Mobile messaging is on the rise as an effective way to directly engage with consumers: This year, mobile marketing will account for more than half of global ad spend, surpassing desktop and traditional web outlet spending for the first time.
Before you integrate this powerful practice into your marketing strategy, however, it’s important to understand that mobile messaging comes with its own set of rules and requirements that must be followed.1
What Is SMS Compliance?
SMS compliance are regulatory rules established by several organizations that are to be abided by when sending out marketing text messages. These rules break down into two key sets of SMS compliance regulations: CTIA & Carrier compliance and Legal compliance.
The Importance of SMS Compliance
No one wants phone calls, emails, direct mail, or text messages they didn’t sign up to receive.
Mobile compliance requirements elevate the effectiveness and credibility of your text message marketing. Consumers know they can trust the businesses they receive SMS messages from, and businesses know they’re reaching consumers who want to hear from them.
If SMS compliance isn’t followed, steep penalties such as fees or legal action may follow.
Industry rules and regulations establish specific parameters regarding what businesses can and cannot do with their text message marketing. They include:
- Who you can contact via mobile marketing—and when
- What potential subscribers need to know before they opt in
- How to manage opt-out requests
As SMS rules and regulations change over time, it’s important to do your research to make sure you comply with the latest laws. Trusted mobile partners who understand the importance of SMS compliance can support your mobile efforts by keeping you informed on the changing carrier, CTIA, federal and state regulations.
Who Makes the Rules for SMS Compliance?
There are several parties that establish mobile marketing laws and best practices.
The Federal Communications Commission (FCC) is a government agency that monitors and regulates communications. It serves as the primary authority for U.S. communications laws and technological innovation.
In more recent years we’ve seen local laws being enacted by certain states that apply to mobile messaging. The state of Florida currently has a mini-TCPA that applies only to Florida residents (more details on this in a moment) and other states, such as Oklahoma, are expected to pass similar legislation in the near future.
Formerly the Cellular Telecommunications and Internet Association, CTIA is a nonprofit that develops and monitors rules, regulations, and voluntary best practices to guide the mobile industry.
Wireless carriers like AT&T, Sprint, T-Mobile, and Verizon may choose to impose their own guidelines for customers to follow when sending business-to-consumer marketing messages via text. While carriers can’t legally enforce laws, they can choose to take their own course of action if marketers violate their policies.
Wireless carriers may layer on their own set of rules that are required to be met in order for a company to be approved to send text messages on their network, which is one of the reasons why it is very advantageous to partner with mobile marketing companies who have direct connections and relationships with the carriers.
SMS Compliance Terms to Know
As you become familiar with SMS compliance rules, you’ll encounter several terms that are helpful to understand.
- Calls to Action: A call to action tells the consumer what next step they should take. All mobile marketing programs must display a clear call to action that explains what consumers are signing up to receive—and how to proceed if they agree to these terms.
- Opt-In/Opt-Out Messages: Opt-in messages give consumers an easy way to indicate that they agree to receive messages. Opt-out messages give consumers an easy way to decline further communication. Once a consumer joins your SMS program, explain how they can opt out. Subscribers must be able to easily opt in and opt out whenever they choose.
- Terms and Conditions: Terms and conditions outline the relationship between the consumer and the business, including duties, rights, roles, and responsibilities.
The Latest SMS Compliance Legal Considerations
Marketers must not only be aware of the authorities when it comes to mobile compliance but also recognize the mobile regulations and laws these authorities put in place.
The Telephone Consumer Protection Act (TCPA) of 1991 established required national guidelines for telemarketers and the use of automated telephone dialing equipment. Since then, it has been updated to include guidelines for text message marketing as well.
In 2013, a clause was added that requires businesses to gather “prior express written consent” (PEWC) prior to sending marketing messages via SMS (more on that later).
The TCPA lays out other requirements as well:
- Before sending text and opt-out instructions, your business must identify itself
- Consumers must be able to easily opt out through any reasonable means, such as texting the word STOP to the number (known as a short code) they no longer want to receive messages from
- Messages must be sent only within commercial texting times (8 a.m. to 9 p.m. based on the recipient’s time zone)
PEWC must also be obtained prior to sending any commercial or marketing-based messages (we are getting to that part, we promise).
A Supreme Court decision in April 2021 regarding autodialer definitions may affect whether TCPA requirements apply to you. This is why Vibes recommends seeking the advice of your legal counsel to determine the best approach for your brand as it relates to the TCPA.
Florida Telemarketing Act2
Commonly known as a mini TCPA that applies only to Florida residents, the FL Telemarketing Act states that:
- Florida residents cannot be contacted before 8 a.m. or after 8 p.m. local time in the recipient’s time zone
- The frequency of contacting Florida residents is limited to no more than 3 messages or calls per day regarding the same subject matter or issue
- PEWC must be obtained before sending any commercial or marketing-based messaging
Becoming law in 2018 to protect privacy and personal data, General Data Protection Regulation (GDPR) applies to any country that wants to do business with the European Union or use its citizens’ personal data.
It maps out requirements about:
- Obtaining consent to send text messages
- Reporting security breaches to customers right away
- Allowing customers to access their personal data, reuse their personal data outside the business, and completely erase their data if they choose
- Deploying appropriate security measures
Prior Express Written Consent (PEWC)
Before you can legally send marketing text messages, PEWC requires you to provide clear and conspicuous written disclosure that outlines these three points:
- The participant understands that “opting in” means they permit delivery of autodialed marketing messages to their mobile device
- The participant agrees to receive texts at the phone number they provide
- The participant understands that they’re not required to enter the agreement as a condition of making a purchase
PEWC also requires you to obtain the user’s written consent in agreement to these terms prior to sending any commercial or marketing-based messages. Consent cannot be given verbally.
Users must opt in using one of the following written processes that’s tied to PEWC language so that written consent is properly established:
- A text message
- Filling out and submitting an online form
- An electronic sound or symbol
Many brands choose to go the route of obtaining PEWC through a text message. This process involves asking users to text a specific keyword to their brand’s shortcode. For example, users can reply “Y” to the opt-in prompt to agree to the PEWC disclosures.
We recommend asking your legal team to determine whether you should obtain PEWC for your mobile marketing programs, and here are a few considerations to keep in mind if you will be obtaining PEWC for them:
- Include PEWC language in a clear, conspicuous location, such as in your call to action or in the message that prompts the user to reply “Y” to complete their opt-in
- Track the dates for any changes made to consent disclosures for new and existing programs, keeping a record of what has changed
Short Code Monitoring Handbook
Created by the CTIA, the Short Code Monitoring Handbook is a set of best practices that must be met in order to launch a mobile program on a wireless carrier’s network.
If these best practices are not followed, then it’s very likely that your program will not be approved to launch or may be shut down if already live.
The guidelines include recommendations about:
- Displaying clear calls-to-action to ensure consumers are aware of what they are signing up for
- Gathering consent and sending an opt-in confirmation message before sending messages to consumers
- Giving consumers an easy way to stop receiving message
- Appropriate ways of capturing consent: online forms, opt-in buttons, opt-in messages, etc.
Find an SMS Compliance Partner
Staying on top of mobile compliance helps you stay on the safe side of the law—and builds trust with your customers at the same time.
With compliance controls integrated into our Mobile Engagement Platform plus dedicated subject matter expertise on the importance of SMS compliance, Vibes can help keep you informed as industry rules and regulations change and tips to consider to keep your mobile marketing campaigns compliant.
To speak with an expert today, contact us here and one of our team members will be in touch with you shortly.
1This article serves to provide general guidance on mobile compliance only and is not legal counsel. Companies must work directly with their own legal teams to determine what is required for their mobile program.
2The FL Telemarketing Act has a slightly different definition of PEWC from the TCPA, so it’s recommended that you review both the TCPA’s language and the FL Telemarketing Act’s definition to ensure you’re meeting all of the necessary requirements.