All Articles

The New Gatekeepers: How Industry Self-Regulatory Organizations Are Reshaping Lead Generation

The New Gatekeepers: How Industry Self-Regulatory Organizations Are Reshaping Lead Generation

Lead generation is transforming faster than regulators can respond. As agentic commerce and AI rewrite the rules of digital engagement, the industry’s only viable governance comes from within.

The lead generation industry – valued at $5-10 billion depending on methodology, within a broader performance marketing ecosystem estimated at $13-14 billion in annual spend – faces an existential reckoning. Explosive growth in TCPA litigation (up 95% year-over-year), increasingly aggressive carrier call blocking, and regulatory uncertainty following the January 2025 vacatur of the FCC’s one-to-one consent rule have created conditions demanding new approaches to industry governance.

At stake is not simply compliance posture but institutional speed. The market is changing faster than formal governance can adapt, and the evidence points to a difficult conclusion: for this transition period, practitioner-led self-regulation appears to be the only mechanism with both the technical literacy and operational pace to keep the landscape fair and workable in real time.

Two trade organizations – R.E.A.C.H. (Responsible Enterprises Against Consumer Harassment) and PACE (Professional Association for Customer Engagement) – attempted to fill the regulatory vacuum through industry self-regulation. Their efforts drew on the OECD’s analytical framework for evaluating self-regulatory effectiveness, historical case studies of failed telemarketing self-regulation (notably the Direct Marketing Association’s Telephone Preference Service, 1985-2003), and the hard realities of a market that had outrun its regulators. R.E.A.C.H. remains active; PACE announced on November 8, 2023 that meetings and member services would cease effective immediately.

The results so far are mixed but notable. R.E.A.C.H.’s standards have been cited in TCPA litigation as evidence that compliant telemarketing is achievable — defense attorneys at Troutman Amin, LLP report that no R.E.A.C.H. member has appeared as a defendant in the firm’s extensive TCPA docket. The organization has engaged extensively with the FCC through formal comments and ex parte meetings. Technology infrastructure (consent verification, fraud detection) now enables objective compliance measurement unavailable to earlier self-regulatory efforts. But fundamental challenges persist: free-rider problems, limited enforcement authority, and the absence of formal government recognition as a safe harbor.

And beyond these immediate challenges lies a structural inflection point: agentic commerce and AI-mediated consumer interactions threaten to displace the lead generation model entirely – raising the question of whether self-regulatory organizations may be the only institutions positioned to govern the transition.

When Eric Troutman, one of the nation’s most prominent TCPA defense attorneys, addressed the lead generation industry’s challenges in early 2023, he delivered a message that landed like a grenade: “This is an industry that has completely failed to effectively self-regulate.”

It wasn’t hyperbole. The Federal Communications Commission was moving to effectively shut down the comparison-shopping website model that had powered billions of dollars in consumer lead generation. Class action lawsuits under the Telephone Consumer Protection Act had exploded nearly 95% year-over-year. Carriers were blocking legitimate business calls at unprecedented rates. And the industry’s existing trade associations had been largely absent from the regulatory fight that would determine its future.

Troutman’s solution was audacious: create a new trade organization from scratch – one that would set standards exceeding legal requirements, advocate before regulators, and fundamentally change how the lead generation industry governed itself. He called it R.E.A.C.H. – Responsible Enterprises Against Consumer Harassment.

Three years later, the experiment in industry self-regulation is yielding results that have surprised even its critics. The organization has grown to include many of the industry’s major players. Its standards have been cited in TCPA litigation as evidence that compliant telemarketing is possible — with defense practitioners noting that R.E.A.C.H. members have not appeared as litigation targets. And when the FCC’s landmark one-to-one consent rule was unexpectedly vacated by the courts in January 2025, R.E.A.C.H.’s framework provided the operational certainty that federal regulation no longer could.

But the story of self-regulation in lead generation is far more complex than one organization’s success. It’s a story about an industry at a crossroads, caught between the economic necessity of connecting consumers with businesses and the public’s deep frustration with unwanted calls and texts. It’s about the fundamental tension between government oversight and private governance. And it’s about whether industries that have historically failed to police themselves can learn from those failures and build something better.

This is the inside story of how the lead generation industry is attempting to regulate itself – and what it means for the future of performance marketing, consumer protection, and the evolving relationship between business and government in America.

1. An Industry in Crisis

The Multi-Billion Dollar Problem

The lead generation industry operates largely in the shadows of American commerce, yet its economic footprint is substantial. Every day, millions of consumers fill out online forms seeking quotes for insurance, solar panels, home services, debt relief, and dozens of other products and services. Their contact information flows through a complex ecosystem of publishers, aggregators, ping-post networks, and ultimately to the businesses eager to turn those inquiries into sales.

The numbers are significant, though estimates vary by methodology. Market research firms value the lead generation solutions market at $5-10 billion annually, with projections suggesting growth to $15-32 billion by the early 2030s. The broader performance marketing sector – including affiliate marketing and related channels – generated approximately $13.6 billion in U.S. spending in 2024 according to the Performance Marketing Association’s industry study. Millions of Americans work directly or indirectly in telemarketing and related fields. For many small businesses – from local insurance agencies to home improvement contractors – purchased leads represent their primary customer acquisition channel.

But by the early 2020s, this economic engine was sputtering under the weight of its own excesses. The same technology that enabled legitimate businesses to efficiently connect with interested consumers had also empowered bad actors to flood Americans’ phones with unwanted calls and texts. Robocalls reached epidemic proportions, with Americans receiving an estimated 50.3 billion robocalls in 2022 according to the YouMail Robocall Index – a figure that has remained stubbornly above 50 billion annually through 2025. Consumer complaints to the FCC and FTC reached all-time highs. Trust in telemarketing – never particularly strong – collapsed to historic lows.

The paradox was structural: an industry that delivered genuine value to consumers when it worked right was causing genuine harm when it didn’t. And by 2023, the harm had become impossible to ignore.

The Regulatory Reckoning

The federal government’s response came in waves. The TCPA, originally passed in 1991 to address the nuisance of junk faxes and robocalls, had evolved through FCC interpretation into a comprehensive framework governing virtually all commercial telephone communications. Its provisions requiring “prior express written consent” for autodialed or prerecorded calls created both consumer protections and a litigation goldmine for plaintiff’s attorneys.

By 2023, TCPA class action lawsuits had become a cottage industry. According to WebRecon’s litigation tracking data, 1,052 TCPA class actions were filed in the first half of 2025 alone – a 95.2% increase over the same period the prior year. Individual statutory damages of $500-$1,500 per call or text meant that even routine compliance failures could result in eight-figure settlements. Companies that had operated for years without incident suddenly found themselves defending lawsuits that threatened their existence.

But it was the FCC’s December 2023 rulemaking that truly threatened to upend the industry’s business model. Responding to a petition from consumer advocacy group Public Knowledge, the Commission adopted new rules requiring “one-to-one” consent for telemarketing calls and texts. Under the new framework, comparison-shopping websites could no longer obtain blanket consent on behalf of multiple advertisers. Each business that wanted to contact a consumer would need to be individually identified and specifically authorized – a requirement that would effectively eliminate ping-post lead distribution, co-registration, and most forms of lead aggregation.

“Ping post is dead,” Troutman wrote bluntly when the rule was announced. “As are almost all brokers. Multi-vertical leads are dead. Co-reg is dead. Aged leads are dead.”

The rule was scheduled to take effect on January 27, 2025, giving the industry barely a year to fundamentally restructure its operations – or shut down.

The Advocacy Vacuum

As the regulatory walls closed in, industry participants looked to their trade associations for help. What they found was largely silence.

The lead generation industry had never developed the kind of unified advocacy infrastructure that characterized more established sectors. The Direct Marketing Association (now the Data & Marketing Association) had historically represented direct marketers, but its focus had shifted toward digital advertising and data practices. The American Teleservices Association advocated for contact centers but lacked the resources to mount a comprehensive regulatory campaign. Various vertical-specific associations – for insurance, solar, home services – addressed their members’ narrow interests but rarely coordinated on cross-cutting regulatory issues.

“Very few companies engaged when the FCC asked for comment on these issues,” Troutman observed. “I tried. But folks just didn’t listen.”

The comment period for the one-to-one consent rule illustrated the problem starkly. While consumer advocacy groups flooded the FCC with arguments for stricter regulation, industry response was scattered and uncoordinated. Individual companies filed comments defending their particular business models, but there was no unified industry voice articulating how legitimate lead generation served consumer interests or proposing alternative approaches that might address the Commission’s concerns.

Into this vacuum stepped a handful of determined industry participants who recognized that if they didn’t organize to save their industry, no one else would.

2. The Self-Regulatory Response

The Birth of R.E.A.C.H.

The seeds of R.E.A.C.H. were planted in early 2022, when Troutman began convening informal discussions among compliance-minded lead buyers about the industry’s trajectory. The conversations revealed a common frustration: responsible operators were being tarred with the same brush as fraudsters and fly-by-night operations. Legitimate businesses that invested in compliance infrastructure found themselves competing against companies that cut corners on consent, sold leads of dubious quality, and disappeared when lawsuits arrived.

“I’ve been trying to clear up this industry for a couple of years now,” Troutman explained, “recognizing that there is REAL value to consumers when things are done right. But there is REAL detriment when things are done wrong. And this is an industry that has COMPLETELY failed to effectively self-regulate in my opinion – which is why I created a trade organization to REALLY DO THE JOB.”

The organization that emerged – formally incorporated as a California Nonprofit Mutual Benefit Corporation – was designed to be fundamentally different from traditional trade associations. Rather than simply lobbying for favorable treatment, R.E.A.C.H. would establish binding standards that exceeded legal requirements. Members who violated those standards would face expulsion and public disclosure. The goal was not just to advocate for the industry, but to fundamentally change how it operated.

The founding principles reflected lessons learned from the industry’s failures. R.E.A.C.H. would require third-party consent verification using MRC/TAG-certified fraud detection technology. It would limit call frequency and contact attempts far below what the law allowed. It would prohibit prerecorded voice messages for initial contact. And it would mandate clear, conspicuous disclosures that went well beyond regulatory minimums.

“The R.E.A.C.H. standards stand far and above industry practices and the requirements of the law,” Troutman declared when the organization formally launched its standards. “The standards reflect our continued commitment to assuring consumer contact preferences are honored and consumer privacy is protected.”

Building the Coalition

Assembling a coalition of competitors to accept binding restrictions on their business practices required a combination of persuasion and practical necessity. Troutman’s arguments resonated with executives who had watched the regulatory environment deteriorate and recognized that the status quo was unsustainable.

The founding board reflected the industry’s key constituencies. Angela Tesi, founder of compliance consulting firm TESICO, brought deep expertise in digital marketing compliance. Gayla Huber, president of compliance monitoring firm IntegriShield, contributed experience in detecting and remediating marketing violations. Ron Allen, CEO of Contact Center Compliance (DNC.com), had spent two decades helping companies navigate telemarketing regulations. Nima Hakimi, CEO of dialer software company Convoso, represented the technology providers whose platforms powered the industry.

ActiveProspect, whose TrustedForm product had become the industry standard for consent verification, joined as a board member – a significant endorsement that signaled the compliance technology sector’s buy-in.

The value proposition for members was multifaceted. Beyond the litigation risk reduction that came from exceeding legal requirements, R.E.A.C.H. promised something potentially more valuable: differentiation in a marketplace increasingly suspicious of lead generation practices. Members could point to their certification as evidence of their commitment to responsible operations. And Troutman dangled the prospect of even greater benefits: if R.E.A.C.H. could convince carriers to whitelist member traffic, the call blocking and spam labeling that plagued legitimate callers might finally ease.

“Plus with plans on the way to push the carriers to greenlight R.E.A.C.H. member traffic and push for regulatory approval of R.E.A.C.H. standards, R.E.A.C.H. membership really stands apart as a TREMENDOUS value prop,” Troutman wrote when launching the organization’s website.

The Regulatory Pivot

From its inception, R.E.A.C.H. positioned itself not as an opponent of regulation but as a partner to regulators. The organization’s first major action was filing detailed comments with the FCC in May 2023, urging the Commission to adopt R.E.A.C.H. standards as a safe harbor for compliant lead generation – while simultaneously supporting enforcement against bad actors.

The comment – drafted pro bono by Troutman’s law firm, Troutman Amin, LLP – laid bare the industry’s problems with unusual candor for a trade association filing. It acknowledged the abuses that had prompted regulatory action. It detailed specific bad practices that legitimate operators wanted eliminated. And it argued that industry self-regulation, backed by meaningful enforcement, could achieve consumer protection goals more effectively than prescriptive government rules.

“And yes…Troutman Amin, LLP did this all for FREE,” Troutman noted. “Not one dollar was charged to anyone or received from any company for our work on behalf of R.E.A.C.H. We do it because we have a civic responsibility to stop unwanted robocalls, on the one hand, and prevent detrimental governmental overreach, on the other.”

The comment generated significant attention within the FCC, leading to a series of ex parte meetings between R.E.A.C.H. representatives and staff from all five Commissioner offices. Between 2023 and 2024, the organization logged six formal meetings with Commission personnel, building relationships that would prove valuable as regulatory battles intensified.

R.E.A.C.H. was not the only organization attempting to impose order on the lead generation industry. The Professional Association for Customer Engagement (PACE), originally focused on contact center operations, had acquired the Consumer Consent Council (formerly the Leads Council) to expand its standards-setting efforts.

Under Executive Director Rob Seaver, PACE pursued a somewhat different approach. Rather than creating a single comprehensive framework, the organization developed layered standards that members could progressively adopt. Basic membership required adherence to existing legal requirements. Higher tiers of certification demanded compliance with increasingly stringent best practices.

In December 2022, the Consumer Consent Council announced the completion of “Phase I” of its plan to create a formal Self-Regulatory Organization (SRO) – borrowing terminology from the financial services industry, where FINRA provides a model of industry self-governance operating under government oversight.

“Working with performance marketing industry participants, outside advisors, and regulators, the Council has developed draft Best Practices,” the announcement stated. “These are designed to augment the existing Standards each member has already pledged to comply with.”

The Best Practices addressed the gap between legal compliance and consumer expectations that had become increasingly apparent. As Seaver explained: “Our members comply with the law and their contractual obligations, but that may not be enough in all cases to meet consumer and regulatory expectations. We believe the Best Practices will bridge that gap.”

PACE’s framework emphasized elements that complemented R.E.A.C.H.’s approach: independent third-party lead verification, clear disclosure of privacy policies and terms, contractual restrictions on downstream data resale, and prohibitions on coercive consent practices. The overlap suggested an emerging industry consensus on what responsible lead generation should look like.

“The actions of the regulators align with PACE’s mission to Self-Regulate against harmful Consumer practices,” Greg Gragg stated when the FTC announced enforcement actions against problematic lead generators. “As we approach the public unveiling of our SRO / Self-Regulatory-Organization standards, we will continue to work with regulators and federal and state law enforcement to ensure Consumers are protected against unfair and deceptive practices.”

That trajectory ended abruptly. On November 8, 2023, PACE announced that all day-to-day operations, meetings, and member services would cease effective immediately, with no successor standards body announced at that time. The result is that PACE’s framework remains instructive but incomplete: a meaningful design signal that did not mature into a sustained operating institution.

3. The Theory of Self-Regulation

Why Industries Regulate Themselves

The lead generation industry’s turn toward self-regulation reflects a pattern that has repeated across sectors and centuries. When businesses face mounting public criticism, government scrutiny, or the threat of punitive legislation, industry-led standards often emerge as a middle path between unregulated markets and prescriptive government control.

The Organisation for Economic Co-operation and Development (OECD), in its comprehensive 2015 report “Industry Self-Regulation: Role and Use in Supporting Consumer Interests,” identified the core functions that self-regulatory schemes can serve:

  • Filling regulatory gaps quickly. “The rapid change that businesses and consumers encounter in markets may require existing regulations to be changed or updated frequently,” the OECD observed. “However… the process for governments changing regulations may be a lengthy one. Processes overseen by industry may be more responsive and quicker.” This dynamic proved particularly relevant in lead generation, where technology evolved far faster than regulatory frameworks could adapt. By the time the FCC fully understood ping-post lead distribution, real-time bidding, or AI-powered lead scoring, the industry had moved on to new models. Self-regulatory bodies, staffed by industry practitioners, could respond to emerging practices in months rather than the years required for formal rulemaking.
  • Higher technical expertise. “The higher technical expertise of industries can make them better positioned to tailor rules and guidance to their specific situations,” the OECD noted. Lead generation involves arcane complexities that regulators struggle to fully grasp: the distinction between exclusive and shared leads, the implications of different consent verification methodologies, the technical requirements for TCPA-compliant autodialing, the nuances of state mini-TCPA laws. Industry-developed standards can address these specifics with precision that generic government rules cannot achieve.
  • Lower costs. “Studies on self-regulation indicate that it can often be less costly and less burdensome than government regulation… industry self-regulation is more cost effective since most of the regulatory costs would be borne by businesses rather than by the government.” For an industry operating on thin margins, the prospect of regulatory compliance costs being internalized rather than imposed through expensive government mandates held obvious appeal.
  • Pre-empting formal government regulation. “In a number of instances, ISR agreements were developed with a view toward avoiding more direct intervention by government. The ISR was viewed as a more flexible instrument that could be adapted more easily to deal with changing circumstances.”

The OECD noted that “self-regulation gives firms greater scope to influence the standards set” – a pragmatic recognition that industries would rather write their own rules than have rules written for them.

The Skeptic’s View

Critics of industry self-regulation, however, point to its inherent limitations and potential for abuse. The same factors that make self-regulation attractive to industry – flexibility, industry control, limited government oversight – can undermine its effectiveness as consumer protection.

Truth in Advertising, a nonprofit watchdog organization, offers a characteristically blunt assessment: “Self-regulators should not be viewed as inherently noble or harmful, but instead as more ambiguous organizations that likely serve to increase quality standards for consumers in an effort, spoken or unspoken, to limit or hold-off government scrutiny and oversight of their industry.”

The organization’s analysis identifies several structural weaknesses in self-regulatory schemes:

  • Conflict of interest. Organizations asked to police themselves may have incentives to conceal problems rather than address them. “If any organization, such as a corporation or government bureaucracy, is asked to eliminate unethical behavior within their own group, it may be in their interest in the short run to eliminate the appearance of unethical behavior, rather than the behavior itself.”
  • Free-rider problems. Voluntary standards can be undermined by competitors who refuse to participate, capturing market share while compliant firms bear compliance costs.
  • Enforcement limitations. Self-regulatory bodies typically lack the legal authority to compel compliance or impose meaningful penalties on violators.
  • Regulatory capture. When the same industry participants write the rules and enforce them, standards may drift toward protecting incumbent interests rather than serving consumers.

“Still, there remains a real question as to the extent to which an industry group will go in policing itself and curbing business practices that may be both lucrative and less than honorable,” Truth in Advertising observes.

The Historical Lesson: DMA’s Telephone Preference Service

For the lead generation industry, the cautionary tale of self-regulatory failure hits close to home. The Direct Marketing Association’s Telephone Preference Service, launched in 1985, represented exactly the kind of industry-led solution that R.E.A.C.H., and previously PACE, proposed. It failed – and that failure shaped everything that followed.

The Telephone Preference Service (TPS) gave consumers the opportunity to add their phone numbers to a list that DMA members agreed not to call. The system was free for consumers by mail, though online registration required a processing fee. Participation was voluntary for marketers. The DMA promoted TPS as evidence that industry self-regulation could address consumer concerns without government intervention.

The OECD’s assessment was damning: “In the consumer area, efforts to curtail deceptive billing practices and unwanted telemarketing calls in the United States through ISR agreements did not succeed, which resulted in the government having to intervene.”

Multiple factors contributed to TPS’s failure:

  • Limited participation. At its peak, TPS contained between 4.8 and 8 million phone numbers, according to varying contemporary accounts – a fraction of American households. Without comprehensive coverage, consumers who enrolled continued receiving calls from non-participating marketers.
  • Weak enforcement. The system lacked meaningful penalties for DMA members who called listed numbers. Without enforcement teeth, compliance was essentially voluntary.
  • Free-rider dynamics. Non-DMA members were not bound by TPS restrictions at all. As the most aggressive telemarketers tended to operate outside industry association structures, TPS did nothing to address the calls consumers found most objectionable.
  • Access friction. While mail registration was free, the barriers to enrollment – requiring consumers to write letters or pay fees for online registration – limited adoption.

The result was predictable. Consumer frustration with telemarketing continued to mount despite TPS’s existence. By 2003, the FTC had established the National Do Not Call Registry, a government-administered system with legal enforcement mechanisms. By November 2006, the DMA announced it would discontinue TPS, acknowledging the government system had superseded it. By 2007, according to the Economic Report of the President, approximately 72 percent of Americans had registered their numbers on the federal registry – coverage TPS never approached. As of September 2025, the FTC reported over 259 million active registrations.

“Fifteen years on, this registry has lost its way,” wrote one industry observer in 2018, noting that the government system had its own problems with data quality and fraudster circumvention. But the broader lesson was clear: voluntary self-regulation without meaningful enforcement and comprehensive coverage would not satisfy public demands for protection from unwanted calls.

4. Building a Better Framework

Learning from Failure

The architects of R.E.A.C.H.’s self-regulatory framework and PACE’s now-sunset framework studied the DMA’s failure carefully. Their designs explicitly addressed the weaknesses that had doomed the Telephone Preference Service.

Binding rather than voluntary standards. Unlike TPS, which simply requested member compliance, R.E.A.C.H. requires adherence to specific standards as a condition of membership. Members who violate the standards face expulsion and – critically – public disclosure of their violations.

“Members violating R.E.A.C.H. rules may face expulsion and public disclosure of their violations, reinforcing a commitment to ethical lead generation practices,” the organization’s materials state. The threat of reputational damage provides enforcement leverage that TPS lacked.

Standards exceeding legal requirements. TPS essentially asked members to honor consumer opt-outs that were already legally required under the TCPA’s company-specific do-not-call provisions. R.E.A.C.H. standards go substantially further, imposing restrictions on call frequency, consent verification methodology, and data handling that exceed what any law requires.

This approach serves multiple purposes. It differentiates members from merely compliant competitors. It provides a margin of safety against evolving legal interpretations. And it demonstrates to regulators that industry can achieve consumer protection goals without prescriptive mandates.

Third-party verification requirements. R.E.A.C.H. mandates independent verification of consent events – a technological enforcement mechanism that did not exist in TPS’s era. PACE’s framework similarly emphasized third-party verification before operations ceased. By requiring MRC or TAG-certified fraud detection and consent documentation, these frameworks create an audit trail that makes compliance (or non-compliance) objectively verifiable.

Proactive regulatory engagement. Rather than positioning self-regulation as an alternative to government oversight, R.E.A.C.H. explicitly seeks regulatory partnership. The organization’s FCC comments urged the Commission to adopt its standards as a safe harbor – effectively inviting government to validate and backstop industry self-governance.

The OECD Success Factors

The OECD’s research on effective self-regulation identifies several factors that correlate with successful outcomes. Examining R.E.A.C.H.’s current model alongside PACE’s historical model illuminates both the promise and limitations of lead generation self-regulation.

Industry self-interest alignment. “Businesses are more likely to support ISR agreements where there are clear benefits,” the OECD observes.

For lead generation companies, the benefits of self-regulatory membership are increasingly tangible. TCPA litigation risk dominates industry discussions; membership in an organization whose standards have been cited in defense strategies provides some insulation. Carrier relationships matter enormously as call blocking and spam labeling proliferate; the prospect of preferential treatment for certified member traffic creates powerful incentives. And differentiation from “questionable actors” has real market value as lead buyers scrutinize their supply chains more carefully.

“R.E.A.C.H. membership really stands apart as a TREMENDOUS value prop,” Troutman argues, and member companies increasingly agree.

Alignment of industry, government, and consumer interests. The most durable self-regulatory frameworks find common ground among all stakeholders rather than simply advancing industry interests.

R.E.A.C.H.’s positioning attempts this balance. Its standards protect consumers by limiting unwanted contact and ensuring consent validity. They serve legitimate industry participants by creating a framework for compliant operations. And they assist regulators by establishing enforceable standards that can be adopted as safe harbors, reducing the need for prescriptive rulemaking.

Whether this alignment proves sustainable remains to be seen. Consumer advocates remain skeptical of industry-led solutions, and regulatory priorities shift with administrations.

Effective compliance and oversight. “In the absence of effective enforcement and monitoring, participants might have little incentive to adhere fully to the scheme,” the OECD warns.

This remains perhaps the greatest challenge for lead generation self-regulation. R.E.A.C.H.’s enforcement mechanisms – expulsion and public disclosure – are meaningful but limited. The organization lacks authority to conduct audits, impose fines, or compel document production. Its effectiveness depends on members voluntarily maintaining compliance and on the market penalizing exposed violators.

The PACE/Consumer Consent Council model, with its tiered certification and SRO structure, pointed toward potentially stronger oversight. But the organization ceased operations before that model matured, underscoring how hard it is to fund and sustain compliance monitoring infrastructure in practice.

Stakeholder participation. The OECD emphasizes that “establishing a transparent, multi-stakeholder process for developing self-regulatory schemes could help enhance their objectivity, transparency and consumer trust in them.”

Here, lead generation self-regulation faces significant gaps. R.E.A.C.H. does not include formal consumer representation in its governance structure, and PACE did not institutionalize one before wind-down. This absence limits credibility with skeptics and may constrain acceptance as a regulatory alternative.

5. The January 2025 Earthquake

The Rule That Wasn’t

For more than a year, the lead generation industry had prepared for the FCC’s one-to-one consent rule to take effect on January 27, 2025. Companies had invested millions in compliance infrastructure. Business models had been restructured. Some firms had simply wound down operations, concluding that the new requirements made their businesses unviable.

Then, three days before implementation, everything changed.

On January 24, 2025, the Eleventh Circuit Court of Appeals issued its ruling in Insurance Marketing Coalition v. FCC. The decision was devastating for the Commission: the court vacated the one-to-one consent rule entirely, holding that the FCC had exceeded its statutory authority under the TCPA.

The ruling reflected the broader shift in judicial deference to administrative agencies following the Supreme Court’s 2024 decision in Loper Bright Enterprises v. Raimondo, which overturned the longstanding Chevron doctrine. Courts were no longer required to defer to agency interpretations of ambiguous statutes. The FCC’s creative reinterpretation of “prior express consent” to require one-to-one seller identification fell victim to this new judicial skepticism.

For the lead generation industry, the immediate reaction was relief. The existential threat had been lifted. Ping-post could continue. Lead aggregation remained viable. Comparison-shopping websites would not need to completely restructure their consent flows.

But the victory was pyrrhic in important ways. The legal landscape remained deeply uncertain. The FCC did not appeal the ruling or immediately attempt new rulemaking under different legal theories, instead pivoting toward its broader “Delete, Delete, Delete” deregulatory initiative later in 2025. State attorneys general retained authority to pursue enforcement under state consumer protection laws. And the TCPA’s private right of action meant that plaintiff’s attorneys could still argue that existing consent practices were inadequate – regardless of what the FCC had tried to require.

The Self-Regulatory Response

In this environment of legal uncertainty, the value of industry self-regulation became suddenly and dramatically apparent.

R.E.A.C.H. had designed its Standards V.2.0 to comply with the one-to-one consent rule while exceeding its requirements in other areas. When that rule was vacated, members faced a choice: relax their practices to pre-rule norms, or maintain the higher standards they had adopted.

The organization’s response was unambiguous. R.E.A.C.H. would maintain its existing standards and continue developing even more comprehensive requirements. On July 2, 2025, the board unanimously adopted Standards V.3.0, which incorporated lessons learned from the one-to-one consent debate while adapting to the post-vacatur legal environment.

“With the Supreme Court recently tossing most FCC guidance, the rules of the road for lead generators are murkier than ever,” Troutman observed when announcing the new standards. “Luckily the industry’s trade organization – Responsible Enterprises Against Consumer Harassment (R.E.A.C.H.) – has just released its third set of critical standards to help lead generators and lead buyers understand the rules of the road.”

The new standards continued to require clear, conspicuous disclosures with 10-point minimum font size. They mandated eight specific disclosure elements for lead forms, including statements about automated/AI voice calls, marketing purposes, the specific goods or services, identified marketing partners via hyperlink, consent duration and revocation methods, and assurances that consent is not a condition of purchase. They required third-party witness software validation using MRC/TAG-certified providers. They limited outreach to three calls and five total contact attempts per day. And they prohibited static prerecorded or artificial voice messages for initial contact within 180 days of membership – though notably permitting “dynamic AI generative voice communication.”

Standards V.3.0 also introduced several provisions reflecting lessons from industry experience. Section 11 established special requirements for Medicare leads, permitting beneficiary information transfer only via warm transfer following consumer-initiated contact or with direct one-to-one written consumer agreement. Section 12 categorically prohibited any form of oral opt-in – only written consent could constitute a valid lead. Section 16 banned sweepstakes or giveaway websites as consent sources except where the sweepstakes itself was the good or service sought. Section 18 required member lead buyers to transition fully to R.E.A.C.H.-conforming leads within 270 days of membership, with 90% adherence as grounds for expulsion. And Section 19 established that intentional or repeated violations resulting in expulsion could be publicly reported – creating reputational consequences beyond mere organizational exclusion.

Vice President Angela Tesi articulated the rationale: “By assuring compliant and consumer-friendly practices exceeding the requirements of law, R.E.A.C.H. members establish themselves as trustworthy players in an ecosystem full of questionable actors.”

Filling the Regulatory Vacuum

The one-to-one consent rule’s demise created a regulatory vacuum that self-regulation proved uniquely positioned to fill.

For companies seeking operational certainty, R.E.A.C.H. standards provided a framework when federal rules could not. Members knew what consent verification was required, what disclosures must appear, how many contact attempts were permitted. This certainty had real business value in an industry where regulatory ambiguity created constant litigation risk.

For lead buyers scrutinizing their supply chains, R.E.A.C.H. membership became a meaningful credential. When evaluating lead sources, buyers could require R.E.A.C.H. certification as a baseline quality indicator – outsourcing compliance verification to an industry body with expertise and incentives to maintain standards.

For regulators watching industry conduct, self-regulatory frameworks demonstrated that the sector could police itself when given the opportunity. This track record would matter when the FCC inevitably revisited telemarketing regulation.

“The R.E.A.C.H. Standards are proof that telemarketing can be done successfully and in compliance with the TCPA,” noted Steven L. Rozenfeld, an attorney at Troutman Amin, LLP. Rozenfeld, a TCPA defense attorney whose practice gives him direct visibility into litigation patterns, observed: “I have never had the occasion to name a R.E.A.C.H. member as a defendant.” The observation comes from the defense side of the bar, not from plaintiff’s counsel — but it reflects case-selection dynamics that defense practitioners track closely: R.E.A.C.H. members have not appeared as targets in the firm’s extensive TCPA docket.

6. The Regulatory Landscape in 2026

The “Delete, Delete, Delete” Initiative

The regulatory environment continues to evolve rapidly. In March 2025, FCC Chairman Brendan Carr launched the “Delete, Delete, Delete” initiative (GN Docket No. 25-133), inviting public input on identifying “unnecessary” FCC rules, regulations, and guidance “for the purposes of alleviating unnecessary regulatory burdens.” The response shaped an ambitious deregulatory agenda.

On October 28, 2025, the FCC unanimously adopted the “Caller Identification and TCPA Modernization” Further Notice of Proposed Rulemaking, representing potentially the most significant TCPA regulatory rollback in decades. The FNPRM addressed three major areas: enhanced call authentication through STIR/SHAKEN and Rich Call Data (RCD), new regulations targeting calls originating outside the United States, and substantial changes to existing TCPA rules.

The proposed changes directly implicated lead generation practices:

  • Revocation scope rules. The FCC proposed deleting or substantially modifying requirements that a single opt-out apply to all future communications from a caller regardless of subject matter. The existing “revoke all” rule has now been stayed twice, with the effective date pushed to January 31, 2027, as the FCC considers eliminating or fundamentally restructuring the provision. In a remarkable development, both industry groups (including the American Bankers Association) and the National Consumer Law Center jointly requested the extension, arguing the rule could inadvertently prevent consumers from receiving desired communications such as fraud alerts, appointment reminders, and account notifications.
  • Revocation methods. The NPRM sought comment on allowing callers to designate exclusive revocation methods rather than accepting “any reasonable means” – a change that could simplify compliance for legitimate marketers while potentially making opt-outs harder for consumers.
  • Caller ID requirements. Streamlined requirements would mandate only caller identification and callback number, removing obligations to provide business hours DNC request mechanisms.
  • STIR/SHAKEN and Rich Call Data enhancements. The FNPRM proposed requiring terminating providers to transmit verified caller identity information (name, and potentially logos) whenever they transmit A-level attestation – the highest authentication level. The proposal would require originating providers to verify the accuracy of caller identity information and seeks comment on mandating Rich Call Data (RCD) to display company logos alongside verified caller names. For compliant callers in the lead generation space, these changes could significantly improve deliverability and reduce erroneous spam labeling.
  • Call abandonment rules. The FNPRM proposed eliminating longstanding rules requiring callers to wait at least 15 seconds (or four rings) before disconnecting unanswered calls and prohibiting abandonment of more than 3% of telemarketing calls. The FCC suggested these rules, adopted more than 20 years ago, may be obsolete given advances in technology and “marketers’ incentives to avoid negative consumer impressions.”

Significantly, the final FNPRM deleted an initial proposal to eliminate internal do-not-call list requirements – a change that industry advocates including R.E.A.C.H. had opposed during the comment process. This outcome demonstrated that self-regulatory engagement could influence regulatory outcomes even in a deregulatory environment.

State-Level Complexity

While federal regulation trends toward reduction, state-level activity moves in the opposite direction. The patchwork of state “mini-TCPA” laws has grown increasingly complex, with multiple states enacting or strengthening telemarketing restrictions.

Florida’s Telephone Solicitation Act imposes requirements stricter than federal law, including specific consent language, calling hour restrictions, and substantial per-violation penalties. Maryland, Oklahoma, and Washington have adopted their own telemarketing frameworks. New York requires specific disclosures within the first 30 seconds of calls. Multiple states have established or expanded do-not-call registries with requirements beyond the federal DNC system.

California’s Delete Act and DROP Platform. Perhaps the most consequential state-level development for lead generation is California’s Delete Request and Opt-Out Platform (DROP), which launched January 1, 2026. The platform operationalizes California’s Delete Act (SB 362), creating a first-of-its-kind centralized deletion mechanism where consumers can request all registered data brokers delete their personal information with a single submission. Beginning August 1, 2026, data brokers must check DROP at least every 45 days, process deletion requests within 90 days, and maintain suppression lists for deleted consumers. Penalties reach $200 per day for registration failures and $200 per request per day for deletion failures – exposure that could prove existential for high-volume data operations.

For lead generation, DROP represents a fundamental challenge. Many lead sellers meet the Delete Act’s broad definition of “data broker” – businesses that “knowingly collect and sell personal information of consumers with whom they do not have a direct relationship.” Unlike the federal Do Not Call Registry, which restricts specific phone numbers for marketing outreach, DROP restricts whether data can continue circulating in the broker market at all. Lead enrichment, identity matching, suppression services, and resale practices all depend on assumptions that data continues circulating once it enters the market. The Delete Act nullifies that assumption for California consumers who exercise their rights.

For lead generation companies operating nationally, this fragmentation creates compliance nightmares. A consent form adequate under federal law and compliant in one state may violate requirements in another. Calling hours that satisfy most jurisdictions may trigger violations in states with narrower windows. Technology vendors must build systems capable of applying different rules based on consumer location – sometimes down to the county level for time zone and calling hour compliance.

Self-regulatory frameworks can address this complexity by establishing standards that satisfy the strictest applicable requirements. R.E.A.C.H.’s approach – setting standards exceeding legal requirements generally – provides some protection against state-specific traps. But comprehensive state-by-state compliance remains an operational challenge that industry standards alone cannot fully solve.

The Litigation Environment

TCPA litigation continues to pose existential risks for lead generation companies regardless of regulatory trends. The statute’s private right of action, with statutory damages of $500-$1,500 per violation, creates powerful incentives for plaintiff’s attorneys to pursue class actions against any company with significant call or text volume.

The litigation explosion shows no signs of abating. TCPA case filings increased 108% year-over-year in September 2025 according to WebRecon tracking services, with class actions comprising 78% of all TCPA filings that month. Cases increasingly target not just the callers themselves but the entire chain of parties involved in lead generation – publishers, aggregators, technology vendors, and end buyers.

Courts have split on critical questions that determine liability exposure. Does a text message constitute a “telephone call” under the TCPA? What constitutes an “automatic telephone dialing system” after the Supreme Court’s 2021 Facebook v. Duguid decision narrowed the definition? When does consent obtained by one party extend to affiliates or partners?

In this environment, self-regulatory compliance offers a form of insurance. Companies that can demonstrate adherence to industry standards, document consent events with third-party verification, and show good-faith efforts to honor opt-out requests position themselves better for litigation outcomes. R.E.A.C.H. membership provides evidence of systematic compliance practices that may influence settlement negotiations or jury perceptions.

7. The Economics of Compliance

The Cost of Getting It Right

For lead generation companies contemplating self-regulatory membership, the calculus ultimately comes down to economics. Compliance costs money – sometimes a lot of money. The question is whether those costs are justified by the benefits.

The direct costs of comprehensive TCPA compliance are substantial. According to industry estimates, a mid-sized lead generation operation might spend:

  • Technology infrastructure: $50,000-$200,000 annually for consent verification (TrustedForm, Jornaya), fraud detection (Anura, HUMAN), DNC scrubbing (DNC.com, Gryphon.ai), and contact management platforms. Enterprise operations can spend millions.
  • Legal and compliance staff: Dedicated compliance officers, typically commanding salaries of $80,000-$150,000, plus legal counsel on retainer or in-house. Larger operations maintain entire compliance departments.
  • Operational constraints: Limiting call frequency, maintaining calling hour compliance across time zones, and honoring opt-outs all reduce the number of contacts that can be made – directly impacting revenue generation.
  • Consent documentation: Storing consent certificates, call recordings, and compliance records for the five-year statute of limitations period requires substantial data infrastructure.

Against these costs, companies weigh the consequences of non-compliance:

  • Litigation exposure: A single TCPA class action can result in settlements of $5 million, $10 million, or more. The statutory damages structure – $500 per violation, trebled to $1,500 for willful violations – means that companies with significant call volumes face potentially catastrophic liability.
  • Carrier blocking: Wireless carriers increasingly block or label calls from numbers associated with consumer complaints. For businesses that depend on telephone outreach, being labeled “Spam Likely” can devastate connection rates.
  • Reputation damage: In an industry where relationships matter, being publicly identified as a bad actor can destroy partnerships and customer relationships.
  • Regulatory action: FCC enforcement actions, state attorney general investigations, and FTC proceedings can result in substantial fines and operational restrictions.

The Member Economics

R.E.A.C.H. has structured membership to make the economics attractive for companies already investing in compliance. PACE previously pursued a similar tiered model before the November 2023 shutdown.

R.E.A.C.H. membership is notably affordable – free for basic membership, with modest fees for enhanced services. The organization’s value proposition emphasizes what members receive: access to collective advocacy, potential carrier relationship benefits, and the reputational value of certification.

“Right now REACH membership continues to be FREE thanks to the generous support of our mission by some very forward-thinking companies,” Troutman wrote when launching the organization’s membership drive. “How can you say no?”

For companies already spending heavily on compliance technology and processes, R.E.A.C.H. membership adds minimal incremental cost while providing potential benefits that individual companies cannot achieve alone. The collective action logic is compelling: no single lead generation company can negotiate preferential carrier treatment or advocate effectively before the FCC, but an organization representing many companies potentially can.

PACE’s tiered membership structure created different economics. Basic membership required adherence to legal requirements plus organizational standards. Higher certification levels demanded more comprehensive compliance investment while the program remained active.

“The membership levels have been designed with the Lead Generator and Lead Buyer in mind,” PACE materials explained. “Our standards empower you to ensure your business and those you are purchasing leads from are operating within the highest moral and ethical values set by the council and its members.”

The Litigation Economics

Perhaps the most powerful driver of self-regulatory adoption is the plaintiff’s bar. TCPA litigation has become a specialized practice area, with firms developing sophisticated methods for identifying potential class members and building cases against high-volume callers.

The economics favor plaintiffs. With statutory damages of $500-$1,500 per violation and no requirement to prove actual harm, even routine compliance failures can support substantial claims. Class action certification multiplies exposure. And the prevalence of call recording and consent documentation creates discovery opportunities that didn’t exist in earlier eras of telemarketing litigation.

Defense economics are equally challenging. Litigating a TCPA class action to verdict can cost millions in legal fees, with uncertain outcomes. Settlement becomes rational even for companies confident in their compliance, simply to eliminate risk and legal expense.

In this environment, self-regulatory membership provides a form of insurance. Companies that can demonstrate adherence to industry standards, document consent events with third-party verification, and show systematic compliance processes are better positioned for favorable litigation outcomes.

Steven L. Rozenfeld’s observation that he has “never had the occasion to name a R.E.A.C.H. member as a defendant” comes from the defense side of the bar – Rozenfeld is an attorney at Troutman Amin, LLP, the firm that founded R.E.A.C.H. The statement may reflect selection bias: compliant companies join R.E.A.C.H., so members would be less likely targets regardless of membership. But defense practitioners track plaintiff case-selection patterns closely, and the observation aligns with a broader dynamic: self-regulatory certification signals compliance investment that makes litigation targeting less attractive.

8. The Technology Infrastructure

R.E.A.C.H.’s framework, and PACE’s former framework, depend on technology infrastructure that did not exist when the DMA’s Telephone Preference Service failed. Modern consent verification creates audit trails that make compliance objectively verifiable – a capability that fundamentally changes the dynamics of self-regulation.

The industry has standardized around several key technologies:

  • Form-level documentation. Services like TrustedForm (ActiveProspect) and LeadiD (Jornaya, now under ActiveProspect ownership following the January 2026 acquisition, though maintained as separate product lines) create session-level records of consent events. These certificates document the exact form content displayed to consumers, timestamp submissions, capture IP addresses and device fingerprints, and record user interactions. When disputes arise, companies can produce objective evidence of what consumers saw and agreed to.
  • Fraud detection. TAG (Trustworthy Accountability Group) and MRC (Media Rating Council) certifications establish standards for detecting invalid traffic and fraudulent lead submissions. R.E.A.C.H. standards require use of TAG or MRC-certified fraud detection, ensuring that consent verification infrastructure meets independent quality standards.
  • Number validation. The FCC’s Reassigned Numbers Database, operational since November 2021, allows callers to check whether phone numbers have been reassigned to new subscribers – a critical capability for honoring consent that was valid when obtained but invalid when the number changed hands. R.E.A.C.H. standards require RND checking for leads more than 60 days old.
  • Carrier authentication. The STIR/SHAKEN framework enables carriers to verify caller identity and authenticate that calls originate from legitimate sources. While primarily designed to combat caller ID spoofing, the system increasingly affects call deliverability and spam labeling for all callers.

The Compliance Technology Market

The regulatory complexity facing lead generation has spawned a substantial compliance technology market. Companies like Contact Center Compliance (DNC.com), Gryphon.ai, Convoso, and Anura provide specialized tools for navigating telemarketing regulations.

These platforms typically offer:

  • Real-time scrubbing against federal and state do-not-call registries
  • Reassigned numbers database checking
  • TCPA litigator identification and suppression
  • State-specific calling hour enforcement
  • Consent documentation and storage
  • Call recording with compliance monitoring
  • Frequency capping and contact attempt tracking

The technology infrastructure creates possibilities for self-regulatory enforcement that were unavailable to earlier generations of industry standards bodies. Organizations like R.E.A.C.H. can theoretically require members to provide audit access to compliance platforms, enabling verification that standards are actually being followed rather than merely promised.

Whether self-regulatory bodies will develop the resources and expertise to conduct such audits remains an open question. But the technical capability exists in ways it did not when the DMA’s TPS failed.

9. International Perspectives on Self-Regulation

How Other Countries Approach Telemarketing Governance

The United States is not alone in grappling with the tension between legitimate business communication and consumer protection. International experiences with telemarketing regulation and self-regulation offer instructive comparisons.

United Kingdom. The UK’s Telephone Preference Service (TPS) – confusingly sharing its acronym with the DMA’s failed American system – provides a government-administered opt-out registry that has operated since 1999. Unlike the American DMA system, the UK TPS is backed by legal enforcement: calling registered numbers without consent can result in fines up to £500,000 from the Information Commissioner’s Office.

The UK system combines government registry administration with industry self-regulation through the Direct Marketing Association UK. This hybrid model addresses weaknesses in both pure approaches: government provides enforcement teeth while industry expertise shapes practical implementation.

European Union. The EU’s ePrivacy Directive establishes baseline telemarketing protections that member states must implement. Most EU countries operate opt-out registries similar to the US National Do Not Call Registry. The upcoming ePrivacy Regulation, intended to replace the Directive, has been in development for years, reflecting the difficulty of achieving consensus on communications privacy.

Australia. Australia’s Do Not Call Register, operational since 2007, provides a government-administered opt-out system with substantial penalties for violations – up to A$2.5 million per breach. The Australian Communications and Media Authority (ACMA) actively enforces compliance, creating a regulatory environment significantly stricter than the US system.

Canada. Canada’s National Do Not Call List, administered by the Canadian Radio-television and Telecommunications Commission (CRTC), combines opt-out registration with rules governing calling hours, call frequency, and disclosure requirements. Violations can result in penalties up to C$15,000 per individual violation.

Lessons for American Self-Regulation

International comparisons highlight several dynamics relevant to American self-regulatory efforts:

  • Government backstop matters. The most effective international systems combine industry self-regulation with government enforcement authority. Pure self-regulation – the DMA’s original American approach – consistently underperforms hybrid models.
  • Penalty severity affects behavior. Countries with substantial financial penalties for violations see higher compliance rates than those relying primarily on reputational sanctions.
  • Registry design influences adoption. Free, easy-to-use registration systems achieve higher consumer participation than systems with cost or friction barriers.
  • Cultural factors vary. Consumer tolerance for commercial communications differs across cultures, affecting both regulatory approaches and industry practices.

For R.E.A.C.H., and for any future successor to PACE’s framework, these lessons reinforce the importance of regulatory engagement. Purely private self-regulation faces inherent limitations; the most sustainable path likely involves some form of government recognition or partnership.

10. The Regulatory Comment Process – A Case Study

Inside the FCC Advocacy Campaign

R.E.A.C.H.’s engagement with the FCC provides a detailed case study in how self-regulatory organizations can participate in administrative proceedings. The organization’s approach illustrates both the opportunities and limitations of industry advocacy.

The Initial Comment (May 2023). When the FCC sought comment on proposed telemarketing rules, R.E.A.C.H. submitted detailed written comments urging the Commission to:

  1. Adopt R.E.A.C.H. standards as a safe harbor for compliant lead generation
  2. Distinguish between legitimate comparison-shopping operations and fraudulent consent practices
  3. Consider the economic impact of proposed rules on small businesses and consumers
  4. Prioritize enforcement against bad actors rather than prescriptive regulation affecting the entire industry

The comment stood out for its willingness to name the industry’s own failures – a posture that distinguished R.E.A.C.H. from trade associations that typically minimize problems in regulatory proceedings. Troutman’s firm drafted it pro bono, consistent with the organization’s founding ethos that industry reform was a civic obligation, not a billable engagement.

Ex Parte Meetings (2023-2024). Following the written comment, R.E.A.C.H. representatives conducted a series of ex parte meetings with FCC staff. Between 2023 and 2024, the organization logged meetings with:

  • Chairwoman Jessica Rosenworcel’s office
  • Commissioner Brendan Carr’s office
  • Commissioner Geoffrey Starks’s office
  • Commissioner Nathan Simington’s office
  • Various FCC bureaus and offices

These meetings allowed R.E.A.C.H. to present its perspective in more detail than written comments permit, respond to staff questions, and gauge Commission thinking on pending issues.

The One-to-One Consent Fight. When the FCC adopted its one-to-one consent rule in December 2023, R.E.A.C.H. had advocated unsuccessfully for a modified approach. The organization’s standards were designed to exceed the new requirements, but Troutman made clear his view that the rule went too far.

“R.E.A.C.H. was the only association actively advocating for industry here,” Troutman wrote after the rule’s adoption, “and there were just too many forces acting against it for it to win all by itself. In the end, industry sat quietly and it will pay the price.”

The rule’s subsequent vacatur by the Eleventh Circuit vindicated some of R.E.A.C.H.’s legal arguments, even if the organization had not been a party to the litigation.

The “Make Our Phones Great Again” Petition (January 2025). Shortly after the one-to-one consent rule’s vacatur, R.E.A.C.H. filed a petition with the FCC addressing a different problem: carrier call blocking. The petition urged the Commission to:

  1. Require carriers to provide clear explanations when blocking calls
  2. Establish processes for legitimate callers to challenge blocking decisions
  3. Prohibit carriers from blocking calls from numbers verified through STIR/SHAKEN

The petition reflected a strategic pivot. With the immediate threat of the one-to-one consent rule eliminated, R.E.A.C.H. turned its attention to carrier practices that affected legitimate businesses.

Engagement with “Delete, Delete, Delete” (October 2025-Present). The FCC’s October 2025 NPRM initiated a new round of regulatory activity. R.E.A.C.H. committed to active participation in the proceeding, recognizing that the deregulatory environment created opportunities to shape rules favorable to compliant industry participants.

“R.E.A.C.H. will continue to lead the charge in commenting on the FCC’s proposal,” the organization announced. The comment deadline in early 2026 and reply deadline in February 2026 provided specific action points for member engagement.

Lessons from the Advocacy Experience

R.E.A.C.H.’s regulatory engagement illustrates several dynamics:

  • Consistent presence matters. The organization’s sustained engagement over multiple years built relationships and credibility with FCC staff. Single-shot advocacy rarely achieves lasting impact.
  • Candor can be strategic. By acknowledging industry problems rather than defensively minimizing them, R.E.A.C.H. positioned itself as a constructive partner rather than an obstacle to consumer protection.
  • Standards provide concrete alternatives. Rather than simply opposing proposed rules, R.E.A.C.H. could point to its own standards as evidence that industry self-regulation could achieve regulatory objectives.
  • Industry unity remains elusive. Despite R.E.A.C.H.’s efforts, the broader lead generation industry did not present a unified front in FCC proceedings. This fragmentation limited advocacy effectiveness.

11. Profiles in Compliance – Key Industry Figures

The Architects of Self-Regulation

Understanding lead generation self-regulation requires understanding the individuals who have shaped it. Several figures have played outsized roles in developing the frameworks that may determine the industry’s future.

Eric J. Troutman – “The Czar of TCPAWorld”

Before founding R.E.A.C.H., Troutman had built one of the nation’s most prominent TCPA defense practices. His firm, Troutman Amin, LLP, represented defendants across the telemarketing and lead generation industries, giving him intimate knowledge of both compliance challenges and litigation dynamics.

Troutman’s public persona – cultivated through his “TCPAWorld” blog and extensive social media presence – combined legal expertise with provocative commentary. He was willing to criticize his own clients’ industry in ways that traditional trade association executives would never attempt.

“This is an industry that has COMPLETELY failed to effectively self-regulate in my opinion,” Troutman wrote – a statement that would be unthinkable coming from most industry advocates. But that willingness to acknowledge problems gave his proposed solutions credibility they might otherwise have lacked.

His decision to provide legal support to R.E.A.C.H. pro bono – investing substantial firm resources without direct compensation – reflected both strategic calculation and genuine commitment to industry reform.

Angela Tesi – The Compliance Architect

As Vice President of R.E.A.C.H. and founder of compliance consulting firm TESICO, Angela Tesi brought practical operational expertise to standards development. Her background included years of experience helping lead generation companies build compliant operations, giving her insight into what standards were actually achievable.

Tesi’s emphasis on consumer-friendly practices reflected a sophisticated understanding of industry dynamics. Standards that merely satisfied legal minimums would not differentiate R.E.A.C.H. members or build the credibility the organization sought. Standards had to demonstrably improve consumer experience – a philosophy she drove into the specific requirements of each successive standards version, from disclosure formatting to consent verification methodology.

Rob Seaver – The SRO Visionary

As Executive Director of PACE and the driving force behind the Consumer Consent Council’s SRO initiative, Rob Seaver brought a different model of industry self-governance. His background in association management and his focus on formal organizational structures complemented R.E.A.C.H.’s more advocacy-oriented approach before PACE ceased operations in November 2023.

Seaver’s central insight – that legal compliance alone would never satisfy consumer or regulatory expectations – shaped PACE’s layered approach. Rather than a single standard, the organization built progressive tiers that allowed members to demonstrate increasing levels of commitment while active. The SRO terminology was deliberate: Seaver saw FINRA’s hybrid model, with its government backstop and mandatory participation, as the logical endpoint for lead generation governance.

Nima Hakimi – The Technology Perspective

As CEO of Convoso – a leading dialer platform for contact centers – Nima Hakimi’s presence on the R.E.A.C.H. board brought the technology vendor perspective. Dialer companies occupy a crucial position in the lead generation ecosystem: their platforms enable the calls that can either delight consumers or drive them to file complaints.

Hakimi’s participation signaled technology vendor buy-in for self-regulatory standards – an important validation given that compliance increasingly depends on technological implementation.

12. The Broader Context

Self-Regulation Across Industries

Lead generation’s experiment with self-regulation unfolds against a backdrop of similar efforts across sectors. The patterns of success and failure in other industries offer lessons for performance marketing.

Advertising. The advertising industry’s self-regulatory system, administered through BBB National Programs, represents perhaps the most successful model. The National Advertising Division (NAD), established in 1971, reviews truth-in-advertising challenges and achieves 96%+ compliance with its recommendations. The system’s longevity demonstrates that industry self-regulation can work when properly structured.

Key success factors include independent administration, meaningful enforcement through FTC referral, and broad industry buy-in. NAD’s structure separates standard-setting from enforcement, reducing conflicts of interest. The threat of FTC action provides enforcement leverage that pure self-regulation lacks. And comprehensive industry participation – including competitors willing to challenge each other’s claims – creates accountability.

Financial services. FINRA (Financial Industry Regulatory Authority) provides a model of self-regulation operating under explicit government oversight. As a self-regulatory organization registered with the SEC, FINRA combines industry expertise with regulatory authority – including the power to examine firms, impose fines, and bar individuals from the industry.

FINRA’s hybrid model addresses many weaknesses of pure self-regulation. Government oversight constrains regulatory capture. Legal authority enables meaningful enforcement. And mandatory participation eliminates free-rider problems.

Lead generation lacks the statutory framework that enables FINRA’s approach. But the PACE Consumer Consent Council’s explicit goal of creating an SRO structure showed early recognition that self-regulation’s effectiveness may ultimately require some form of government backstop.

Technology. The tech industry’s self-regulatory efforts offer more cautionary examples. Privacy self-regulation through mechanisms like the Digital Advertising Alliance’s behavioral advertising guidelines has faced persistent criticism for weak enforcement and industry-favoring standards. Social media platforms’ content moderation policies, while technically self-regulatory, have satisfied neither free speech advocates nor those seeking stronger content restrictions.

These failures typically share common elements: standards developed without meaningful consumer participation, enforcement dependent on the same parties being regulated, and insufficient transparency about compliance outcomes.

The Deregulatory Moment

Lead generation self-regulation emerges during a broader political moment favoring private governance over government oversight. The Trump administration’s return to power brought explicit deregulatory priorities, with executive orders mandating elimination of regulations and scrutinizing agency rulemaking authority.

This environment creates both opportunities and risks for self-regulatory frameworks.

Opportunities. Regulators may embrace industry self-regulation as an alternative to formal rulemaking. The FCC’s “Delete, Delete, Delete” initiative explicitly seeks to reduce regulatory burdens while maintaining consumer protections – a balance that effective self-regulation could help achieve. R.E.A.C.H.’s ongoing engagement with the Commission positions it to shape whatever framework emerges.

Risks. Deregulation without effective private governance could lead to the worst outcomes for consumers and responsible industry participants alike. If self-regulatory bodies fail to constrain bad actors, the industry’s reputation will continue deteriorating. And if political winds shift, the absence of demonstrated self-regulatory effectiveness could prompt even more aggressive government intervention than the rules being eliminated.

BBB National Programs CEO Eric Reicin captured this tension in a recent analysis: “The idea behind industry self-regulation is not to absolve the government of its responsibility, but to empower industries to take ownership of their own standards and practices. By doing so, industries can create tailored guidelines that are more flexible, responsive, and innovative than rigid, one-size-fits-all government rules.”

But Reicin also acknowledged the stakes: “Frameworks for successful industry self-regulation must fit within the context of the political environments in which they are created.”

13. The Inflection Point

The Bigger Disruption

R.E.A.C.H., and historically PACE, were built to solve one problem: an industry that couldn’t police itself. Three years in, R.E.A.C.H. faces a different one entirely. The business model these frameworks were created to govern is being structurally displaced – not by regulation, but by the platforms that control how consumers and businesses find each other.

In January 2026, Walmart and Google announced a partnership integrating Gemini-powered shopping directly into the retailer’s ecosystem. Consumers could discover products, check local inventory, and arrange same-day delivery without leaving a conversational interface. No search query. No comparison site. No form. A month earlier, Shopify had launched Agentic Storefronts, enabling its merchants to sell directly through ChatGPT, Perplexity, and Microsoft Copilot. OpenAI had integrated Stripe’s Agentic Commerce Protocol into ChatGPT, enabling in-chat purchases across its merchant network. Amazon’s Rufus had reached 300 million users by year-end 2025. During Black Friday, 38 percent of Amazon shopping sessions ran through the AI assistant. The company attributed $12 billion in annual sales to AI-assisted transactions.

These were not experiments. An IBM study in early 2026 found that 45 percent of consumers were already using AI for part of their buying journey. McKinsey projected the global agentic commerce opportunity at $3 to $5 trillion by 2030, with U.S. retail alone representing as much as $1 trillion. Gartner predicted that 90 percent of B2B buying would be AI agent-intermediated by 2028 – pushing over $15 trillion in B2B spend through AI agent exchanges. Half of consumers surveyed by McKinsey in 2026 said they now intentionally seek out AI-powered search engines, with a majority calling it their top digital source for purchasing decisions. The transition window is not a decade. It is two to four years.

For lead generation, the one-to-one consent rule had threatened to change how leads were distributed. The agentic economy threatens to eliminate the lead as a discrete commercial artifact altogether. When a consumer’s AI agent can query dozens of insurance carriers via API, compare coverage in seconds, and shortlist options without the consumer ever touching a form, the ping-post exchange and everything upstream of it becomes structurally redundant. McKinsey’s framework describes the endpoint: Level 4 agentic commerce, where AI agents operate against standing goals – “keep household essentials under $300 per month,” “maintain my airline loyalty status at the lowest total cost” – rather than executing one-off transactions. At that level, the consumer doesn’t initiate a search at all. The agent acts continuously on their behalf.

“Carriers, brokers or others not accessible to agents never reach the consideration set, regardless of their actual offerings,” one insurance industry analysis observed. “Discoverability determines lead generation.” In the agentic model, the website, the form, the data transfer, and potentially the outbound call all collapse into a single AI-mediated negotiation. The comparison-shopping site becomes the middleman to the middleman.

What makes this structural rather than sectoral is that lead generation is not an isolated case. The same displacement pattern is unfolding simultaneously across insurance distribution, retail discovery, data brokerage, financial services intermediation, and B2B procurement. In each vertical, the intermediary layer between producers and consumers is being replaced by AI-mediated infrastructure controlled by a small number of platform companies. Lead generation – a $5-10 billion market sitting directly in the path of what McKinsey projects as a $3-5 trillion global reorganization – faces the governance questions first: what constitutes consent in machine-to-machine transactions, how discoverability works in AI-curated marketplaces, how fraud detection operates against generative adversaries. But these are not lead generation questions. They are digital economy ecosystem questions that every intermediary market will confront within the same two-to-four-year window. The sector’s experience with self-regulatory governance during this transition will either provide a template or a cautionary tale for every industry behind it in the queue.

The Traffic Foundation Is Already Cracking

The agentic shift didn’t arrive in a vacuum. The traffic infrastructure that powers lead generation was already deteriorating.

Google’s AI Overviews appeared in roughly 18 percent of global searches by late 2025. Where they appeared, 83 percent of users never clicked through to any website. Organic CTR plummeted 61 percent. Paid search CTR collapsed 68 percent. Overall, 58.5 percent of U.S. searches now concluded entirely within Google’s results page. HubSpot – one of the most sophisticated inbound marketing operations in the world – saw its organic traffic decline 70 to 80 percent in a single year, from 13.5 million monthly visits to roughly 7 million.

For comparison-shopping sites in insurance, solar, home services, and financial products – the verticals that generate the highest-value leads – the trajectory was existential. McKinsey projected that AI-powered search would impact $750 billion in revenue by 2028, with AI summaries appearing in more than 75 percent of Google searches by that date. Gartner flagged a 25 percent drop in organic traffic from traditional search by 2026. The search query that once drove a consumer to a comparison form was increasingly answered by an AI summary that never delivered that consumer to any website. And Google’s trajectory pointed toward deeper compression: Gemini’s shopping features already included agentic checkout, where users could instruct the AI to purchase automatically once conditions were met – without returning to the conversation.

The insurance vertical – lead generation’s economic center of gravity – was moving fastest. McKinsey projected that by 2030, the number of insurance agents would be “reduced substantially,” with remaining agents relying on AI assistants to support larger client bases while making interactions “shorter and more meaningful.” Embedded insurance was growing at 30 percent annually. Insurers were being pushed toward API-first distribution architectures where AI agents could access rating and binding engines in real time – bypassing the comparison-shopping intermediary entirely. For an industry built on connecting consumers to insurance carriers through web forms and phone calls, this was not a distant disruption. The AI-in-insurance market was projected to grow from $7.7 billion in 2024 to $35.8 billion by 2029.

Meta was applying pressure from the other direction. Its October 2025 removal of auto-fill from lead ads forced manual entry of contact details, deliberately sacrificing volume for quality. Data collected through forms could now be used only for the declared purpose. At the operating system level, Apple Intelligence was filtering marketing communications before consumers ever saw them – AI-generated mail summaries replacing subject lines, Priority Messages burying commercial content below the visibility threshold, Smart Replies enabling responses without reading the full message.

The platforms were not adjusting the rules of lead generation. They were inserting proprietary AI layers between businesses and consumers at the infrastructure level. The traditional model of generating a lead and then contacting the consumer was becoming harder to execute regardless of how that lead was obtained – or how meticulously its consent was documented.

Why Government Can’t Keep Up

The TCPA was enacted in 1991. Its core provisions have been amended once in thirty-five years. The FCC’s rulemaking cycle for the one-to-one consent rule took eighteen months from proposal to adoption – and the rule was vacated three days before it took effect. The “Delete, Delete, Delete” FNPRM, adopted October 2025, won’t produce enforceable rules before 2027 at the earliest.

The problem runs deeper than political cycles. After Loper Bright ended Chevron deference and McLaughlin v. McKesson (June 2025) freed district courts from FCC interpretations of the TCPA, the accumulated body of agency guidance that had provided operational definitions for telemarketing compliance could be rejected by any federal judge conducting independent statutory analysis. What constituted an “automatic telephone dialing system” in the Fifth Circuit might differ from the Ninth. The regulatory framework hadn’t merely been weakened – its interpretive authority had been redistributed to hundreds of courts with no obligation to reach consistent conclusions.

Capacity compounded the problem. The FTC, operating at two of five commissioners by November 2025 and more than $100 million below its requested budget, had pivoted explicitly from industry-shaping regulation to case-by-case prosecution. Chair Ferguson’s philosophy was clear: “We will vigorously and faithfully enforce the laws that Congress has passed, rather than writing them.” The FCC’s Enforcement Bureau had been steadily downsized. State legislatures were producing fragmentation – twenty-plus comprehensive privacy laws, each with distinct requirements – not coherence.

None of these institutions was contemplating, let alone developing, governance frameworks for agentic commerce. The TCPA assumed a human filling out a form and a business placing a call. When an AI agent acts on behalf of both parties – when consent is negotiated between machines, when the “call” is an API handshake, when the form doesn’t exist – no provision of the statute applies. No FCC rulemaking has been proposed to address it. No court has been asked to interpret the law in light of it. Meanwhile, all fifty states, Puerto Rico, the Virgin Islands, and Washington, D.C., introduced AI legislation in 2025. Thirty-eight states adopted roughly 100 measures. The EU AI Act’s transparency requirements take effect in August 2026. The result is not governance but fragmentation – a proliferation of rules addressing yesterday’s AI while the agentic economy builds tomorrow’s.

Industry surveys captured the dynamic: roughly two-thirds of enterprises cited regulatory uncertainty as a barrier to large-scale deployment of agentic AI. The uncertainty was not that rules were too strict or too lenient. It was that no one could identify which rules applied – or would apply next year.

The OECD warned in 2015 that government rulemaking would struggle to keep pace with market evolution. In 2026, “struggle” understates the gap. Market reality is widening its lead with every quarterly product launch from Google, Amazon, Meta, Apple, and OpenAI. Official governance isn’t falling behind. It hasn’t entered the race.

The cadence gap is measurable. Against the FCC’s multi-year rulemaking cycles – one attempt vacated, the next still years from enforcement – platform and agent capabilities were shifting on quarterly cycles, while synthetic identity fraud rose 311 percent year-over-year and adversarial techniques kept evolving. By contrast, R.E.A.C.H. moved from V.2.0 one-to-one readiness in 2024 to V.3.0 on July 2, 2025 after vacatur, preserving an operational baseline while federal posture reset.

The Governance Vacuum No One Else Can Fill

This is what transforms industry self-regulation from a compliance initiative into a structural necessity.

The practical questions are already urgent. When a consumer instructs their AI assistant to get insurance quotes and the assistant submits information to twenty carriers simultaneously, has the consumer given prior express written consent to be contacted by each? The answer determines whether every subsequent call is legal or a $500-per-violation liability – and neither the FCC nor any court has proposed a framework. When Gemini or Operator selects which merchants to present to a consumer, the criteria for selection become the new gatekeeping mechanism. A small insurance agency not indexed by the agent’s data sources never reaches the consideration set, regardless of pricing or product quality. The comparison-shopping site, for all its imperfections, offered a relatively level playing field. The agentic layer has no equivalent transparency requirement.

When conversational lead capture replaces form submissions, R.E.A.C.H.’s current standards – 10-point minimum font disclosures, eight required form elements, TrustedForm session recordings – lose their referent. Consent in a chatbot interaction isn’t a single signature event. It’s a continuous exchange with no page, no font size, no form to certify. When synthetic identity fraud increases 311 percent in a single year and 30 percent of third-party leads are fraudulent, the TAG and MRC certification standards that R.E.A.C.H. mandates are fighting the last war. Generative AI now produces form submissions with plausible behavioral patterns and device fingerprints that defeat legacy detection. The verification backbone needs to evolve at a pace only practitioners can sustain.

The pattern has precedent. When cryptocurrency markets emerged faster than the SEC could develop regulatory frameworks, it was self-regulatory organizations – Japan’s JVCEA, the U.S. Virtual Commodity Association – that established operational standards in months rather than years. A CFTC commissioner articulated the structural advantage directly: “Funded by members, an SRO can adapt rules faster than the federal government, and rules are informed by practical expertise” – particularly, the commissioner emphasized, “in cases of rapidly-evolving industries.”

Lead generation in 2026 is precisely such a case. Industry self-regulation is the only governance mechanism with the technical literacy to define workable standards for these realities and the operational speed to deploy them before litigation or market failure forces the question.

The DMA Warning

The historical parallel deepens here. The DMA’s Telephone Preference Service, examined earlier in this article, failed for well-documented reasons: voluntary participation, weak enforcement, free-rider dynamics. But it failed for another reason that receives less attention. The TPS was governing a model – direct mail transitioning to telephone outreach – that was itself being superseded. By the time the federal Do Not Call Registry replaced TPS in 2003, the industry had already migrated to internet-based lead generation and the ping-post distribution model. The DMA’s self-regulatory framework became irrelevant not because its standards were too weak, but because the industry it governed had moved on.

R.E.A.C.H. now faces this risk directly, and PACE’s shutdown illustrates a parallel institutional risk. Self-regulatory standards built exclusively for the form-based, ping-post model – consent verification for web forms, call frequency limits, comparison-page disclosure requirements – could be rigorous, well-enforced, and irrelevant if the business model shifts to agentic commerce, conversational lead capture, and AI-mediated matching.

The imperative is to build frameworks that define principles, not just procedures. What constitutes meaningful consent regardless of whether it’s collected on a form or in a conversation. What quality verification means regardless of whether a lead is a data record or an API handshake. What fair access looks like regardless of whether discoverability happens on a website or inside an AI agent’s recommendation engine.

No government institution is developing this capability. The FCC cannot convene practitioners to define consent standards for conversational AI. The FTC cannot update fraud detection benchmarks at the pace AI fraud evolves. State legislatures cannot coordinate a coherent framework for agentic commerce when they have not yet achieved coherence on basic privacy law. The courts will not address these questions until litigation arrives – and by then, the industry will have operated for years without governance.

The OECD identified “higher technical expertise” as a core advantage of industry self-regulation. For lead generation in 2026, that advantage has become the entire argument. The industry’s self-regulatory bodies are not merely better positioned to write rules for the emerging landscape. They are, for practical purposes, the only institutions positioned to write them at all.

The Responsibility That Comes With It

The urgency carries a corresponding obligation. Self-regulation that serves only incumbent interests – that writes rules to protect established players from agentic disruption rather than establishing fair standards for the transition – would repeat the worst patterns of every self-regulatory scheme that prioritized industry protection over consumer welfare.

The structural limitations are real. R.E.A.C.H. currently does not include formal consumer representation in governance, and PACE did not institutionalize one before operations ceased. Enforcement authority in these models does not extend beyond expulsion and public disclosure – meaningful reputational consequences, but not the audit powers, fine authority, or compelled compliance that characterize mature self-regulatory bodies like FINRA or the NAD. These gaps do not invalidate the self-regulatory model, but they define the distance between where these organizations are and where they need to be. The line between consumer protection and incumbent protection requires external scrutiny, not just internal good intentions – and that scrutiny must be built into the governance structure, not bolted on after the fact.

Standards must be forward-looking enough to address agentic commerce and conversational lead capture. They must be rigorous enough to maintain the consumer protection credibility that distinguishes effective self-regulation from industry lobbying. They must be accessible enough that smaller operators can participate in the transition rather than being excluded by compliance costs only large incumbents can absorb. And they must be developed with sufficient transparency – including consumer perspectives – to earn the legitimacy that purely industry-driven standards have historically lacked.

R.E.A.C.H., and earlier PACE, were built to govern an industry in crisis. The surviving institutions are now being asked to govern an industry in transformation. That is a fundamentally harder task – but one for which no alternative governance mechanism exists.

14. Looking Forward

The Path to Maturity

For lead generation self-regulation to achieve lasting success, several developments will be necessary:

  • Expanded participation. R.E.A.C.H. represents a meaningful constituency, but comprehensive coverage remains elusive, especially after PACE’s 2023 wind-down. The core challenge is recruiting members while maintaining standards that create compliance costs. If participation remains limited to already-compliant firms, the standards’ impact on industry conduct will be constrained.
  • Consumer engagement. R.E.A.C.H. currently does not include formal consumer representation in governance. Building credibility with consumer advocates – and ultimately with consumers themselves – will require an explicit mechanism for incorporating consumer perspectives into standards development and enforcement.
  • Enforcement infrastructure. The current enforcement model, relying primarily on expulsion and public disclosure, may prove insufficient as membership grows. Developing audit capabilities, establishing graduated enforcement responses, and creating appeals mechanisms will require resources and expertise that may exceed what membership dues can support.
  • Government recognition. Self-regulatory frameworks gain significant legitimacy when government explicitly acknowledges their value. FCC adoption of R.E.A.C.H. standards as a safe harbor – the outcome Troutman has advocated since the organization’s founding – would validate the self-regulatory approach and create powerful incentives for industry participation.
  • Carrier collaboration. The promise of preferential treatment for member traffic has been a key selling point for R.E.A.C.H. membership. Delivering on this promise requires carrier buy-in that has not yet materialized. If self-regulatory certification becomes a factor in call blocking and spam labeling decisions, the value proposition for membership would increase dramatically.

The Stakes

The success or failure of lead generation self-regulation matters beyond the industry itself. The sector’s experience will inform debates about private governance across the economy – at a moment when the agentic transformation examined in the preceding section has compressed the timeline for proving that effectiveness.

If R.E.A.C.H. and successor industry-led frameworks demonstrate that standards can govern not just today’s form-based model but the transition to AI-mediated commerce, the model may become a template for other sectors navigating similar disruption. Digital advertising, data brokerage, fintech, and other industries confront analogous tensions between innovation, consumer protection, and the structural displacement of established business models by platform AI.

If self-regulation fails – whether through insufficient participation, toothless enforcement, or an inability to evolve beyond the model that prompted its creation – the result will not simply be renewed government intervention. It may be a governance vacuum that no institution fills, as the business practices that need governing outpace every institution’s capacity to understand them.

For now, the experiment continues. R.E.A.C.H. prepares comments on the FCC’s latest rulemaking. Compliance technology providers build infrastructure that makes self-regulatory verification possible. And hundreds of thousands of workers in the lead generation industry watch to see whether durable governance can secure a sustainable future.

“With these new standards we come one step closer to an internet economy that brings consumers and small businesses together without unexpected surprises,” Angela Tesi observed when R.E.A.C.H. adopted its latest standards.

Whether that vision becomes reality depends on choices that industry participants, regulators, and consumers will make in the months and years ahead. The new gatekeepers have built their frameworks. Now comes the harder work of proving they can be trusted to use them.

15. The Only Game Fast Enough

In early 2023, Eric Troutman told the lead generation industry it had “completely failed to effectively self-regulate.” Three years later, the institutions he and others helped launch produced mixed but consequential results. R.E.A.C.H. standards have been cited in TCPA litigation as evidence that compliant telemarketing is achievable — defense practitioners at Troutman Amin, LLP report that no R.E.A.C.H. member has appeared as a defendant. PACE’s SRO initiative helped formalize governance concepts, but the organization ceased operations on November 8, 2023. When the one-to-one consent rule collapsed, it was self-regulatory standards – especially R.E.A.C.H.’s – not federal regulation, that provided the operational certainty the market needed.

None of that will matter if the industry they’re governing ceases to exist in its current form.

The evidence assembled here points to a single, uncomfortable conclusion: the lead generation business model – consumer fills out form, data flows through ping-post exchange, business places call – is being structurally displaced by forces that no trade association created and no regulatory body anticipated. AI agents are intermediating the relationship between consumers and businesses at the platform level. Search traffic – the oxygen supply for comparison-shopping sites – is collapsing into zero-click AI summaries. Insurance carriers, the industry’s highest-value vertical, are building API-first architectures that bypass the lead generation intermediary entirely. The comparison-shopping website is becoming the middleman to the middleman, and the middleman above it is owned by Google, Amazon, Apple, and OpenAI.

Meanwhile, the institutions that traditionally write rules for markets like these are paralyzed. The TCPA has been amended once since 1991. The FCC’s last major rulemaking was vacated three days before it took effect. The FTC is operating at two-fifths capacity. The Supreme Court has redistributed interpretive authority to hundreds of district courts with no obligation to agree with each other. Fifty states have introduced AI legislation; none of it addresses agentic commerce. The EU AI Act takes effect in August 2026, but its transparency provisions assume human decision-making in a market increasingly governed by machine-to-machine negotiation. No official body is developing governance frameworks for what comes next – because none of them yet understands what comes next.

This is the gap that industry self-regulation was designed for. The OECD identified it in 2015. The CFTC articulated it when cryptocurrency outpaced the SEC. And the lead generation industry is living it now: the market is transforming faster than any official body can respond. Self-regulation is the only mechanism with the practitioner knowledge to define workable standards and the operational speed to deploy them in real time.

But the argument only holds if self-regulation earns it. The DMA’s Telephone Preference Service is a reminder that industry-led governance fails when it serves incumbents rather than markets. Standards written to protect established players from agentic disruption – rather than establishing fair rules for the transition – would replay the worst patterns of every self-regulatory scheme that prioritized industry protection over consumer welfare. The line between consumer protection and incumbent protection has always been thin. In a period of structural transformation, it becomes invisible unless someone is deliberately watching for it.

What that means in practice: consent standards must be defined by principles – meaningful, informed, revocable – rather than procedures tied to a specific technology. Quality verification must work for API handshakes, not just form submissions. Discoverability rules must ensure that a small insurance agency competing on price and service can reach consumers through an AI agent’s recommendation engine, not just through a comparison website that may not exist in three years. Fraud detection must evolve at the pace generative AI evolves, which means quarterly, not annually. And the organizations doing this work must include consumer perspectives in governance – not as a concession to critics, but because standards that lack external legitimacy will not survive the scrutiny that structural transformation brings.

A “fair, balanced landscape” also has to be defined in terms that can be audited. That starts with consent integrity: informed, revocable consent that remains verifiable across forms and conversational interfaces, measured by complete audit trails and revocation compliance rates. It requires auditability: independent, repeatable validation of compliance claims, measured through pass rates, exception rates, and remediation closure times. It requires equal discoverability access: transparent pathways into AI-mediated consideration sets so smaller operators are not structurally excluded, measured by recommendation concentration and inclusion rates. It requires anti-fraud efficacy: controls that update at adversary speed, measured by interception performance and post-sale invalidation trends. And it requires enforcement transparency: visible, timely consequences for repeat or serious violations, measured by action volume, disclosure quality, and time-to-enforcement after verified breach.

R.E.A.C.H., and before shutdown PACE, were created to save an industry from its worst impulses. Their work succeeded well enough to matter. Now the question is whether the surviving governance efforts can do something harder: govern an industry through a transformation that will redefine what that industry is. Write rules for business models that don’t fully exist yet. Protect consumers in transactions that no longer look like transactions. Maintain a fair, balanced competitive landscape when the platforms reshaping that landscape have market capitalizations larger than most countries’ GDP.

No government agency is attempting this. No court has been asked to rule on it. No statute contemplates it.

The industry’s self-regulatory organizations are, by default and by design, the only institutions in position to try. Whether they rise to that responsibility – with the speed, the rigor, and the independence it demands – will determine not just the future of lead generation, but whether industry self-governance can function as a legitimate mechanism for managing technological transformation at a pace that democracies cannot match.

The new gatekeepers built their frameworks to police an industry in crisis. History will judge them on whether those frameworks proved adaptable enough to govern an industry in metamorphosis.

Timeline of Key Events

  • 1985: DMA launches Telephone Preference Service
  • 1991: Telephone Consumer Protection Act enacted
  • 1995: FTC Telemarketing Sales Rule takes effect
  • 2003: FTC establishes National Do Not Call Registry; DMA TPS effectively superseded
  • 2012: FCC strengthens TCPA consent requirements for robocalls and texts
  • 2015: OECD publishes comprehensive study on industry self-regulation effectiveness
  • 2021: Supreme Court decides Facebook v. Duguid, narrowing ATDS definition; FCC Reassigned Numbers Database becomes operational
  • December 2022: Consumer Consent Council announces SRO Phase I completion
  • February 2023: R.E.A.C.H. formally launches with Standards V.1.0
  • May 2023: R.E.A.C.H. files FCC comment urging standards adoption as safe harbor
  • November 8, 2023: PACE announces day-to-day operations, meetings, and member services will cease effective immediately
  • 2023-2024: R.E.A.C.H. conducts six ex parte meetings with FCC offices
  • December 2023: FCC adopts one-to-one consent rule (scheduled for January 2025 implementation)
  • June 2024: Supreme Court overturns Chevron deference in Loper Bright v. Raimondo
  • September 2024: R.E.A.C.H. Standards V.2.0 adopted for one-to-one compliance
  • October 2024: R.E.A.C.H. conducts ex parte meetings with all FCC Commissioner offices
  • January 24, 2025: Eleventh Circuit vacates FCC one-to-one consent rule in Insurance Marketing Coalition v. FCC
  • January 29, 2025: R.E.A.C.H. files “Make Our Phones Great Again” petition with FCC
  • April 2025: FCC delays “revoke all” scope provision implementation to April 2026
  • July 2, 2025: R.E.A.C.H. board unanimously adopts Standards V.3.0
  • October 2025: Meta removes auto-fill from lead ads, forcing manual entry of contact details; Gartner IT Symposium predicts 90% of B2B buying will be AI agent-intermediated by 2028
  • October 28, 2025: FCC unanimously adopts “Caller Identification and TCPA Modernization” Further Notice of Proposed Rulemaking as part of “Delete, Delete, Delete” initiative
  • November 2025: FTC reduced to two of five commissioners; Chair Ferguson pivots agency from rulemaking to prosecution
  • December 2025: Shopify launches Agentic Storefronts; Amazon’s Rufus reaches 300 million users
  • January 1, 2026: California DROP platform launches, allowing consumers to submit centralized deletion requests to all registered data brokers
  • January 5, 2026: FCC comment deadline for FNPRM
  • January 6, 2026: FCC extends “revoke all” rule effective date to January 31, 2027
  • January 2026: ActiveProspect completes Jornaya acquisition, bringing both major consent verification platforms under single ownership; Walmart-Google announce Gemini-powered shopping partnership; IBM/NRF study finds 45% of consumers using AI in buying journey; McKinsey projects agentic commerce at $3-5 trillion by 2030
  • January 31, 2026: Data broker registration deadline with CalPrivacy under Delete Act
  • February 3, 2026: FCC reply comment deadline for FNPRM
  • August 1, 2026 (scheduled): Data brokers must begin processing California DROP deletion requests (every 45 days, 90-day completion window); EU AI Act transparency requirements take effect
  • January 31, 2027 (scheduled): FCC “revoke all” consent revocation rule scheduled to take effect (subject to ongoing FCC reconsideration)
  • 2028 (projected): Gartner forecasts 90% of B2B buying AI agent-intermediated; McKinsey projects AI search impacting $750 billion in revenue
  • 2029 (projected): AI-in-insurance market projected to reach $35.8 billion (from $7.7 billion in 2024)
  • 2030 (projected): McKinsey projects global agentic commerce at $3-5 trillion; insurance agent workforce “reduced substantially” with remaining agents relying on AI assistants

References

Federal Statutes and Regulations

Court Decisions

FCC Proceedings and Regulatory Actions

Research Reports and Academic Sources

Industry Data and Market Research

Corporate Announcements

Industry Organizations and Advocacy

Compliance Technology

The Podcast

Industry Conversations.

Candid discussions on the topics that matter to lead generation operators. Strategy, compliance, technology, and the evolving landscape of consumer intent.

Listen on Spotify