California telemarketing + recording laws
California adds strict recording rules + the CCPA/CPRA privacy overlay to federal TCPA.
California layers two big restrictions on top of federal TCPA: strict two-party recording and the CCPA/CPRA privacy regime.
Recording (Cal. Penal Code § 632)
All-party consent. Failure = criminal misdemeanor + civil damages. The standard pattern:
- Beep at call start
- Spoken disclosure: "This call is being recorded for quality and training purposes"
- If the caller says they don't want to be recorded → stop recording
- If they hang up → no recording, no foul
VICIdial: per-campaign Recording Override = ALLFORCE_VM plus a dial-plan MixMonitor that plays the beep before patching to the agent.
Calling hours
Federal default — 8am-9pm called party local time. California doesn't tighten this further.
CCPA / CPRA
If you're dialing California residents, you're handling their personal data. CCPA + CPRA apply if your business hits any of:
- $25M+ annual revenue
- 100K+ California consumer records
- 50%+ revenue from selling personal info
What that means for dialing operations:
- Honor "Do Not Sell" requests within 15 business days
- Maintain a privacy notice listing data categories collected
- Provide CA residents access + deletion rights on request
VICIdial doesn't manage this for you — your CRM + privacy ops do. But your call recordings + lead data on the dialer ARE in scope. Plan for export + deletion workflows.
DNC
Use the federal DNC. California doesn't maintain a separate state list.
Operator checklist
- [ ] Two-party recording: beep + disclosure on every call
- [ ] CCPA/CPRA compliance program if you hit thresholds
- [ ] "Do Not Sell" workflow integrated with your dialer DNC
- [ ] Privacy notice published, linked from any consent forms
- [ ] Recordings retained per your industry rules; delete on user request