TCPA Text Message Compliance: An SMS Marketer’s Guide

More about what the TCPA is, how it's applicable to SMS marketing and how you can prepare to address it with confidence within your organization

Mara Miller
Director of Marketing
Table of Contents
Table of Contents

Disclaimer: Note that this article serves to provide general guidance on mobile compliance only and is not legal advice. Brands must work directly with their own legal teams to ensure your programs are in compliance with state and federal requirements.

In the world of text message marketing, SMS compliance rules the day. There are strict laws in place you must abide by before you send a text message to a potential or current customer.

SMS compliance means abiding by several sets of rules from various parties that, if not followed carefully, can lead to significant liability for every text message you send.

 We would like to highlight a federal law that is important to be aware of and discuss with your legal team in order to determine if its requirements apply to your brand’s SMS programs: The Telephone Consumer Protection Act, or TCPA. 

What is the TCPA?

The Telephone Consumer Protection Act - introduced by the FCC in 1991 - restricts any and all cellular phone calls made to consumers through the use of automated telephone dialing equipment.

The most notable TCPA requirement that applies to marketers is Prior Express Written Consent (PEWC) which must be obtained by a brand before sending any marketing content with the use of an Automated Telephone Dialing System, or ATDS (more on PEWC in a little bit). The TCPA also includes other requirements, such as honoring a subscriber’s request to revoke their consent to continue receiving text messages and limiting messaging to the hours of 8am-9pm.  

In other words, the TCPA protects consumers from receiving unexpected or unwanted phone calls from organizations unless that consumer has given explicit permission to do so and limits when brands can contact those users.

Does the TCPA Apply to Text Messages?

Yes. The rules and regulations the TCPA enacted for phone calls also apply to text message marketing. 

In fact, the FCC considers phone calls and text messages to be one in the same: autodialed (AKA automated) text messages would be considered the same action as phone calls placed from an autodialer.

Prior to April 2021, it was unclear what technology would be consideredunder the TCPA.

Then on April 1, 2021, the U.S. Supreme Court’s ruling on on Facebook, Inc. v. Duguid (141 S. Ct. 1163; 2021).clarified the types of equipment whose use is regulated by the TCPA and stated that the technology must have the capacity to use a random or sequential number generator in order to be considered an auto-dialer.

Under the Facebook decision, Vibes technology is unlikely to be considered an auto-dialer because we do not have the capacity to use a random or sequential number generator. However, we continuously recommend to our customers that they only use the Vibes Mobile Engagement Platform to send text messages to individuals from whom they have received prior express written consent (we’re getting to this, we promise).

TCPA Violations

If TCPA rules are not followed, steep penalties such as fines or legal action could follow. 

Every non-compliant text message sent that is considered a violation can collect damages of $500 to $1,500 per violation. If you’re sending text messages to your customers multiple times a week, the fines add up quickly.

Vibes recommends aligning with your legal counsel prior to launching any new SMS programs in market to ensure they operate in a manner that they’re most comfortable with.

Do I Need to Comply With the TCPA?

While Vibes’ technology is unlikely to be considered an auto-dialer as defined by the TCPA under the Facebook decision,  it’s important to consult with your legal counsel to make the best decision for your brand when it comes to TCPA compliance.

Here’s a truncated overview of the primary TCPA guidelines to help you decide with your legal counsel if and how you need to comply with the TCPA rules and regulations for your SMS program.

Obtain Prior Express Written Consent (PEWC)

When it comes to commercial or marketing-based SMS messages, you must get clear, explicit permission from consumers in a specific way before you begin sending them any text message marketing content.

What does that mean, you ask? Prior express written consent means a signed and written agreement between you, the brand, and your consumers that - from the consumer’s perspective - means they:

  1. Understand that “opting in” means they permit delivery of autodialed marketing messages to their mobile device
  2. Are agreeing to receive texts at the phone number they provide
  3. Understand that they’re not required to enter the agreement as a condition of making a purchase

These disclosures need to be presented in a clear and conspicuous location, which is typically the call-to-action to sign up for your mobile program or in a text message prompt.

It’s also important to remember that consent cannot be given verbally - users must provide written consent when opting in by using one of the following written processes that’s tied to PEWC language so that written consent is properly established: 

  • A text message
  • Filling out and submitting an online form
  • An electronic sound or symbol

A text message is the way most brands choose to obtain PEWC. This process involves asking users through a text message on the branded number to reply with a prompted command (Reply Y) to confirm they are interested in receiving text messages from that brand, a step-by-step process that’s also referred to as a double opt-in.

The reason why most brands choose the double opt-in text message is because it’s the first message the user would receive on their mobile device that’s prompting them to reply Y in order to complete their opt-in into the mobile marketing program. If they do not reply Y, they will not be enrolled to receive ongoing text messages from that brand.

Along with asking the user to reply Y to provide their written consent, brands will typically include their PEWC disclosures in this first message with a link to their mobile program’s terms and conditions.

Double opt-ins can help marketers manage two key things:

First, this extra step provides handset verification, meaning it confirms that user is in possession of the mobile device requesting to receive text messages vs. the user’s phone number being entered into a web form by somebody else on their behalf.

Second, it keeps a digital record of each consumer’s opt in and the PEWC disclaimers they agreed to that shows they knew what they were signing up for. This can be extremely helpful if you ever need to prove PEWC had been obtained for a subscriber. If you’re working with the right SMS vendor, these records should be properly stored in the event you ever need to access message history with any of your current or former SMS subscribers.

Make Sure Opt-Out Instructions Are Clear and Easy to Follow

Opt-out messages give consumers an easy way to decline further communication from your brand. It is the consumer’s right to opt-out of your SMS messaging programs whenever they choose, so you want to honor that right by making it clear and simple for them to do so. 

The most effective method is providing users with the option to text in the word STOP in order to opt out.

It’s also important to acknowledge all consumer opt-out requests by sending one final opt-out confirmation message to notify the consumer they have successfully opted out and will no longer receive messages unless they choose to interact with that code again (e.g. going through the process to sign back up for your program).

The Vibes platform has a robust list of opt-out commands beyond the word STOP that it automatically searches incoming messages for – some of which can be customized by the brand’s mobile marketing number (e.g. short code, 10-digit long code). 

Additionally, if your brand receives an opt-out request through another channel such as email or a customer support line, those users can be manually unsubscribed within the platform or by sending that mobile number to Vibes’ 24/7/365 customer care team who can process the opt-out request.

Don’t Forget About State-Specific Rules

Since the U.S. Supreme Court’s April 2021 ruling, multiple states have released what are commonly known as “mini TCPAs”. These state Acts have SMS requirements that apply to that state’s residents and are believed to have a broader definition of an “auto-dialer”.

Some state-specific Acts such as Florida and Oklahoma require Prior Express Written Consent, which are slightly different than the TCPA’s language. So it’s important to review both the TCPA and state-specific requirements when crafting PEWC disclosures with the help of your legal counsel. 

TCPA Exemptions

There are not many exceptions when it comes to SMS compliance rules. This is likely due to how many parties are involved in the regulation of SMS marketing in its entirety.

The FCC provides consent exemptions for certain time sensitive messages that are sent by financial and healthcare institutions, such as appointment or billing reminders.

These exemptions have very specific requirements that must be followed in order for a mobile program to qualify. For example, only certain informational content can be sent, there is a limit on the number of messages/calls, and the program must be running on a free-to-end-user code, among other things.

TCPA Exempt Does Not Mean Fully SMS Compliant

Again, there are not many exceptions when it comes to SMS compliance rules, which is likely due to how many parties are involved in the regulation of SMS marketing.

The wireless carriers and the CTIA view the FCC’s requirements as completely separate from their own. 

Furthermore, the TCPA rules and regulations do not replace carrier requirements.

In other words, while financial institutions and healthcare providers are exempt from the TCPA rules, the carriers do not allow these as exceptions to their consent requirements.

Fraud alerts are currently the only messages that are exempt from both the TCPA and the carrier’s opt-in requirements - these are the only time-sensitive financial messages that both parties will allow without an explicit opt-in.

All of that said, carrier approval for this use case is still not guaranteed as it's up to the discretion of the carriers to determine what content and consent requirements are appropriate for programs running on their networks.

Use the Right Mobile Technology Partner

At Vibes, in addition to subject matter expertise we also have the safeguards in place to help protect you - embedded into our technology. Some examples of what the Vibes platform handles includes:

  • Send time management. Our platform allows for brands to adjust when they send out text messages, either by area code or by local time zone.
  • Text message frequency management. Some brands vary their message frequency month over month while others choose to have a set message frequency. If you choose a set message frequency, you’ll want to ensure the number of text messages you’re sending does not exceed that limit. In the Vibes platform you can set a limit on the number of broadcasts an SMS marketing list can receive.
  • Subscriber opt-in management. The Vibes platform stores message logs that can show a record of every message sent and received by a mobile number, including the disclosures the user received at the time of their opt-in. 
  • Subscriber opt-out management. The Vibes platform processes removal of all mobile numbers in real-time (e.g. texting the word STOP). The platform is built to continuously monitor all opt-outs at any time they occur, and will automatically send one final message in response to a stop request confirming no additional messages will be sent. Texting STOP to a brand’s mobile marketing number (e.g. short code, 10-digit long code) tells the Vibes platform to stop all messages from that particular number. This is important to know if you intend to have different SMS programs running on the same number, e.g. you want to use the same code to send marketing text messages and automatic cart recovery notifications. We recommend you lease separate codes for different programs to avoid a consumer accidentally opting out of a program they didn’t intend to. 

Final Thoughts

Mobile compliance requirements elevate the effectiveness and credibility of text message marketing. Consumers know they can trust the businesses they receive SMS messages from, and businesses know they’re reaching consumers who want to hear from them.

But frivolous claims of TCPA violations happen whether you’re doing all the right things or not. The best way to set yourself up for success and avoid TCPA penalties is by being in lockstep with your legal team, executing exactly what they require.

Because of the level of complexity involved, you may even want to consider hiring TCPA legal experts. Building a relationship with these professionals can provide you with valuable counsel, advice, and best practices. If a violation occurs, they can also help you navigate the process to achieve the best possible outcome.

While most mobile messaging vendors are not lawyers, you want to partner with one that can keep you informed of changing regulations and help guide your mobile programs. At Vibes we pride ourselves on knowing that this is a space that’s as complex as it is regulated and that’s why we’re committed to helping our customers launch successful and compliant SMS programs.

To learn more about our SMS compliance capabilities, state-specific requirements and more get in touch with us today.

Mara Miller
Director of Marketing
Cookies Preferences
Close Cookie Preference Manager
Cookie Settings
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts.
Strictly Necessary (Always Active)
Cookies required to enable basic website functionality.
Made by Flinch 77
Oops! Something went wrong while submitting the form.