Customer data is routinely viewed as a prized corporate asset in today’s economy. Marketing departments spend millions to acquire it, and IT departments build fortresses to protect it.
However, a recent class-action settlement involving Newfold Digital Inc., also known as Register.com, is a reminder that customer data has a shelf life, and its expiration can carry harsh penalties.
The litigation, which ultimately landed on the desk of a corporate successor after a mid-case merger, centered on a reassigned number management failure. The company allegedly continued placing automated outbound pre-recorded voice calls to phone numbers that had long since been disconnected and reassigned to new users.
Any valid customer consent they might’ve once had evaporated and was replaced by a silent accumulation of regulatory liability that will cost the firm seven figures to resolve.
What Happened in the Tiffany Lewis v Register.com Case?
The lawsuit was filed in the U.S. District Court for the Southern District of Indiana in February 2025. If you've reviewed the case documents, you may notice the defendant's name changes throughout the litigation. The original complaint named Newfold Digital, Inc., the managing company behind the Register.com brand. An amended complaint later substituted Register.com, Inc. as the defendant, and during the litigation Register.com merged into Network Solutions, LLC, which ultimately signed the settlement agreement as the surviving entity.
According to the settlement agreement, the plaintiff alleged that Register.com placed calls using an artificial or prerecorded voice to cellular telephone numbers after those numbers had been permanently disconnected and made available for reassignment per the FCC's Reassigned Numbers Database. Because a phone number's new subscriber does not inherit the legal consent given by the previous owner, every automated dial was a step deeper into liability under the Telephone Consumer Protection Act (TCPA).
Register.com denied liability and agreed to settle the matter without admitting wrongdoing.
Under the terms of the proposed settlement, which was filed in January 2026 and remains subject to court approval, the company agreed to create a $1.5 million non-reversionary settlement fund to resolve allegations that it placed artificial or prerecorded voice calls to reassigned cellphone numbers without the required consent.
The Cost Per Record: Breaking Down the Lewis v Register.com Math
The real shock of this case is in the math. In most major TCPA class actions, a large fund is built to cover a massive dragnet that swept in tens of thousands of consumers.
This case didn't look anything like that. According to the company's own statements in the settlement agreement, the entire corporate penalty was triggered by an incredibly small pocket of data:
- Total Affected Phone Numbers: 453
- Total Calls Placed: 1,652
- Total Settlement Fund: $1,500,000
For almost any mid-market or enterprise organization, 453 records represent a small fraction of a customer database.
And those 453 numbers collectively averaged just 3.6 calls each over a nearly five-year class period, yet the financial exposure exploded.
When you break down the gross relief structure, it comes to more than $3,300 of implied corporate liability for every single stale phone number left unscrubbed in the queue.
That extreme disproportion is precisely what makes this case worth examining. It proves that massive regulatory exposure doesn't require high-volume, or aggressive campaigns. It just requires a small, stale segment of records being used in an everyday calling or messaging campaign.
The Operational Lesson in Lewis v. Register.com
One of the key takeaways from this case is that compliance risk isn't only introduced when data enters a system. It can develop over time as the underlying reality of that data changes.
This is what makes reassigned numbers different from many other TCPA compliance challenges.
But identifying a risk and controlling a risk are not the same thing.
Organizations that rely on outbound calling should consider how they monitor, maintain, and ultimately act on changes to customer contact data over time.
What happens after a number is identified as disconnected, reassigned, or otherwise no longer associated with the intended consumer?
Many organizations regularly audit their compliance scripts and lead-capture forms, but rarely test the plumbing between their data management processes and their live outbound systems. In a strict-liability environment like the TCPA, understanding how reassigned-number intelligence flows through an organization can be just as important as collecting it in the first place.
A reassigned-number process only works if the information ultimately reaches the systems responsible for outbound outreach. If a disconnected or wrong-party indicator is captured but never affects campaign eligibility, the risk will remain.
A quick note on pre-recorded voice
It's also worth noting that the allegations of this case center on reassigned number violations but involved artificial or prerecorded voice calls, a category that has historically attracted heightened TCPA scrutiny.
The prerecorded message quoted in the complaint referenced the recipient's 'existing account' and a 'possible interruption of your active service'. A reminder that account management or informational calls carry TCPA risk.
That distinction is becoming even more relevant as organizations experiment with AI-powered voice technologies. While the technology may be evolving, many AI-driven voice applications raise the same TCPA compliance questions that apply to artificial and prerecorded voice calls.
Who owns the number? Do you have valid consent? And how quickly can your systems react when that answer changes?
How to Avoid Becoming the Next Case Study
This expensive compliance lawsuit emerged from something very ordinary. Industry estimates suggest that roughly one million telephone numbers are disconnected or reassigned each day.
If your organization relies on outbound calling or messaging, start by understanding how reassigned numbers are identified within your environment.
1. Are you regularly scrubbing for disconnected and reassigned numbers?
2. Are wrong-party indicators being captured?
3. And more importantly, do those signals actually remove records from active campaigns?
If you're not sure, don't start by reviewing policies. Start by measuring the problem.
Before investing time in new processes, controls, or technologies, understand whether reassigned number risk is actually present in your environment and, if so, to what extent.
Contact Center Compliance offers complimentary reassigned number testing that can help establish a baseline. The compliance team will analyze a sample of your data and tell you how many reassigned numbers are found, giving your team a clearer picture of potential exposure and helping you determine your next steps to mitigate the risk.
Set up your free reassigned numbers sample test with one of our compliance experts.
