Guides

SMS marketing regulations in the US: How to stay TCPA compliant

There are strict laws governing the use of SMS for commercial purposes in the US. Failure to abide by them can undermine your brand’s reputation, and potentially leave you facing prosecution. Ensure compliance by following our guide to TCPA.

Robi O'Cleirigh
Content Manager @ Blueprint

SMS marketing is a powerful and largely untapped channel for brands to directly reach consumers. It can fulfil any number of purposes, from brand awareness and community building to sales outreach and long term retention. 

What it isn’t, however, is the Wild West. Much like email marketing, the use of SMS by brands is heavily regulated. Legal requirements vary depending on region, and the consequences for failing to comply can result in serious reputation damage at best, and criminal lawsuits at worst. 

In the US, two federal statutes govern business’ use of digital communication for commercial purposes. The CAN-SPAM Act (2014) regulates email outreach, whilst the Telephone Consumer Protection Act (TCPA) oversees SMS. For the purposes of this article we’ll be zeroing in on the latter. 

From a brand’s perspective, central to TCPA compliance is the notion of consent. Put simply, every individual you contact via SMS must have expressed a willingness to receive that message. In practice, that means providing consumers with a method to opt-in to your communications but it also means ensuring subscribers have a clear path to opt-out at any time.

Here we break down the key stipulations required by TCPA, unpack what ‘consent’, ‘opting-in’ and ‘opting-out’ really mean in a marketing context, and recommend some best practices for delivering a compliant SMS campaign. 


Telephone Consumer Protection Act (TCPA) 👮

TCPA was signed into law in 1991 and is the key legislation covering SMS marketing in the US. The Act is a product of the Federal Communications Commission (FCC) - an independent government agency regulating use of the nation’s wire, satellite, cable, TV and radio communications. 

TCPA was enacted in response to rising instances of unwanted telemarketing during the late 80s, and exists to protect consumers’ privacy and reduce harassment. It applies to voice calling, automatic dialing, fax use and most pertinently, SMS. 


Importance of consent for SMS marketing 👍

As a federal statute, TCPA is a complex legal document with significant implications for businesses; the full range of which lay beyond the scope of this article. However, we can highlight its two central pillars - consent (indicated by an opt-in) and opt-out (the means by which consent is withdrawn). 

The notion of consent is intended to protect the privacy of consumers by ensuring they only receive the communications which they have specifically chosen to view. Under TCPA, there are two types of consent a consumer can offer - implied and express. The type of consent required depends on the nature of the conversation taking place.  If you don’t have the right level of consent at the right time for the right kind of conversation, you will break the law.


Conversational 💬

Under TCPA, interactions requiring the lowest level of consent are conversational. These are one-to-one exchanges between a brand and an individual consumer based on an existing business relationship

An example of this might be if a customer contacts your brand via SMS with a question about a product. In such a case the instigation of a conversation on the consumer's part is taken as implied consent. So long as your answer is conversational, and contains a relevant response to the their initial message, then you do not need to seek written permission to engage in an interaction. 


Informational 👩‍🏫

The second type of exchange requiring a specific form of customer consent is an informational interaction. Under this category falls alerts and notifications sent for informational, but not for sales or marketing purposes. An example here might be an SMS containing delivery tracking updates for a completed order. 

For an informational interaction your customer needs to give express consent to receive texts specifically for that purpose. This means opting-in, either verbally or in writing, and agreeing to be contacted in this way. 


Promotional 💸

If you are a brand pursuing an SMS marketing strategy, in all likelihood your activities will be promotional. This category includes any text messages designed to promote, market and sell your business products or services. 

In order to deliver these messages, you must extract express written consent from a consumer before contacting them. In this context, ‘written’ refers to a declaration that can be documented and saved rather than the physical act of writing on paper. 

In order to provide consent, all subscribers must knowingly agree to receive messages on their mobile device. They must have a clear, transparent description of the service they are signing up to, as well as access to a full privacy policy. 


How can consumers express written consent for your SMS marketing campaign? ✍️

From an eCommerce brand’s perspective, there are two key ways in which consumers can offer their express written consent to receive promotional SMS communications. The first is inbound texting. This is where subscribers text a designated keyword from their mobile phone, indicating their willingness to join a marketing list.

Beverage brand Moment does this with a simple piece of copy on their website encouraging customers to contact them via SMS to join a ‘secret’ meditation club - an example of how you can comply with regulations whilst remaining creative: 


Moment encourage their audience to contact them | Source: SMS Marketing Examples 


The second means of determining express written consent is via a physical or online form. By filling in a transparent form, which clearly details what they are subscribing to, an individual can agree to receive SMS messages from a business. This can either be presented as a landing page, as in the example below from Kopari, or as a well-labelled tick-box at checkout:


Kopari’s form fill details exactly what the customer is agreeing to | Source: SMS Marketing Examples 


How can consumers opt-out of your SMS marketing campaign? 👎

The second key pillar of TCPA compliance is the notion of opt-out. Brand’s running SMS marketing campaigns must provide subscribers with a simple, frictionless means of removing their consent. Information explaining how to do so must be clearly included in any form fill, landing page or tick box where consumers initially opt-in. The law requires an opt-out option to be available to the consumer at any time. 

There are two common ways of offering this. The first is providing a means of opting-out in-channel using a keyword. Typically subscribers will be asked to text a clear, one-word instruction like STOP, to the number they are receiving messages from. This example from CBD brand Not Pot is fairly typical:  


Not Pot provide a means of opt-out in-channel | Source: SMS marketing examples 


The other option is to include in your messages a clearly designated hyperlink to a readily accessible web page which offers customers an opt-out mechanism. This might come in the form of tick boxes, where users can easily adjust their subscription preferences, or unsubscribe altogether. It’s important to note that this page must be a one-click process for the user - an interface requiring multiple click throughs to opt-out violates TCPA.

A one click opt-out via hyperlink is another means of compliance | Source: SMSAPI


What are the best practices for running an SMS marketing campaign?

Let’s turn our attention to the best practices for running an SMS marketing campaign in the US. Whilst TCPA governs the legal requirement for consent and opt-outs, there are a number of further guidelines which you should strongly consider following to keep your brand’s use of SMS both compliant and commercially beneficial.


Opt-ins ✅

As well as being where you collect express written consent from consumers, your point of opt-in is also the top of your SMS marketing funnel. Your goal here is to maximise the number of sign-ups whilst remaining compliant. Whichever means of opt-in you’re using (inbound text, landing page, form fill etc.), being clear and transparent about what your SMS service will deliver is the best way to achieve this. 

The best opt-in processes communicate to would-be listers the purpose of your campaign, the value it can offer them, and the frequency of messages they should expect to receive. Consumers don’t sign up for the unknown - ambiguous or evasive messaging will not only undermine your compliance, but also hurt your subscriber numbers. Once an individual has opted-in, they should receive a confirmation message.

A poor, or even non-existent opt-in process, will damage your reputation with buyers and potentially leave you in hot water with the law. Bedsheets vendor Brooklinen recently attracted the ire of customers on Twitter who complained after apparently receiving unsolicited spam from the brand:


A bad opt-in can cause you reputational damage, as well as legal problems  | Source: SMS Marketing Examples 


Privacy policy 📄

Just as you would with an email marketing campaign, you should display a specific SMS privacy policy as part of your in-channel messaging, or at an accessible location on your website. Energy bar brand Verb are extremely transparent around their SMS service, you can take a look at their privacy policy here.


Set silent hours  🤫

Under TCPA there is nothing to stop you sending SMS messages at any time of the day to your subscribers. But in reality, it doesn’t make much commercial sense to bug consumers day and night with your marketing efforts - it’s counterproductive and turns people off. 

Avoid this by restricting your outreach to sociable hours of the day. This fail safe measure is particularly useful if you’re contacting customers based in a different time zone, and want to avoid sending messages at odd times.


Opt-out ❌

As we’ve established, an opt-out option must be open to your subscribers at any time. Although not a legal requirement, it should ideally be available to them via call, email and text. Best practice dictates that each opt-out should prompt a final confirmation message, after which there can be no further communication. 

To safeguard against the accidental recontacting of unsubscribed numbers, it’s advisable to maintain an internal 'do not contact' list within your team. 


Key takeaways 💪

In whichever region you are operating as a brand, compliance is fundamental to the success of any SMS marketing campaign, both from a reputational and legal perspective. 

As highlighted, TCPA stipulates the importance of consent via opt-in, as well as the provision of an opt-out mechanism when using SMS as a business in the US. Nailing both of these will not only keep you on the right side of the law, but will also help you realise the commercial benefits of a well executed SMS strategy.  

To find out more about what SMS can do for your brand, check out this 3-min breakdown:


Disclaimer - Whilst we have checked our sources and are confident in our interpretation of the legislation discussed, Blueprint is not a certified legal advisor. You should consult your legal counsel to ensure your SMS processes are TCPA compliant. If sending SMS communications to numbers outside the US, you must comply with the anti-spam laws relevant to the recipient's country.

Interested in SMS? Do all this + way more:
1:1 Customer Messaging
Group Messaging Campaigns
SMS Automations
Smart Abandoned Carts
Personalized Upsells
Deep analysis brought to you by
Your eCommerce SMS marketing toolbox