Text message or SMS marketing is a powerful way for businesses to engage with their audience and drive conversions. However, navigating the Telephone Consumer Protection Act (TCPA) is essential for maintaining legal compliance and avoiding hefty fines. This guide will cover everything you need to know about TCPA text messages, including compliance rules, key requirements, and how tools like TrustedForm can simplify the process.
Does TCPA apply to text messages?
Yes, the TCPA applies to text messages. Initially enacted in 1991 to regulate telemarketing calls, the TCPA also governs SMS messages, particularly those sent for marketing purposes. Any business using SMS for marketing must adhere to stringent TCPA requirements, including obtaining prior express written consent from recipients.
Failing to comply can result in severe penalties, ranging from $500 to $1,500 per violation, as well as potential class-action lawsuits. Thus, understanding and following TCPA rules is non-negotiable for businesses engaging in SMS marketing.
What are TCPA text message rules?
TCPA text message compliance refers to the adherence to the specific guidelines for sending SMS communications to consumers. These regulations are designed to protect consumers from receiving unwanted or unsolicited marketing messages, while ensuring businesses operate transparently and responsibly.
Compliance requires businesses to follow specific legal protocols, primarily focusing on obtaining explicit consent from consumers and providing clear mechanisms for them to opt out of future communications. TCPA compliance is critical for maintaining consumer trust and avoiding legal risks. By following the rules, businesses can:
- Demonstrate respect for consumer privacy and preferences.
- Avoid significant financial and reputational damage caused by non-compliance lawsuits.
- Build stronger relationships with their audience by fostering transparency and accountability.
Core TCPA requirements for text messages
Navigating the TCPA text message complexities is essential for businesses that use SMS marketing to engage their audience. Compliance not only protects your organization from legal risks and costly penalties but also demonstrates respect for consumer rights and privacy.
To achieve compliance, businesses must focus on addressing a few core requirements that serve as the foundation for legal and responsible SMS communications. These principles guide how businesses obtain consent, communicate transparently, and manage ongoing interactions with consumers. Here’s what you need to know to meet TCPA standards and safeguard your marketing efforts.
1. Clear disclosures
Transparency is critical in TCPA compliance. Before obtaining consent, businesses must provide clear and conspicuous disclosures that inform recipients about:
- Explicitly stating that the recipient agrees to receive automated marketing messages from a specifically stated company.
- The type of messages they will receive (e.g., promotional, transactional, or informational).
- Potential charges, such as message and data rates may apply.
- A stated option to revoke consent at any time.
2. Obtaining prior express written consent
Before sending any SMS marketing messages, businesses must secure prior express written consent from the consumer. Be careful if using simple “call to action” messages to get campaign signups such as signs or ads saying ‘Text “SAVE” to 54321…’. There have been numerous TCPA lawsuits asserting that just sending a response word as identified in a campaign is not full consent to receive marketing or promotional messages. Consider this when looking to present compliant consent language:
- Consent should be presented and collected in a way that is clear and unambiguous, such as through a web form or robust text-to-join program instructions and responses that identify agreement to receive messages.
- Making it clear that consent is not a condition for purchasing goods or services.
- Specifying the phone number and the types of messages the recipient will receive.
3. Providing clear opt-out mechanisms
TCPA regulations mandate that businesses offer recipients an easy and straightforward way to opt out of receiving future messages. Every message must include a simple opt-out option, such as replying with “STOP.” Businesses must process opt-out requests within 10 business days and cannot send promotional messages after receiving an opt-out request.
This includes:
- Clear instructions on how to stop receiving messages (e.g., replying “STOP” or any other reasonable words that indicate revoking of consent to future messages).
- Processing opt-out requests promptly.
- Avoiding additional promotional messages after an opt-out request has been made. Businesses may send a final confirmation message acknowledging the opt-out, but it must not include any promotional content.
4. Record keeping requirements
Robust record-keeping is an essential component of TCPA compliance. Maintaining detailed and accurate records of consent is your strongest defense in the event of a TCPA complaint or legal dispute. These records not only demonstrate your compliance but also help build trust with your audience by showing your commitment to ethical communication practices.
What businesses must track:
- When and how consent was obtained: Record the exact date and time consent was provided, along with the method used to collect it (e.g., web form, SMS opt-in, or paper form).
- Exact language of the consent agreement: Preserve the specific language presented to the consumer during the consent process to show that it aligns with TCPA requirements. This includes disclosures about the nature of messages, potential charges, and the opt-out process.
- Contact details of the recipient: Maintain accurate records of the recipient’s contact information, including their phone number, to ensure messages are only sent to those who have provided consent.
Using tools like TrustedForm can automate this process by securely documenting and storing proof of consent, minimizing the risk of human error and bolstering compliance.
5. Additional requirements
Comply with time-of-day restrictions
- The TCPA prohibits sending text messages outside of “quiet hours,” defined as before 8 am and after 9 pm in the recipient’s time zone.
- Many states enforce even stricter time-of-day restrictions. Research state-specific rules to avoid unintentional violations.
- For nationwide campaigns, adjust for time zone differences. A text sent at 9 am Eastern Time may still fall within quiet hours for recipients on the West Coast.
Scrub against Do-Not-Call (DNC) lists
- Federal DNC compliance: The National DNC Registry protects consumers from unsolicited communications. Scrub your contact list against this registry regularly to maintain compliance.
- State DNC registries: Some states maintain their own registries, which may include additional restrictions or requirements beyond the federal list. Cross-reference these lists for added compliance.
- Reassigned Number Database (RND): It is common for consumers to change phone numbers when they get a new phone or service. Establish a process to scrub phone numbers against the RND service before making any calls or sending text messages to numbers that may have been reassigned to a new owner. The RND is a national database service that contains information about recently changed phone number owners and permanently disconnected phone numbers. By regularly checking the RND, businesses can determine whether a number has been reassigned since the last time they obtained consent from the consumer
Consult your compliance team
- Expert review: Before launching any text message campaign, involve your legal or compliance team to verify adherence to TCPA requirements.
- Policy updates: Compliance rules can change. Regularly consult with your team to stay updated on the latest regulations and keep your campaigns aligned with both federal and state laws.
- Thorough documentation: Keep detailed records of your compliance processes, including scrubbing practices, time-zone adjustments, and campaign reviews.
By observing these requirements, you’ll not only avoid penalties but also build trust and credibility with your audience. Always prioritize compliance to maintain positive engagement and safeguard your organization.
How to manage TCPA for informational text messages and marketing text messages
Managing TCPA informational text messages and marketing text messages requires a clear understanding of the law’s requirements and consent rules. Here’s a detailed breakdown to help you navigate both types:
1. Understand the difference between informational vs. marketing texts
Informational texts
- These are messages that provide useful information from the product or service that the consumer has acknowledged or agreed to receive.
- Informational text message campaigns should not include any promotional or marketing message content.
- Examples: appointment reminders, shipping updates, account notifications, or service alerts.
- Consent required: Prior express consent (PEC) or invitation (not necessarily written). PEC to receive information text messages is a lower standard of consent. An example is a consumer providing their number knowingly to receive informational texts from a service, by filling out a form.
- PEC or invitation could be provided orally by the consumer or by sharing a business card, but this is harder to document and retain evidence of an agreement or consent to receive these messages.
Marketing texts
- These include any message that promotes or advertises a product or service.
- Examples: discount offers, product announcements, upsell campaigns.
- Consent required: Prior express written consent (PEWC) which is a higher standard of TCPA consent (can be electronic, like a selection action on a checkbox form).
- Must clearly state the user agrees to receive marketing messages.
- Consent language and webform design presenting a sign up or opt-in to receive marketing messages require the presentation of specific items in a webform, many of which are detailed below.
- It is recommended to consult with your legal and compliance function early for any marketing campaigns around SMS messages to allow review and approval of the notice or sign up language, webform design, opt-in language, font size, “agree” button language and location.
2. Obtain and document consent
- For informational: A consumer giving their number in the context of a transaction (e.g., booking an appointment or placing an order) usually qualifies.
- For marketing: You must provide a clear, conspicuous notice disclosure that:
- They’ll receive marketing texts.
- Consent is not a condition of purchase.
- Message frequency, data rates, and privacy terms are clear.
- You collect a timestamped, documented version of their opt-in.
3. Include required opt-out language
Every message – especially marketing ones – must include a simple way to opt out.
Examples:
- “Reply STOP to unsubscribe”
- “Text STOP to opt out”
Even if it’s an informational message, include opt-out language if there’s any chance the recipient might interpret it as promotional.
4. Maintain opt-out and consent logs
- Keep detailed logs of when, how, and from where consent was given.
- Promptly honor opt-outs – systems must suppress opted-out numbers from all future sends. Process opt-outs as soon as possible or within 10 business days, as required by the TCPA.
- Regularly audit your SMS campaigns and database for compliance.
5. Stay updated & use a reputable messaging provider
- TCPA rules evolve with technology and court rulings.
- Partner with a provider that offers:
- TCPA-compliant tools
- Dynamic opt-out handling
- Consent capture solutions
- Carrier compliance monitoring (e.g., for “Spam Likely” flags)
TCPA text message consent language examples
Here are several TCPA text message consent language examples, tailored for different scenarios.
These are examples only. Use of this example language by itself in a campaign is not enough to present TCPA compliant consent. Seek review by your legal and compliance functions covering your whole marketing campaign for their advice on best TCPA consent language to present to the consumer.
Standard marketing consent (online form)
“By checking this box, you agree to receive recurring automated promotional and personalized marketing text messages (e.g., cart reminders) from [Your Company] at the mobile number provided. Consent is not a condition of purchase. Msg & data rates may apply. Msg frequency varies. Reply HELP for help, STOP to cancel. View our Privacy Policy.”
Short version for in-store or one-on-one use
“By signing up, you agree to receive automated marketing texts from [Your Company]. Consent not required for purchase. Msg & data rates may apply. Reply STOP to opt out.”
Double opt-in confirmation message
“You’re almost done! Reply YES to confirm you want to receive marketing texts from [Your Company]. Msg & data rates may apply. Reply STOP to cancel.”
Informational only (e.g., appointment reminders)
“By providing your number, you consent to receive automated service-related messages (e.g., appointment reminders) from [Your Company]. Msg & data rates may apply. Reply STOP to opt out.”
Educational consent for lead forms (long form)
“By submitting this form, I consent to receive autodialed and prerecorded calls, text messages, and emails from [Your Company] and its partners related to my inquiry. Consent is not a condition of any purchase. Msg & data rates may apply. You may unsubscribe at any time.”
If you’re sourcing leads from third parties, you’ll want to capture and store a detailed audit trail of this consent, including IP address, timestamp, and a screenshot of the consent language presented at the time of submission – tools like TrustedForm can help automate that.
How TrustedForm bolsters compliance with TCPA text messages
Managing TCPA compliance can be complex, but TrustedForm offers a streamlined solution. This tool provides independent proof of consent, helping businesses mitigate legal risks and confidently run SMS campaigns.
Key features of TrustedForm:
- Consent documentation and storage: Record and retain consent details, including the time, date, and method of collection.
- Automation: Reduces manual processes by automating the approval or rejection of consent language variations at the time of acquisition.
By integrating TrustedForm into your lead generation and SMS campaigns, you can simplify compliance, reduce risk, and focus on delivering impactful marketing messages.
Final thoughts
Staying TCPA-compliant is essential for running effective and ethical SMS marketing campaigns. By following TCPA rules—securing prior express written consent (PEWC), providing clear disclosures, and honoring opt-out requests—you can protect your business from legal risks and build consumer trust.
Investing in compliance today can keep your SMS marketing efforts remain both effective tomorrow and beyond. Tools like TrustedForm can simplify compliance by providing robust consent management and documentation capabilities. To learn more about how TrustedForm can help you navigate TCPA text message regulations, discover TrustedForm now.
