Can you drive a car without a license? Physically, nothing is holding you back. You could just hop in a car and zip around town. But legally? No. And if you get caught, the consequences can be severe.
It’s the same with sending business text messages. Technically, you can send text messages that don’t comply with the Telephone Consumer Protection Act (TCPA). But you risk fines or being blocked by phone carriers — both of which hurt your business.
Like the rules of the road, there are a lot of things to know and remember about TCPA. Below, we’ve outlined the main requirements you need to know to send TCPA-compliant text messages.
DISCLAIMER: This article is for informational purposes only and should not be considered legal advice. You should seek the advice of an attorney or legal expert if you have questions about SMS Compliance with the TCPA and the Cellular Telecommunications Industry Association (CTIA), as you assume responsibility for complying with federal regulations.
What is TCPA?
TCPA is a federal law that governs how businesses can communicate with customers. Enacted in 1991 and enforced by the Federal Communications Commission (FCC), it’s meant to protect consumer privacy and regulate telemarketing practices.
TCPA covers all forms of telephone-related communication, including voice calls, text messages, and faxes.
If a business violates TCPA, it can result in a fine of $500 per incident. If a company willfully violates TCPA, the fine goes up to $1,500 per incident.
Violations can also lead to lawsuits, like a 2019 class action (Wakefield v. ViSalus) in which a jury awarded damages of $925 million for improper marketing under TCPA.
TCPA compliance isn’t something to take lightly.
Read more: The TCPA compliance checklist
TCPA vs. A2P 10DLC
If you rely on A2P messaging (using virtual SMS messaging services like OpenPhone to send texts to customers), you need to follow the A2P 10DLC rules set by major US carriers (oof, that’s a lot of acronyms…).
To do this, you must register with The Campaign Registry, an independent group that helps with A2P 10DLC text messaging.
But you need to be TCPA compliant to register. And without successfully registering, your business won’t be able to send text messages through an application like OpenPhone.
5 TCPA requirements
Even if you don’t intend to violate TCPA, you might still find yourself on the wrong side of the regulation if you don’t carefully follow the requirements.
If you’d like to read the documentation directly from the FCC, you can check it out here (be forewarned — the language is dense!). To help you out, we’ve summarized the requirements all businesses need to follow.
If you’re an OpenPhone customer and have questions about registration with The Campaign Registry to send TCPA-compliant text messages, check out our guide to completing registration with OpenPhone.
1. Get prior express written consent from the recipient
Before you send any text messages to your customers, you have to get their prior express consent.
This means you need a record of either oral or written documentation showing that the customer agreed to receive text messages from your business. And you can’t bar clients from completing a purchase of products or services if they don’t give consent.
Your customers can provide SMS consent in a few ways:
- Verbal consent: A customer gives you consent (like at a service location).
- Physical form: A customer gives you consent to text by checking a box on a form.
- Web form: A customer fills out a form on your website that includes consent to text, either as part of the form submission or by checking a box on the form.
- SMS keyword: A customer sends an SMS text to a phone number with a specific keyword that indicates consent to text, like “SIGNUP.”
A customer can also give implied consent, which satisfies TCPA requirements. Implied consent happens if a customer initiates the conversation. For example, if a customer texts your business to ask a question, there is implied consent, and you can text back.
Some types of messages don’t need consent at all, like security or account updates, utility outage information, and healthcare lab results.
Other exemptions under TCPA include phone calls and texts for emergency purposes. But it’s still recommended that you obtain consent so you don’t find yourself in legal hot water for TCPA violations — especially since the fines can add up quickly.
What to include in your consent documentation
No matter which method you use to collect a customer’s consent, you need to include a few things:
- The types of texts the customer is agreeing to receive
- The frequency of text messages
- A privacy policy
- Any rates or possible data charges that might apply
- How to opt-out (stop receiving text messages)
Here are a few SMS opt-in examples.
This opt-in form is on beauty brand Kiehl’s website. Notice that the opt-in includes a link to Kiehl’s Privacy Policy.
This example from SKIMS uses an SMS keyword to obtain opt-in consent.
You can check out our SMS privacy policy template and our consent to receive text messages template for inspiration.
Important Note: You need to maintain records of consent from your customers, whether you maintain physical or digital records (or both!).
Read more: TCPA opt-in and opt-out requirements
2. Always provide an easy way to opt out
You must let customers know how to opt out of future text messages. For example, a customer could reply STOP to any text message, and that would serve as the opt-out.
But remember, the Cellular Telecommunications Industry Association (CTIA) guidelines require you to recognize natural language customers might use to opt out.
For example, you may provide the instruction “Reply END to stop receiving texts,” and the customer replies, “Stop sending me messages.” According to CTIA, you should still honor the customer’s request to opt out.
Once a customer opts out, you should not message them again, though CTIA allows you to send one final message to confirm the opt-out.
3. Always identify yourself and your business name
If you send a customer a text that says, “Thank you for signing up!” with no indication of who the text is from, it’s confusing for the customer. Include your business name in each text so customers know who the message is from.
Here’s what the TCPA says:
“[It is unlawful] to use a computer or other electronic device to send any message via a telephone facsimile machine unless such person clearly marks, in a margin at the top or bottom of each transmitted page of the message or on the first page of the transmission, the date and time it is sent and an identification of the business, other entity, or individual sending the message and the telephone number of the sending machine or of such business, other entity, or individual.”
You should also clearly state the reason for the text, whether they’re marketing messages, account notifications, transactional texts, or some other type of communication.
Here are a few examples of how to incorporate your business name into an SMS text message:
Welcome to SMS Messages from Artisan Hair Studio! Reply to send us a message or STOP to unsubscribe. Standard rates apply.
Advance Medical: This is a reminder for your appointment on 01/27 @ 3:30 PM. Questions? Call us at 800-555-4000. To stop reminders, reply STOP.
ABC Appliance: We were thrilled to serve you today! We would truly appreciate it if you could take 30 seconds to leave us feedback [URL]. Reply STOP to opt out.
Hello, your payment to P&D Services was successful. For more info: [URL]. To opt out, text END.
Read more: The essential SMS compliance guide for business texting in the US
4. Respect quiet hours
SMS texting etiquette should keep businesses from texting in the middle of the night, but what if you’re working across multiple time zones? Or what if 6:00 AM is the best time for you to send messages to customers about their upcoming appointments?
According to TCPA rules, you can only send text messages during business hours, which are defined as between 8 AM and 9 PM. These hours are based on the recipient’s time zone, not your time zone.
With OpenPhone, you can schedule texts for a future date and time. That way, you can write responses to customer text messages whenever’s best for you and schedule them to be sent out during the recipient’s local business hours — no more math.
5. Respect the National Do Not Call Registry
The National Do Not Call Registry (DNC) was signed into law in 2003. Managed by the Federal Trade Commission (FTC), the DNC Registry’s purpose is to enforce compliance with TCPA. Once a number is registered — either cell phone or landline — businesses have a 31-day timeframe to stop calling and texting that number.
You should check the DNC Registry and scrub any numbers from your contact list. You can create an account to access the DNC Registry.
Between TCPA requirements and the DNC Registry, cold calling and texting aren’t advisable. Cold communication can lead carriers to flag your number as spam, and some providers (including OpenPhone) don’t support it.
On top of that, if your cold calling list includes a number on the DNC Registry, you’ve committed a TCPA violation.
Send TCPA-compliant text messages at scale with OpenPhone
Managing TCPA requirements can get unwieldy as your customer base grows. You have to keep track of opt-in consent, honor opt-out requests, be mindful of a customer’s business hours… it’s a lot.
With OpenPhone, you can manage TCPA compliance no matter how many customers you text.
For example, you can schedule messages to be sent out during recipients’ local business hours. If you find yourself copying and pasting text from one conversation to the next, you can use snippets (templated messages) for standard messages like opt-ins, privacy policy updates, or anything else that helps keep you compliant.
To see how OpenPhone can work for your business, you can sign up for a seven-day free trial.