It's no secret that SMS -or text- messaging is one of the most trusted and convenient communication tools in the marketing toolbox. But how do you leverage its popularity correctly? Follow the following principles before sending your next campaign to stay compliant.
Gathering the right type of consent
Aside from digital etiquette, there are two SMS messaging laws enforced in the US that set the playing field for your business: the Telephone Consumer Protection Act (TCPA) and the CAN-SPAM Act. These rules are upheld by four major regulatory bodies you may have heard of: the CTIA, MMA, FCC and FTC.
The main part of these laws all revolve around making sure you have your audience's consent to message them. The type of consent you need may vary by depending on the content you're trying to send. Check the table below to find what type of consent you need.
Types of messaging content and associated consent principles
| Conversational | Transactional | Informational | Promotional |
| Back and forth conversation that takes place via text. | Messages regarding exiting transactions or relationships | Messaging when user shares their phone number and asks to be contacted | Sales or Marketing promotion |
| 2-way conversation. First message sent by user. | One-way conversation. First message sent by business. | One-or-2-way conversation. First message by user or business. | One way alert. First message by business. |
| For a particular request | For system updates | Contains information | Promotes a product/service |
| Implied Consent | Implied Consent | Express Consent | Express Written Consent |
Implied consent refers to an individual providing or disclosing their contact information to your business, thus permitting consent.
Express consent refers to an individual explicitly agreeing to receive electronic communications from a business.
Express written consent doesn't necessarily require a paper signature but rather consent that is documented and saved.
1.1 Ways you can gather consumer opt-in
If you're trying to launch an SMS campaign, there are a few different opt-in mechanisms you can use. Consumers can demonstrate consent in several ways such as:
Entering a phone number through a website
Clicking a button on a webpage
Sending a message from their mobile devices that contains an advertising keyword
Initiating the text message exchange in which the message sender replies to the consumer only with responsive information
Signing up at a point-of-sale (POS) or other on-site location
Opting-in over the phone using interactive voice response (IVR) technology
If you need express consent, make sure to document your user's consent by retaining relevant opt-in information where applicable such as the timestamp of consent, acquisition medium and the identity of the individual who consented. Be a responsible sender, do not use opt-in lists that have been rented, sold, or shared to send messages.
1.2 Double opt-in
The best practice is to obtain a secondary opt-in, or “double opt-in”. Particularly in cases where the original consent was collected outside via another channel. For example, if you'd like to send an SMS campaign to someone who has opted in to marketing communication emails. You can confirm the opt-in via the channel you'd like to reach your audience on, in this case via a text message.
Examples of double opt-in:
“Reply Yes to confirm that you want to receive text messages from {Business Name}, Reply STOP to unsubscribe”
“{Brand Name}: Reply YES to confirm receiving SMS/MMS messages {Link to Terms of Service} Reply “STOP” to unsubscribe”
1.3 Send the correct confirmation for recurring messages
For recurring campaigns, you should provide consumers with a confirmation message, immediately after opt-in, that includes:
Your program name or product description
Customer support contact information
Instructions to opt-out
Disclose that the messaging are recurring and how frequent they are
Any associated charges and how those are billed
1.4 Include a Consumer opt-out
For any SMS campaign, your audience reserves the right to opt out of receiving your messages. That means you have to provide a way for users to opt-out and you have to observe their opt-out requests:
Acknowledge and honour opt-out requests by sending one final opt-out confirmation message per campaign. No further messages should be sent afterwards
Ensure that consumers can opt-out at any time
You should support multiple mechanisms of opt-out (user can opt-out via a phone call, email, text etc.)
You should state in the message how and what words affect an opt-out e.g. STOP. However, opt-out requests with normal language (i.e., stop, end, unsubscribe, cancel, quit, “please opt me out”) should also be read and acted upon by the sender. Punctuation, capitalization, or some combination thereof must not interfere with opt-out keyword functionality
Message streams that result in excessive complaints or opt-outs typically indicate an unwanted message (or SPAM) campaign and either the phone carrier or messaging platform you're using may discontinue your campaign.
1.5 Privacy policy
It's a best practice to maintain and display a privacy policy that is easily accessed and understood by the user, and that clearly describes how your business collects, uses, and shares the information your users provide. Make sure that your privacy policy is consistent with the applicable privacy laws.
Write the right content
2.1 Include a clear and conspicuous call-to-action
A call-to-action (CTA) is an invitation to a consumer to click into the next step (such as 'sign up' or 'buy now'). CTAs shouldn’t contain any misleading or deceptive language. Make sure the CTAs in your messages immediately make clear to your users what it is they're clicking on.
2.2 Prevent unwanted, unlawful or deceptive content
You should always use reasonable efforts to prevent unwanted or unlawful messaging traffic. Take steps to monitor your campaigns for:
unlawful, abusive, malicious, misleading, harassing, obscene, or defamatory content
content that is deceiving or intending to deceive e.g., phishing messages to access private information
content that invades privacy or causes safety concerns
content incites harm, discrimination, or violence
content that does not meet age-gating requirements
Also make sure that your messaging content isn’t misleading and complies with the FTC Truth-In-Advertising rules.
2.3 Correctly format your embedded website links
Website links embedded within a message have to indicate the sender’s identity and cannot contain wording in the URL link that intends to harm or deceive. Different from other regions, it's illegal to use public URL shorteners while sending the US. The exception is URL shorteners that are dedicated to the exclusive use of the sender (such as the Burst SMS tracked link option).
Websites where recipients are redirected must have an unambiguous website owner, include contact information with a postal mailing address and have a conspicuously-accessible privacy policy.
2.4 Do not engage in snowshoe messaging
Absolutely do not engage in Snowshoe Messaging, which is a technique used to spread messages across many phone numbers or short codes. Instead, send your messages from a dedicated virtual number unique to your business.
2.5 Check that your campaign content isn't prohibited
You may not use short codes for affiliate lead and/or commission generation. Carriers may block or terminate messaging campaigns determined to be affiliate-related. Furthermore, the following content types are disallowed, unless prior approval is sought from the users you're trying to engage with.
Lead generation campaigns that share the collected information with third parties
Loan advertisements except messages from direct lenders for loans already secured by the recipient
Debt collection
Credit repair or debt relief
Cannabis or illegal prescriptions
Gambling
Work from home programs, job alerts from third party recruiters or risk investment opportunities
Send from the right number type
All of your SMS campaigns are delivered from a virtual mobile number. As of June 2021, you will need a dedicated number unique to your business to send your campaigns from. There are a couple of options when it comes to dedicated virtual numbers:
3.1 Dedicated short codes
A dedicated short code (short code) is a five- or six-digit number, unique to a brand, to and from which text messages can be sent from and to your audience. A short code shared by two or more brands is prohibited. Short codes are designed for high throughput and two-way communication.
3.2 Toll-free numbers
Toll-free numbers (TFN) start with 8xx and allow sending or receiving A2P messages. They have medium throughput rates.
3.3 10-digit long code (10DLC)
10DLC, or 10-digit long code, is a new industry-led long code for A2P messaging. 10DLC is the recommended solution for marketing. AT&T and T-Mobile assign throughputs per brand based on the risk profile of campaigns.
10DLC | Toll-free number | Short code | |
Description | Ten-digit number for A2P use, unique to a brand | A2P SMS via toll-free number (i.e. 8xx) | Five to six digit number, unique to a brand |
Throughput | Medium | Medium | High |
Pre-approval | Yes; 2-3 weeks | No | Yes; 2 months |
Cost | $$ | $ | $$$ |
If you need more guidance on SMS campaign compliance and want to ensure you’re abiding by text marketing laws, check out our SMS SPAM Compliance Masterclass or raise a ticket to our support team via the menu at the top of your screen.