Certification Effort Doomed by Reconsent in Internal DNC SMS TCPA

Picture this: you finally get a customer to reply STOP to your marketing texts. You breathe a sigh of relief, your compliance team high-fives, and your SMS platform sends the classic confirmation: “You’re unsubscribed and will no longer receive messages.”

Then… your system keeps texting anyway.

That’s not just awkward. Under the Telephone Consumer Protection Act (TCPA) and the FCC’s implementing rules, continuing to send telemarketing texts after an opt-out can trigger statutory damages, turn a customer complaint into a lawsuit, andif the facts line upinvite a class action that makes everyone in the room suddenly obsessed with spreadsheets.

But here’s the twist that makes this story more than a simple “STOP means stop” morality play: reconsent. In one recent federal case, a plaintiff’s attempt to certify an “internal do-not-call (DNC)” SMS class ran into a brick wall because many class members may have reconsented to receive messages after opting out. The court’s message was clear: when consent can change person-by-person, class certification gets a lot harder.

First, a quick translation: “DNC” doesn’t mean what your political-group-chat thinks it means

In this context, DNC means Do Not Calland yes, it can apply to texts in telemarketing litigation the same way callers and courts talk about “calls” broadly under the TCPA’s telemarketing framework.

There are two flavors people mix up:

1) The National Do Not Call Registry

This is the big, federal “please don’t telemarket me” list most consumers have heard about.

2) The internal (company-specific) DNC list

This is the one businesses control directly: when a consumer tells your company to stopby saying “don’t call,” replying “STOP,” or otherwise opting outyou’re expected to record that request and honor it. Even if you have an established business relationship, an entity-specific opt-out can shut the door on telemarketing to that person.

The case that sparked this article is about that second category: internal DNC requestsand what happens when a company allegedly keeps texting after the opt-out.

The case setup: a dealership, an opt-out, and a whole lot of texts

In Mitchell v. Toyota of Dallas (N.D. Tex. Oct. 28, 2025), the plaintiff bought a used car in 2018 and started receiving telemarketing text messages. On January 30, 2020, he opted out and received a confirmation text saying he was unsubscribed and would no longer receive messages.

But messages allegedly kept coming. And in 2021, he received a text that essentially tried to reopen the door with a consent-check prompt along the lines of: “Is texting the most convenient way of communicating with you? Reply YES to allow… Reply STOP to cancel.” Despite opting out (more than once), the plaintiff alleged he continued receiving telemarketing messages through 2023.

He didn’t just sue for his own phone. He sought to certify classes based on dealership records showing 16,546 text messages sent to 1,539 customers who had opted out.

If you’re doing the math the way class-action lawyers do: at $500 per violation, 16,546 messages is $8,273,000. If willfulness enters the chat and damages are trebled to $1,500, the number gets spicy fast. That’s why certification is the whole ballgame: it’s the difference between a dispute and a disaster movie.

Why certification was “doomed”: predominance and cohesiveness couldn’t survive reconsent

Class certification under Rule 23 isn’t just “we all got texts.” The court has to decide whether the class is sufficiently cohesive (especially for injunctive-style relief) and whether common issues predominate over individualized ones (for damages classes).

In this case, the court focused on a practical reality: consent is individualized. And even more specifically, reconsent is individualized.

The plaintiff’s plan: identify class members from the internal DNC list and call logs

The plaintiff relied on an expert methodology that used the defendant’s internal do-not-call list and contact logs to identify people who received telemarketing texts after opting out. On paper, it sounds clean: you opted out, you’re on the internal DNC list, you got texts laterclass member!

But the court wasn’t convinced the plan could avoid mini-trials.

The defendant’s counterpunch: people can reconsent in many different ways

The dealership argued that putative class members could have reconsented after opting out through ordinary, messy real life. Examples included:

• Inbound calls to the dealership (where a number is provided and the customer asks for follow-up),
• Visits to the dealership (where contact info is updated or confirmed), and
• Third-party platforms like vehicle-shopping or lead providers (where consumers submit info that can flow to dealers).

The defendant’s expert reportedly sampled a set of phone numbers and found many had activity in internal work notessuggesting reengagement, possible reconsent, or other factors that could knock them out of the proposed class or change whether the messages were unlawful as to them.

That matters because once you admit “some people reconsented,” you’ve created a big individualized question: who reconsented, how, when, and to what?

The second problem: business numbers and class definition headaches

The court also flagged an additional practical problem: distinguishing business numbers from consumer/residential numbers. If the method can’t reliably sort “this is a business line” from “this is a consumer line,” then determining membership and liability can require individualized reviewagain undermining predominance.

Put simply: the court concluded that the proposed class was not sufficiently cohesive and that individualized issues of consent would predominateso certification was denied.

Reconsent: the compliance concept that sounds simple and behaves like glitter

In the SMS world, consent is not a single checkbox living a quiet life in a database. It’s more like a trail of breadcrumbs across systems that don’t always talk to each other.

Reconsent happens when someone who previously opted out later takes an action that could reasonably be interpreted (or argued) as permission to receive messages again. Here are a few real-world examples that create reconsent disputes:

Example A: The “Reply YES” confirmation trap

A company sends a message asking the consumer to confirm texting is okay and invites them to reply YES. If someone replies YES after opting out, that looks like reconsent. But plaintiffs may argue the message itself was unlawful, confusing, or not properly authorized. Courts may end up digging into the timing, content, and context of that YES.

Example B: The “You called us” scenario

A customer calls the business, asks for a quote, and confirms their number. The business argues that follow-up texts are expected. The customer argues they opted out and the opt-out should still control. Resolving that can require individualized evidence.

Example C: The third-party lead puzzle

A customer fills out a form on a shopping platform and checks a box about being contacted. The dealer gets the lead and texts. Was consent valid? Was it seller-specific? Was it clear and conspicuous? Did it include telemarketing disclosures? Again: individualized proof.

When a putative class involves thousands of consumers who arrived via different channelswalk-ins, service appointments, trade-in tools, online listings, lead partnerscourts often view consent as the kind of issue that can splinter a class into thousands of “one-person cases.”

“Fine, we’ll exclude people who reconsented.” Not so fast.

When plaintiffs see consent problems coming, they often try to solve it with a clever class definition. In this case, the plaintiff attempted to narrow the class by excluding consumers who had a signed written agreement reconsenting to receive telemarketing messages.

But that didn’t fix the core issue: reconsent can exist in forms other than a neat signed agreement, and the methodology still didn’t reliably separate consumers from businesses. So the court concluded the individualized consent questions still predominated.

This is a recurring theme in TCPA certification fights:

• If the class definition is broad, consent defenses explode predominance.
• If the class definition tries to exclude consent, it can create administrative problems (and sometimes “fail-safe” issues).
• If the identification method can’t reliably determine who fits without individual review, certification struggles.

Where “internal DNC” rules and modern revocation expectations collide

Internal DNC compliance is supposed to be the easy part: record opt-outs and stop. But regulators have made consumer revocation easier and fasterand that raises the stakes for sloppy systems.

In 2024, the FCC adopted rules clarifying that consumers can revoke consent in any reasonable manner and requiring callers/texters to honor certain do-not-call and revocation requests within no more than ten business days of receipt (with the effective date for some provisions tied to separate administrative steps). The FCC also limited texters to a one-time confirmation text after an opt-out requestso you can say “confirmed,” but you can’t keep the conversation going like a clingy ex.

Why does that matter for certification? Because tighter compliance expectations make recordkeeping more important. If your systems can show a clean opt-out, a clean confirmation, and a clean suppression across channels, you reduce both liability risk and uncertainty. But if consent and revocation are fragmented across platforms, you create the kind of individualized questions courts worry about.

Practical lessons for businesses: how to keep reconsent from becoming your class-action villain

This article isn’t legal advice, but it does point to operational moves that reduce risk and reduce litigation chaos.

1) Treat “STOP” as a global event, not a channel-specific suggestion

If someone opts out by text, they should be suppressed across your marketing systemsnot just one campaign, not just one vendor, and definitely not “until the next CRM sync.”

2) Define what counts as reconsentand document it

If you allow reconsent, decide what signals are acceptable (reply YES, signed form, etc.) and what signals are not (a random inbound call that never discussed marketing texts). Then document those rules so you can apply them consistently.

3) Maintain a single source of truth for consent status

The fastest way to create “individual issues” is to have consent stored in five places with five different timestamps. Centralize consent logs and include: date/time, method, language shown, and the number used.

4) Be careful with “permission-check” texts

Those “Is texting convenient?” messages may feel friendly, but in litigation they can look like telemarketing messages themselvesespecially if sent after an opt-out. If you’re going to use them, make sure they’re compliant, necessary, and aligned with your opt-out rules.

5) Vet third-party lead flows like your liability depends on it (because it might)

If leads come from outside platforms, capture the exact consent language presented to the consumer, including disclosures. If you can’t prove what the consumer saw, you may end up arguing about it laterone person at a time.

Practical lessons for plaintiffs: why “everybody got texts after STOP” still isn’t automatically a class

The instinct behind these cases is understandable: if a company kept texting people who opted out, the harm feels uniform. But certification isn’t about vibesit’s about proof.

To certify an internal DNC SMS class, plaintiffs often need to show that:

• Class membership can be determined reliably from records,
• The key liability question can be proven with common evidence, and
• Consent (including reconsent) can be resolved without individualized inquiries.

When the defendant can point to a web of reconsent pathwaysstore visits, inbound calls, lead sources, service appointmentscourts may conclude that the case can’t be tried “all at once” without turning into thousands of mini-hearings.

The takeaway is not that internal DNC claims are weak. It’s that class certification is a separate, demanding stepand reconsent is a frequent certification killer.

Why this matters beyond one dealership: consent is the battleground of TCPA class actions

Zooming out, this decision fits a broader pattern in TCPA litigation: consent is often the make-or-break issue at certification.

Courts regularly ask: can we determine consent (or revocation) class-wide from reliable business records, or will we need individualized testimony? When the answer leans toward individualized proof, certification becomes an uphill climb.

At the same time, TCPA law continues to evolve. The Supreme Court has also held that district courts are not automatically bound by certain agency interpretations under the Hobbs Act framework in TCPA enforcement contextsan outcome that could increase litigation variability depending on which interpretations a given court finds persuasive. That background uncertainty makes it even more important for businesses to build conservative, well-documented compliance practices rather than relying on “everybody does it this way.”

Conclusion: reconsent can save a defendant, but it’s not a compliance strategy

The headline lesson of this “internal DNC SMS TCPA” certification fight is almost painfully practical: when people can reconsent in different ways, consent becomes individualizedand individualized issues can block class certification.

For defendants, reconsent evidence can be a life raft when a class action looks inevitable. For plaintiffs, reconsent is a warning sign that the class definition and proof model need to be airtight. And for everyone who touches marketing texts, the compliance message remains simple even if the systems are not: document consent, honor opt-outs fast, and don’t let your “STOP” process depend on luck, memory, or one overworked spreadsheet named “FINAL_FINAL2.xlsx.”

Experience-Based Field Notes ()

If you’ve ever sat in a meeting where someone says, “We’re definitely honoring opt-outs,” and the compliance person quietly whispers, “In which system?”welcome to the real world of internal DNC SMS compliance.

One of the most common “how did this happen?” moments comes from perfectly normal business growth. A company starts with one texting vendor. Then marketing adds a second platform “just for service reminders.” Then the CRM team turns on automated follow-ups. Then a third-party lead provider starts pinging the sales desk. Nobody is trying to spam anyone; everyone is trying to hit their monthly numbers. But opt-outs don’t magically teleport across tools unless someone builds that bridge on purpose.

In practice, reconsent fights often begin with a timeline exercise that feels like detective work. You line up the opt-out timestamp, the confirmation message, and the next text that shouldn’t have been sent. Then you discover there was a dealership visit, a trade-in inquiry, or a lead form submission in between. Suddenly, “They texted after STOP” turns into “Did the consumer reengage, and did that reengagement authorize texts again?” Those aren’t philosophical questionsthose are questions about logs, scripts, forms, and whether the business can prove what happened.

Another real-world wrinkle: “YES” is not a magic word unless you can show what question it answered. If your system stores only that someone replied YES, but doesn’t preserve the message that prompted it, you may end up arguing about context later. Was it a consent request? A customer-service prompt? A two-factor login? (Okay, maybe not at a car dealershipbut you get the point.) Clean recordkeeping turns “maybe” into “here’s the proof.”

Teams that handle this well typically do three things consistently. First, they treat opt-out as a global suppression flag that flows to every outbound marketing channel. Second, they create a clear internal definition of what counts as reconsentpreferably something that leaves a paper trail, like a written consent workflow or a verified “reply YES” sequence that is preserved and auditable. Third, they run routine audits, because the fastest way to find a broken suppression rule is to look for it before the plaintiff’s expert does.

Finally, and maybe most importantly, they train front-line staff not to “fix” consent manually. It’s tempting for a well-meaning employee to say, “Oh, you want updates? I’ll just add you back.” But if that action isn’t captured as compliant consent, it can create exactly the kind of individualized uncertainty that complicates litigation and undermines trust.

Reconsent can be a legitimate consumer choice. The operational challenge is proving it cleanlyevery timewithout turning your consent story into a choose-your-own-adventure book.