Guide to U.S. SMS Compliance

Knowing who, what, how, and when to message consumers in the United States can be challenging. In this whitepaper, we’ve compiled SMS best practices to help you determine your compliance strategy.

Read White Paper

Guide to U.S. SMS Compliance

The business SMS messaging ecosystem is complex and can easily seem overwhelming. Sending a message to the wrong person at the wrong time may not only affect your customer’s experience, but could also put your business at risk of legal action. Buzzwords like opt-in, opt-out, P2P, A2P, TCPA, and the CTIA can make the idea of sending messages to customers that much more daunting. On the other hand, a welcome text message to the right person can be a powerful and effective way to communicate with your users.

Simply stated, the underlying purpose of both the U.S. regulatory and telecommunication industry rules that govern businesses’ and organizations’ use of SMS to communicate with users is to ensure that people do not receive SMS communications that they do not want to receive. Put another way, people should only receive SMS communications they want to receive from businesses or organizations.

As a business or organization, it only makes sense that this is (and should be) your goal as well—to send communications to individuals who want to receive them. For the same reasons that SMS is an effective mode of communication (i.e., 98% of received SMS are read by the recipient), unwanted SMS communications are source of irritation. Not only is sending unwanted SMS a waste of time and resources, it is also likely to irritate people, resulting in potential damage to your organization’s brand.

So, when thinking about building a compliant SMS campaign, remember first the underlying goal of the compliance frameworks: to protect people against unwanted SMS communications.

Of course, whether a message is unwanted or not, is in the mind of the recipient. This is where the best practices outlined in this white paper can help. These best practices outline the industry-standard ways that organizations ensure that the messages they send are, in fact, wanted by the people receiving them, and in the process, ensure that they are in compliance with regulatory and industry requirements.

With this understanding as the backdrop, this white paper will provide you with guidance on the following:

Calls to Action:

When messaging your customers, it’s imperative to display clear calls to action while requesting your customer’s phone number. You should always tell consumers exactly what they are signing up to receive. This guide provides step-by-step instructions to ensure you are operating within accepted guidelines, regardless of the number you are using to send SMS messages.

Opt-in Mechanisms:

First and foremost, always offer transparent opt-in mechanisms. Consumers must consent clearly to all recurring messages; simply entering a mobile phone number does not necessarily constitute a compliant opt-in. Be sure to send an opt-in confirmation message when you send your first message. For recurring messages programs, confirmation messages must include clear opt-out instructions. Messages should also remind consumers from time to time that they are still enrolled.

Honoring Opt-Outs:

Always respect and acknowledge opt-out requests. Regardless of whether you are using long code, toll free numbers, short codes, or some other means of messaging, senders must acknowledge and act on all opt-out requests. Failure to do so can put your business at risk of legal action. Twilio is not responsible for any action taken against a business due to messaging complaints.

This white paper provides best practices and examples to make SMS compliance easy. Keep in mind, we aren’t your lawyers, so we aren’t at liberty to give you or your organization legal advice. Note that there may be additional regulatory or industry best practice considerations depending on your use case or industry. You should consult with your legal counsel to ensure your SMS use case is compliant with all applicable laws and frameworks, including TCPA and CTIA requirements.

Please note that compliance with legal frameworks, such as the TCPA, may be fact- and and context-specific. The information contained in this whitepaper should not be relied upon as legal advice or to determine how CTIA requirements or the TCPA applies to your use of SMS. This information is provided “as is” and may be updated or changed without notice. You may copy and use this content for your internal, reference purposes only.