4 minutes, 3 seconds
SMS compliance and messaging laws vary by country. The regulations covered in this Particular guide define US laws for SMS messaging.
For establishments located outside of the US and have customers in other countries, follow all SMS laws and legal requirements in the areas you do business. Please refer to the SMS marketing and legal considerations documentation for more information on other countries.
Please note: this documentation is solely a guide and Cloud Contact AI cannot and will not provide legal advice regarding US SMS compliance laws. For questions about any of the matters outlined in this guide, we recommend contacting legal counsel for proper guidance and compliance.
Overview of TCPA and CTIA
What is TCPA?
Telephone Consumer Protection Act (TCPA) is a telemarketing law dating back to 1991. The law covers the use of automated telephone communications, such as phone calls, voicemails, faxes, and SMS.
Like phone calls, text messages follow the TCPA. Hence, sending spam SMS messages can result in fines between $500 and $1500 per violation.
TCPA defines spam messages as any “unsolicited advertisement” that promotes the commercially available product, good, or service without their consent, whether in writing on otherwise. Because of this, double opt-in systems are recommended to confirm recipients’ subscriptions to SMS.
Tips for double opt-in:
1. Validate that the opted in number is legitimate by sending them a text before beginning your marketing efforts.
2. Capture an electronic record showing proof of the recipient’s approval.
3. Enable people the ability to easily opt-out of campaigns.
What is CTIA?
Cellular Telecommunications Industry Association (CTIA) is a trade organization operated by wireless companies such as AT&T, Verizon, and many more.
The major companies operating the CTIA are not government-run organizations like the FCC and have no legal authority. You cannot be sued for disobeying CTIA guidelines; however, there can be other repercussions for not following their rules.
If you violate these rules, the CTIA will report you to the mobile carriers, which may cease activity or suspend your access to their customers until the issue is resolved.
The CTIA established a short code system, which is a simple and popular method that enables people to opt-in. The CTIA states that organizations shouldn’t issue messages containing words relating to tobacco, hate, alcohol, guns, or sex.
How to obtain proper consent
Firstly, to ensure SMS compliance, it’s important to understand that you cannot and should not text anybody without their permission. Therefore, phone numbers acquired during checkout do not have the explicit consent to receive messages from you, so NO messages should be sent to that individual.
Once you have a persons permission, you should always send a message confirming their opt-in status and explain that they have the ability opt-out. Businesses can do this by telling them to reply “STOP” if they choose to stop receiving texts from you.
You can follow these four steps to ensure you are always collecting phone numbers and communicating via SMS in a compliant manner:
1. You must gain consent in writing via a physically, electronically, or SMS opted in agreement. With an SMS opt-in, you will provide people with a number to text with a particular phrase or code which will give you consent to message these people.
To ensure the opt-in was genuine, it’s a best practice to send them a message confirming the agreement
2. Let the subscriber know that they will be contacted in the future with a specified kind of content.
3. It helps to disclose the kind of content you plan to share and the frequency of the messages.
4. In subsequent text messages, you should mention your company by name as a reminder, inform about carrier expenses, support options, or the ability to opt-out of future campaigns.
If I have customers consent for email, can I include them in my SMS campaigns?
The short answer is no. If somebody gives their consent to receive emails, it doesn’t mean that they want to receive SMS alerts as well, even if their phone number was provided when they subscribed to your emails. Subsequently, if somebody wants to receive text alerts, they must explicitly state that they want to receive text message alerts.
What if my users opt-out of my SMS campaign? How long am I required to honor opt-out requests?
It’s important to note that the most popular way for people to retract their consent is to reply “STOP” to received messages. However, be aware that some individuals may request to withdraw consent via other avenues, such as email or phone call, or even contacting you via social media.
It’s your job to ensure that these contacts get removed immediately, as to ensure total SMS compliance. By failing to remove these contacts, you could face penalties.