SMS marketing is easily among the most popular marketing methods used by small, local businesses and larger companies alike. With SMS marketing, you send promotional text messages to your subscribers.
But businesses cannot just send text messages to any number they want. There are various privacy laws governing who you can send texts to, and every small business needs to be familiar with them.
For your convenience, we’ve gathered all of the most relevant text message privacy laws in one place and provided some advice. That advice includes ways you may be accidentally violating SMS text marketing laws and tips to get the opt-ins or permission you need to legally send these texts.
What Are the Text Message Privacy Laws in Different Countries?
United States: Telephone Consumer Protection Act (TCPA)
In the United States, the Telephone Consumer Protection Act (TCPA) is highly relevant to text laws. The law took effect in 1992.
This law covers what businesses cannot do without written consent. Specifically, it prevents companies from:
- Calling earlier than 8 a.m. or later than 9 p.m.
- Calling someone on the Do Not Call list
- Sending unsolicited faxes
- Not providing their name and organization
Over the years, it evolved to also include text messages. Those updates mean that you need express consent before sending an autodialed text.
Controlling the Assault of Non-solicited Pornography and Marketing (CAN-SPAM)
The CAN-SPAM Act is another anti-spam law in the United States, but it has a slightly wider scope. In addition to the regulatory requirements in the TCPA, the CAN-SPAM Act also bans unwanted commercial messages, both texts and emails.
The important caveat here is that it doesn’t apply to transactional messages. As a refresher, transactional messages are any texts that companies send to clients providing important information about their products, processes, or services. Promotional and marketing messages are different from transactional ones.
Importantly, the CAN-SPAM Act also requires customers to opt in to receive SMS messages from your business. This is the method of providing consent.
So, What Is the Cellular Telecommunications Industry Association (CTIA)?
The Cellular Telecommunications Industry Association (CTIA) is a government agency that provides guidelines. If a business refuses to follow the CTIA guidelines, the agency can suspend or even block its SMS services.
CTIA outlines all of its guidelines in the Messaging Principles and Best Practices document. The guidelines essentially ensure that companies receive express permission from recipients before sending messages. The various guidelines from CTIA are designed to ensure businesses are compliant with both the TCPA and the CAN-SPAM Act.
Canada: CASL Laws
Canada also has the CASL (Canada Anti-Spam Legislation) laws, which are their text message privacy laws. This law was passed in 2014, and it outlines the rules that businesses must follow before sending messages to Canadians. It helps protect consumers from spam while also helping companies remain competitive.
The biggest difference between the TCPA and CASL is that TCPA only applies to phone-related interactions, while CASL applies to all electronic communications. As such, CASL applies to email marketing as well as text marketing, while TCPA only applies to marketing over the phone or with texts (or fax).
Australia: Spam Act
The Australian Spam Act of 2003 makes it illegal for companies to send potential clients “unsolicited commercial electronic messages.”
One important distinction between this Australian law and the TCPA in the US is that the Spam Act applies even if the recipient of the text has a relationship with your business. The TCPA includes some exceptions for these situations.
United Kingdom: Privacy and Electronic Communications Regulations
In the United Kingdom, the Privacy and Electronic Communications Regulations outline the SMS text marketing laws. As is the case in the laws from the already-mentioned countries, the text messaging privacy laws make it unlawful to use SMS marketing without prior permission.
There is a “soft opt-in” if there is already an agreement to sell a product. The law also requires the ability to unsubscribe from these text messages.
Additionally, any company that uses consumer data has to clearly outline how that data is used, as part of consumer protections.
EU: General Data Protection Regulation (GDPR)
The GDPR has been a crucial concern since its announcement in May 2018. The regulations apply to text laws as well as online data. The regulations in the GDPR apply to all countries within the European Union. They also apply to any company that has EU citizens as customers or uses citizens’ personal data.
In terms of its effect on text laws, the GDPR has similar policies as the previously mentioned text messaging privacy laws. Specifically, you need to either have consent for sending the text or legitimate interest.
3 Ways Your Business Might Be Breaking US Text Laws
The good news is that accidentally violating text laws isn’t likely to send you to jail. However, you could face a suspension of your SMS abilities or lawsuits.
1. You Leave Out a Compliance Statement in Your Opening Auto-reply
The text messaging privacy laws require you to provide an auto-reply when someone opts in. This must let recipients know what to expect when they send texts. Importantly, it is crucial that you include this statement as part of the compliance regulations. It is just one of the CTIA guidelines you must follow to stay compliant with the TCPA.
The following image shows what you need to include in the confirmation auto-reply:
2. You Add Phone Numbers to Your Text Marketing List Without Express Permission
One of the most common violations of text messaging privacy laws is adding numbers to your list for text marketing without getting the express permission of the recipient. It is illegal not to get permission. In addition to the legal consequences, your customers will likely view texting them without their permission negatively, hurting your reputation.
Instead, make sure to get explicit permission before sending SMS marketing.
3. You Don’t Honor Opt-out Requests
SMS text marketing laws do more than just require you to give recipients the option to unsubscribe. You also must take them off the list if they choose to unsubscribe.
Opt-in Matters: How Do I Get It?
One of the most important overarching themes among the various text messaging privacy laws is that you must get permission from recipients before texting them. This is called having them opt in. You should not think of this need for opt-ins as a roadblock or delay to getting numbers. There are several great ways to get SMS opt-ins, such as the following.
- Physically collect numbers in your store, with clear signage that you will be sending messages
- Use a widget on your website that gets the permission for you
- Have subscribers text a keyword to your number to opt in
- Add an opt-in to transactional texts (which are allowed without permission)
- Consider a double-opt-in (ex: Have recipients text “YES” to an initial message to opt in)
You will ideally want to use a combination of the above methods to get opt-ins. Additionally, you want to advertise the method of opting in. For example, advertise the keyword subscribers can text and the number they should text it to. Just some of the places to market or display your opt-in method include:
- Signs in your store
- Signs at events
- Mentions on your website
- Social media pages
- Radio and TV
You can also try various methods to try to incentivize or otherwise convince customers to opt in, such as:
- Play on their fear of missing out
- Offer a download, freebie, or discount in exchange for opting in
- Provide exclusive offers via text
- Let subscribers customize the types of texts they will receive (such as basing it on product categories or types of sales)
- Share figures of how many subscribers you already have
No marketing campaign is complete without incorporating SMS messages. But you need to make sure that you follow all of the relevant text messaging privacy laws. The laws that you have to follow depend on not only where your company is based but also where your customers live. Most small businesses will need to follow the TCPA and the CAN-SPAM Act, which cover the US and Canada, respectively.
The most important part of every single one of the SMS text marketing laws is that you must get permission to send customers texts. Some laws have exceptions for transactional texts, such as tracking information. However, if you want to send anything promotional or related to marketing, you MUST get permission.
The good news is that there are numerous ways to get that permission via the opt-in process. Once you have that permission, just make sure to give recipients a way to unsubscribe from the texts, and you will be set to run your SMS campaign.