FCC Robocall and AI-Call Disclosure Rules: What Changed 2024-2026

On February 8, 2024 the FCC ruled that AI-generated voices are "artificial" under the TCPA, effective immediately. In September 2024 the FCC proposed mandatory at-call AI disclosure. The 2026 rule is unsettled, but the prudent default is: disclose, get consent, offer opt-out. Every time.

What the rule says

flowchart LR
  UA[SIP UA] -- REGISTER --> Reg[Registrar]
  UA -- INVITE --> Proxy[SIP Proxy]
  Proxy --> Dispatcher[Kamailio dispatcher]
  Dispatcher --> Worker1[FreeSWITCH worker]
  Dispatcher --> Worker2[FreeSWITCH worker]
  Worker1 --> AI[(AI agent)]
  Worker2 --> AI

The FCC's February 8, 2024 Declaratory Ruling (FCC 24-17) confirmed that the TCPA's restriction on "artificial or prerecorded voice" calls covers calls that use AI to generate or clone human voices. Effective immediately, AI-voice calls require prior express consent (or prior express written consent if the message is telemarketing), must identify the entity responsible for the call, and must offer opt-out methods. The September 10, 2024 Notice of Proposed Rulemaking (FCC 24-84) goes further: it proposes a definition of "AI-generated call" and a requirement that callers disclose AI use both at the time of consent and at the start of the call. As of May 2026 the NPRM has not been finalized into a binding rule, but enforcement on the underlying TCPA prohibition is active.

What it means for AI voice agent operators

The 2024 ruling was effective immediately and the FCC has used it. If your AI voice agent makes outbound calls in the US without prior express consent for an "artificial voice" call, you are violating the TCPA. Penalties are $500-$1,500 per call (treble for willful), with no statutory cap.

For inbound, the rule is more permissive: the called party initiated the contact, so consent issues are weaker, but state laws (notably California's bot-disclosure law for sales) can still bite. A safe default is a one-line AI disclosure inside the first ten seconds: "This is an automated assistant from Acme Clinic; this call may be recorded." That single line satisfies the FCC's three-part identification + AI-disclosure + recording-notice stack in California, Florida, Illinois, and most other US states.

For outbound, you need (1) prior express consent (or PEWC for telemarketing), (2) DNC scrubbing within 31 days, (3) calls only between 8am and 9pm local to the called party, (4) honor revocations within 10 business days, and (5) immediate stop on a "stop calling" verbal instruction.

How CallSphere stays compliant

CallSphere's AI agents announce themselves on every inbound call. The standard opener for Healthcare AI is: "Hi, this is the AI assistant for {practice_name}; this call may be recorded for quality and to confirm your appointment." Sales Calling AI on outbound flows opens with the practice name, the AI disclosure, and an explicit "Is now a good time?" pause. The Sales product runs a maximum of 5 concurrent outbound calls per tenant on Twilio and writes a TCPA opt-out path into every conversation: any "stop calling", "remove me", or "do not call" utterance triggers an immediate suppression-list write and ends the call. Healthcare is HIPAA and SOC 2 aligned. All six verticals run on Twilio with STIR/SHAKEN Level A signing through Twilio Trust Hub, across 50+ businesses, 4.8/5 average rating, and a 14-day trial.

Compliance checklist

1. Capture prior express written consent (PEWC) for telemarketing AI calls; PEC for informational.
2. Disclose "this is an automated/AI assistant" inside the first 10 seconds of the call.
3. Identify the calling entity by legal name in the same opening.
4. Provide a verbal opt-out method ("say stop or press 9 to be removed").
5. Honor opt-outs within 10 business days; ideally instantly.
6. Scrub the National DNC and any state DNCs every 31 days.
7. Honor curfew (8am-9pm local to the called party).
8. Keep consent records for at least four years (TCPA SOL is four years federal, longer in some states).
9. Do not use a cloned voice of a living person without their explicit consent.
10. Log every call: caller ID, attestation, AI model, consent reference, disposition.
11. Suppress on inbound complaints; pipe complaints to a human review queue.
12. Monitor FCC enforcement bureau orders and TCPA class-action filings monthly.

FAQ

Does the February 2024 ruling cover conversational AI agents like CallSphere, or only prerecorded clones? The FCC's language is broad: any technology that artificially generates or simulates a human voice. Conversational AI is in scope.

Is identifying as "an automated assistant" enough, or do I have to say "AI"? The 2024 ruling does not require the literal word "AI". The 2024 NPRM proposes that, but it is not yet a final rule. "Automated assistant" plus the entity name is currently sufficient.

Do I need separate consent for AI calls if I already have written consent for "calls and texts"? The conservative answer is yes if your prior consent did not contemplate artificial or prerecorded voice. Update your consent language and re-collect on the next interaction.

What about callbacks and warm transfers? A callback initiated by the AI to a customer who provided a phone number to your business and asked for a call is generally fine; no extra consent needed beyond the existing relationship. Outbound cold calling is the regulated case.

Are there exemptions for healthcare? Limited. Appointment reminders, prescription notices, and similar healthcare informational calls have a TCPA carve-out under the 2012 FCC rules but the AI-voice ruling still applies; you need consent to use an artificial voice for those calls in the first place.

Sources

• FCC: TCPA Applies to AI Technologies that Generate Human Voices (Feb 8, 2024)
• Federal Register: Implications of AI Technologies (NPRM, Sept 2024)
• FCC: Makes AI-Generated Voices in Robocalls Illegal

Try CallSphere on a 14-day trial, see pricing, or visit /about for the team.