SMS Compliance:
A Comprehensive Look

What does it mean to be SMS compliant?

If you are new to the world of SMS, then you may not know about SMS compliance. SMS compliance is an umbrella term that is used to describe the various rules and regulations that are out there. Regulations that you should be aware of include HIPAA and TCPA.  Being compliant is a legal requirement, but sometimes it’s seen as a best practice so you can establish and build trust with your customers.

Who regulates business text messaging?

In the United States, SMS compliance is governed by the Federal Communications Commission (FCC) and the Federal Trade Commission (FTC).

FCC

The FCC has regulations in place for telemarketing and text messaging, including the Telephone Consumer Protection Act (TCPA), which prohibits unsolicited telemarketing calls and text messages to cell phones without prior express consent from the recipient.

FTC

The FTC also has regulations in place for SMS marketing, including the CAN-SPAM Act, which regulates the content and sending of commercial text messages. This includes requiring that commercial text messages include an opt-out mechanism and that the sender's contact information is included in the message.

CTIA

The Cellular Telecommunications Industry Association (CTIA) is a trade association that represents the wireless communications industry in the United States. It does not directly regulate texting, but it does establish guidelines and standards for the industry, such as the CTIA Short Code Monitoring Program, which aims to ensure that text messages sent to short codes (i.e. 5-6 digit phone numbers) are sent with the consent of the person receiving them, and are not sent in a way that would be considered spam. The CTIA also works with government agencies, such as the Federal Communications Commission (FCC) and the Federal Trade Commission (FTC), to help ensure compliance with relevant laws and regulations related to text messaging.

MNOs

Wireless carriers, or Mobile Network Operators, provide connectivity to recipients over their networks. These carriers have been pushed by the FCC to put a stop to spam. In doing so, the carriers have introduced 10DLC registration and toll-free verification. Furthermore, each carrier has its own rules regarding messaging costs, daily sending limits, and message segment delivery speeds.

DCAs

A direct connect aggregator is a company or service that acts as an intermediary between mobile network operators and CSPs that want to connect customers via mobile channels. The mobile aggregator will have agreements in place with multiple mobile network operators, allowing them to provide businesses with a single point of access to those operators' networks. This allows businesses to send SMS messages, make voice calls, or offer mobile data services to their customers, without having to establish separate relationships with multiple mobile network operators.

CSPs

Text-Em-All is a CSP or Campaign Service Provider. CSPs work with multiple brands to create and launch messaging campaigns. They provide the product that brands use to send messages.

Businesses must also comply with state laws regarding SMS marketing, which may have additional regulations. It's important for businesses to stay up-to-date on these laws and regulations to ensure compliance and avoid fines or penalties.

What are the SMS compliance laws?

TCPA (Telephone Consumer Protection Act)

The TCPA is a federal law in the United States that regulates telemarketing and text messaging. It was passed in 1991 to protect consumers from unwanted telemarketing calls and text messages.

The TCPA places restrictions on the use of automatic dialing systems, prerecorded voice messages, and text messages, and it requires companies to obtain prior express consent from consumers before making these types of calls or sending text messages.

Under the TCPA, companies are required to:

• Obtain prior express consent from consumers before making telemarketing calls or sending text messages to their cellphones

• Provide consumers with an easy opt-out mechanism for future calls or text messages

• Keep records of consumer consents for a certain period of time

• Honor the National Do Not Call Registry, which allows consumers to opt out of telemarketing calls

The TCPA also gives consumers the right to sue companies for violating the law and allows for damages of up to $1,500 per violation. This means that if a company calls or texts a consumer without prior express consent, the consumer can sue the company and be awarded damages.

It's important for businesses to be familiar with the TCPA and to ensure they are in compliance to avoid penalties and fines.

S.H.A.F.T.

SHAFT is an acronym that stands for “Sex, Hate, Alcohol, Firearms, and Tobacco” and it is used to refer to a set of restrictions that mobile carriers and messaging platforms impose on businesses sending text messages and SMS marketing campaigns. These restrictions are designed to prevent the distribution of inappropriate or offensive content through a text message.

• Sex: Businesses are prohibited from sending a text message that contains sexually explicit or suggestive content.

• Hate: Businesses are prohibited from sending text messages that promote or incite hate or discrimination towards any group of people.

• Alcohol: Businesses are prohibited from sending text messages that promote or advertise alcohol products to people under the age of 21.

• Firearms: Businesses are prohibited from sending text messages that promote or advertise firearms or other weapons.

• Tobacco: Businesses are prohibited from sending text messages that promote or advertise tobacco products.

These restrictions apply to any businesses or individuals sending text messages through a carrier or messaging platform and are in place to protect consumers from offensive or inappropriate content, and to comply with laws and regulations regarding these products and services.

It's important for businesses to be aware of these restrictions and to ensure that their messages do not violate them in order to avoid penalties or fines.

CAN-SPAM Act

In 2003, Congress chose to pass the CAN-SPAM act. This was done to try and curb the number of commercial email or text messages that could be sent to devices. Section 14 of the act required the FCC to put rules into place so that consumers could be safeguarded from unwanted messages. It’s important to know that this adds to the TCPA. If you want to comply with the CAN-SPAM act, you need to take three actions when texting mobile phones. They are as follows:

Identification

You need to provide a clear indicator that the message is an advertisement or about goods and services.

Opt Out Instructions

Having the option to stop receiving a text is a must and you have to make sure that future messages are not sent if someone has chosen to opt-out.

Return Address

The SMS has to include a return phone number.

Tips for staying SMS compliant

Express written consent

Express consent and express written consent are both forms of consent required under the Telephone Consumer Protection Act (TCPA) for businesses to send messages to consumers in the United States. However, there is a difference between the two forms of consent.

Express consent refers to a consumer's agreement to receive texts from a business. It can be obtained verbally or through electronic means such as a website form or checkbox. Express consent can be withdrawn by the consumer at any time.

Express written consent, on the other hand, is a specific type of express consent that requires the consumer to provide written permission for a business to send messages. This written permission can be in the form of a physical signature or an electronic signature. Express written consent is considered a higher level of consent and is more difficult to withdraw.

It's important for businesses to note that the TCPA requires that consent be obtained before the texts are sent and not just at the time of signing up for a service or purchasing a product.

In summary, express consent is a general agreement for a business to send messages, to obtain express written consent is a specific type of express consent that requires a written agreement from the consumer, which is considered a higher level of consent and is more difficult to withdraw.

Opting-In and Opting-Out

The TCPA dictates the rules for opting in and opting out. It’s vital that you only text a customer if they have given you permission to do so. They should also be able to opt-out whenever they want. When you publicize the SMS services that you have to offer, you have to let your customers know what it means to sign up and they should also be aware of opt-out instructions. You also have to make sure that they text in a keyword of your choosing to opt-in, or that they click a box on the website form. Sending an opt-in confirmation is also important.

If you want to ensure that you are as compliant as possible when it comes to your text message, then you will need to adhere to TCPA regulations. You have to make sure that you:

• Provide an accurate description of your SMS program

• Allow your customers to opt-out at any time

• Ensure that your customers are opting in before texting

One important thing to know is that certain carriers will also have their own set of compliance requirements. There is a good chance that you might not be able to discuss some topics, even if they are truly relevant to your customer service. It may be that you cannot discuss student loans, for example. Checking with your carrier is the best way for you to make sure that you do not cover any topics that could well be prohibited. Make sure you do this, so you can be compliant.

Consent based on message types

The TCPA is a federal law in the United States that regulates marketing calls, texts, and faxes. Under the TCPA, businesses must obtain prior express consent from consumers before making certain types of calls or sending certain types of texts or faxes.

Businesses must comply with TCPA guidelines for both types of calls and messages, but the rules for obtaining consent are slightly different. Prior express written consent is required for marketing calls or texts, while prior express oral or written consent is required for informational calls or messages.

Conversational

Interactions that require the lowest amount of consent would be conversational ones. These tend to be one-on-one and they happen between a customer and a brand. This happens based on an existing relationship. One example of this would be if a customer chooses to contact your brand via text about a product or a service. If a conversation like this is instigated, then you will have implied consent. As long as you keep the conversation, somewhat conversational, and if you provide a response that is relevant then you will not require written consent here.

Informational

In this category, you have alerts and notifications. They can be sent for informational purposes but not for marketing or sales purposes. One example of this would be a text that is sent with tracking updates for an order that may have been completed. If you want this kind of interaction to be carried out, then a customer has to give their written consent to receive texts for this purpose. This involves opting in and agreeing that they are comfortable with being contacted for this reason.

SMS Marketing

If you run a company and you intend to pursue an SMS strategy for marketing, then there is a high chance that you will be utilizing promotional texts. This category happens to include any messages that are designed to market, promote and finally, sell your services. If you want to send out messages like this then you have to make sure that you have written consent from your customers before you get in touch with them. Written consent can refer to a declaration that can then be documented and saved digitally, as opposed to having a paper copy.  All subscribers, in order to provide consent, have to agree to receive messages on their phones. They also have to have a transparent and clear idea of the service that they are signing up with, as well as access to your company’s privacy policy.

What’s a TCPA Violation?

The main violation for TCPA would be texting a customer if they have chosen to opt-out of your messaging service. If you text people who have never opted-in, then this is another violation. Even if you text a number that has been reissued, this can also be a violation.

Violations and Penalties

In the form of statutory damages, you will get $500 for each violation that you commit. If you carry out a willful violation, then this can be up to $1500. It is truly not uncommon to see a settlement for tens of millions of dollars when it comes to lawsuits and the TCPA. One big example of a TCPA violation would be Domino’s Pizza. They agreed to pay $10 million in 2013 for a class-action lawsuit. The court came to the conclusion that customers had been getting unsolicited marketing texts and phone calls. It was found that Domino’s had been sending out promotional texts without getting consent first.

Text-Em-All Tip: Responsible Use

Please note that Text-Em-All does not allow SMS marketing messages, or political, or fundraising messages on our platform. See our responsible use policy for more details.

Best practices when sending messages

While a blocked number by the carriers is out of our control, there are some best practices to keep in mind as you compose your message to minimize the chances of being blocked:

• Clearly identify your organization or business in the body of your message. 

  • For example: "[Insert Your Business Name]: You have an appointment for Tuesday at 3:00 PM. Let us know if you have any questions!"

• Clearly state your audience if applicable (i.e. employees, members)

• Avoid using words or phrases that could be mistaken as gambling-related or promotional in nature.

  • Promotional words or phrases: Cash, On Sale, 50% off, Buy Now, etc. 

  • Gambling-related words: Poker, bingo, lottery, casino, hold-em, etc. 

  • For example, alerting your staff of a bingo game or the upcoming sales within your store. While these are informational within the context of your account, they could still be perceived as spam by our carriers.  

• Refrain from using free URL shorteners

• Don't include a callback number that is different from the number you are sending the message from (Call forwarding is available for Text-Em-All text numbers - please contact our Customer Experience team to set this up!)

• Avoid using all caps and excessive punctuation (THANKS, ASAP, LVN, MBA, @, %, !!!, ???)

• Don't use a cash or payment handle "@sendmemoney" in your messages. We have seen a large number of blocks when including requests for donations to cash or payment apps.

Quick Reference Guide

• In short, you have to make sure that you:

• Don’t purchase phone numbers or lists of contacts

• Don’t send texts about SHAFT

• Always tell people what they are signing up for

• Get consent from every contact

• Don't send unsolicited text messages

If you can follow these quick rules, then there should be no reason why you cannot make the most out of your campaign and why you can’t remain as compliant as possible. It can be difficult to know when you are being compliant and when you aren’t, but a good way for you to avoid this would be for you to try and utilize the help of a text messaging service like Text-Em-All. When you do, you will usually find that they can guide you on the best practices while also making sure that you get the best result out of your campaign.