and state prosecutors — the bill supplies a clear criminal statute and bright-line numeric triggers that simplify decisions about charging and prioritizing enforcement against high-volume offenders.
- Telecom carriers and certified intermediaries that invest in caller-ID authentication (STIR/SHAKEN) and compliance programs — stronger penalties make investments in authentication and vendor controls comparatively less risky and more valuable.
Who Bears the Cost
- Commercial telemarketers, political campaigns, debt collectors, and other organizations that rely on autodialers — they face heightened risk of criminal exposure for willful violations and greater civil fines for spoofing, which increases compliance and legal costs.
- Third-party calling platforms and VoIP providers — they will likely bear higher operational and contractual compliance burdens as clients insist on stricter vendor controls and as prosecutors and plaintiffs probe provider roles in mass-calling chains.
- Courts and prosecutorial offices — criminalizing conduct previously addressed almost exclusively through civil litigation could shift significant caseloads to criminal dockets and require resources for investigation, technical evidence handling, and prosecution.
Key Issues
The Core Tension
The central tension is between stronger deterrence against mass, malicious robocalls and the risk of criminalizing a broad swath of automated communications—potentially chilling legitimate, low-risk uses and imposing heavy investigative burdens on prosecutors—because the bill favors bright-line punishments over nuanced, context-sensitive enforcement.
The bill trades a predominantly civil enforcement regime for a hybrid model that includes criminal liability, but the statute’s utility depends on prosecutorial interpretation and proof dynamics. ‘‘Willfully and knowingly’’ raises the mens rea threshold, which protects some well-intentioned actors but also requires prosecutors to marshal stronger evidence (internal records, vendor contracts, intent evidence) than typical civil cases. At the same time, the statute’s broad definitions—treating texts and messages to emergency numbers as ‘calls’—could sweep in communications that were never targeted at consumers, creating risk for emergency service providers and legitimate automated alerts.
The numeric volume thresholds provide clarity for large-scale operations, but counting methodology is unresolved: the bill does not specify whether thresholds count call attempts, completed connections, unique recipients, or repeated attempts to the same numbers. That ambiguity matters when campaigns use retries, layered suppliers, or list scrubbing.
Similarly, the $5,000 aggregate-loss trigger is low enough to be met by many nuisance schemes, but the bill leaves open how ‘‘loss’’ is defined—monetary charges, documented time costs, or statutory damages—and who bears the burden of proving actual losses. Finally, increasing civil fines for inaccurate caller ID raises questions about double exposure: entities could face civil penalties and criminal charges arising from the same conduct, which raises due process and fairness concerns if not carefully applied.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.