Guide to Mass Texting Laws in the United States & Internationally – 2024

Important Note: This page is just a general guideline and laws are subject to change at any time. Before sending text messages in your state you should check the current local laws or contact an attorney. We assume no responsibility in any legal issues that may arise in your sending of text messages.

Bulk SMS messaging is a popular strategy companies use to get their message into the open. However, there are strict rules and industry guidelines governing mass texting. Mass texting laws are there to protect the consumer from spam.

Understanding the various rules and regulations impacting not just the U.S. but Europe, the UK, and Australia is vital because penalties for breaking mass texting laws are steep.

If you decide to adopt DialMyCalls into your marketing mix, your business is responsible for ensuring full compliance with text spam laws.

United States Mass Texting Laws

 

Is spam texting illegal? Yes, unless certain limited exceptions apply.

Is it illegal to text random numbers? Also, yes, because you need to obtain consent or otherwise ensure that the telephone number is not on the Do-Not-Call Registry.

Most texting rules and litigation historically in the U.S. involved so-called “autodialers” or “Automatic Telephone Dialing Systems.” In the vernacular, these are devices that store people’s numbers and automatically dial the number. However, as detailed below, that’s not how the major law in the US defines such devices, and a recent Supreme Court decision has greatly reduced the uncertainty around texting in a favorable way. Although DialMyCalls is not strictly an auto-dialer, most legislation regarding SMS rules was written 35 years ago. As a business, it’s always better to err on the side of caution and assume you are using an auto-dialer.

TCPA – Telephone Consumer Protection Act

The Telephone Consumer Protection Act (TCPA) has been in place since 1991. It was passed in response to the increasing number of annoying calls from telemarketers. With consumer complaints increasing, Congress acted to bring in the TCPA.

Even though its original purpose was to prevent live and prerecorded calls, it has since been extended to cold text messages by regulation.  Ultimately, thanks to the Supreme Court, most “autodialer” litigation has largely dried up, but brands should still be mindful of the separate Do-Not-Call regulations.  These regulations are more forgiving, but it’s still advisable to always obtain consent before engaging with consumers via text at scale.

Rules

The relevant part of the TCPA is the concept of consent. You must receive explicit consent to make your SMS marketing legal. In other words, you cannot throw out random texts to a contact list.

Unfortunately, there’s a gray area with consent. If a consumer gave you their number, does that count as consent? Can a business text you without permission given explicitly for marketing texts?

It’s a tricky area, but generally, you should always look to obtain consent via an opt-in strategy to stay on the safe side.

Penalties

Penalties for violations of texting laws are steep. Financial penalties for breaking the TCPA are currently set at $500 to $1500. Note that these penalties apply to each violation rather than each campaign.

For example, if you solicit via a text campaign and send your message to 1,000 people who didn’t give their consent, you could be on the hook for $500,000.

CTIA – Cellular Telecommunications Industry Association

The Cellular Telecommunications Industry Association (CTIA) rules differ from TCPA and CAN-SPAM because CTIA rules are industry “regulations”, not laws consumers can enforce.

Carriers have developed CTIA regulations to protect consumers rather than an act passed by Congress.

Rules

CTIA is also all about consent and specific disclosure requirements – above and beyond anything required in the TCPA (e.g., affirmatively disclosing opt-out instructions, Terms and Privacy Policy, and Help instructions). To achieve compliance with the CTIA, you need to follow the rules on revealing the express purpose of your campaign, what the receiver can expect to hear about, how often you’ll be texting them, data rates, and how they can opt-out of receiving any further communications.

Understand that CTIA compliance is relatively simple to achieve because most components also form part of TCPA.

Penalties

The CTIA is not an unsolicited text messages law. For this reason, you cannot find yourself in hot water with the authorities if you fail to follow your carrier’s guidelines.

You can, however, be blocked from the network. Your number may be permanently blocked, and your company may be unable to send further texts.

Since there’s so much overlap between CTIA and other texting laws, breaking one will likely mean breaking the other, so it’s important to be aware that CTIA compliance is as essential as obeying the law.

International SMS Spam Rules & Laws

If you’re a company thinking about going international, you must be aware of overseas SMS marketing laws. There are similarities between international legislation and domestic legislation, but there are also differences.

Before implementing SMS marketing solutions in a new geographical market, familiarize yourself with local laws to ensure you don’t break some obscure text law. As one example that many U.S. brands may encounter, let’s focus on our neighbor to the north:

Canada: CASL – Canada’s Anti-Spam Legislation

 

Canada also has its own legislation American businesses must be aware of. This law is Canada’s Anti-Spam Legislation (CASL) and is there to protect Canadian citizens from both spam and malware.

It applies to all Commercial Electronic Messages (CEM), meaning email, SMS, and application messaging. It also covers any promotion of a commercial service.

Rules

The rules of CASL pertain to obtaining express consent. Under the 2014 legislation, there are two types of consent:

• Implied Consent – Consent is obtained automatically via an established relationship between a consumer and a business.
• Express Consent – The receiver has explicitly said they wish to receive promotional materials from you, either orally or in writing.

Note that CASL states that implied consent has an expiry date of two years. You either need to obtain new implied consent or get express consent to continue sending messages. CASL, however, is distinct from the TCPA in some respects, however, such as explicitly requiring opt-out instructions in each CEM.

Penalties

Penalties for breaking these texting laws vary wildly. The most common penalties promoted by the authorities are Administrative Monetary Penalties (AMPs).

AMPs for the most serious violations of these laws could be up to $1 million per individual violation for individuals and up to $10 million for businesses per violation. These are among the most severe penalties in the world.

Texting Laws in General

Truthfully, most texting laws are largely the same. If you comply with one, the chances are you comply with the core principles of all of them.

Certain principles apply worldwide, mainly concerning consent.

Can a company text you without consent? The answer is usually no, so let’s run through the steps you need to take to ensure your compliance.

Get Written Consent

The first step is to obtain written consent from the person you want to send a message to. There are plenty of ways you can get written consent from somebody. It could be by texting a keyword back to you, ticking a box on a web form, or filling out a physical form.

Written consent is a concept that has been explicitly outlined in the above legislation. Make sure you read through each country’s legislation to check what is acceptable.

You may also obtain what is known as implied or inferred consent. Relying on implied consent is something of a gray area because there’s little way to prove that someone gave their consent. That said, someone who has an existing business relationship (EBR) with your company would have a form of implied consent in place, and that is sufficient to satisfy the more permissive Do-Not-Call rules under the TCPA – provided the consumer has not opted out. Further, EBRs have an “expiration date,” 18 months from a sale, or 3 months from an inquiry, so businesses relying on just an EBR need to be able to track how long they can lawfully engage with consumers.  But written consent is valid until revoked, so everything else equal, obtaining prior express consent in writing like the examples below is safer for the business.

For example, if someone has signed up for your email newsletter, this would imply that they have given their consent to receive promotional messages via other channels, such as SMS.

Unfortunately, the burden of proof is on your business if legal action is ever taken. Emphasize written consent over implied consent because that gives you solid evidence you can produce if audited.

Moreover, some countries like Canada have a set expiry date on implied consent. In Canada, if you’ve yet to obtain written consent from a consumer within two years of the implied consent period, you’re no longer legally allowed to continue messaging them.

Confirm Consent

Is it necessary to confirm that someone has consented to receive marketing materials from you via SMS?

Double opt-in is not a legal requirement in the U.S. and many countries. You can decide on a single opt-in, but there are reasons why you should go further than basic compliance in this respect – particularly if the consumer’s initial opt in is not obtained through their mobile device (e.g., by texting a keyword to your number).

With penalties being so high for violations of texting laws, it doesn’t make sense to take an unnecessary risk. Many business owners believe that adding an extra step in the consent process decreases the chances of people opting in.

While this may be true, someone who really wants to receive promotional messages from you will not turn away because they need to text a keyword back or click on a confirmation link. You want people who’re excited to receive messages from you on your list because these are the people most likely to take advantage of your offers.

Finally, double opt-in protects you from receiving penalties and fines from a country’s regulatory body. It shows that you’ve gone above and beyond to receive consent from everybody on your contact list. And there’s certainly no harm in that.

Provide Opt-Out Opportunities

Most of the focus of these laws is on obtaining consent before sending out messages. However, you also need to provide opt-out opportunities under these laws. Consent is not a permanent or perpetual concept. Consumers generally have the right to withdraw their consent at any point and you need to respect that.

Every country has variations regarding opt-out procedures. You’re always required to provide an option to opt out, such as through a link or by texting a keyword back to you. Whatever platform you’re using, make sure a clear opt-out forms part of your messages.

It’s also important to be aware that many countries may require you to remove customer data after they opt-out.

Countries like the UK only require you to scrub your records if the consumer specifically requests it. You’ll also need to do it free of charge.

Others don’t say much about your obligation to delete data after someone expresses their desire to be removed from your contact list. Generally, it’s best to delete unnecessary data after a set period to protect your consumers’ privacy.

General Penalties for Breaking Texting Laws

Penalties for breaking texting laws are severe. To avoid major multinationals accepting a fine as a cost of doing business, legislation has been framed to incorporate fines per violation. In other words, some countries could see you fined half-a-million dollars per unsolicited text communication you send.

Large-scale campaigns could potentially lead to millions in statutory damages. The scale of these monetary penalties could mean losing your entire business.

Countries like the U.S. have also included the possibility of criminal action in their telemarketing laws.

In the past, many companies have skirted the laws and got away with it. Initial enforcement action was spotty because it typically required consumers to make a complaint before an investigation could begin. Authorities are increasingly taking proactive action by auditing companies and their data protection and privacy systems.

Failing an audit could also lead to financial penalties. In some jurisdictions, subsequent breaches could see your fines increase exponentially.

Avoid Breaking Texting Laws with the DialMyCalls Automated Texting Platform

At DialMyCalls, we understand how complex complying with domestic and overseas legislation can be. Our automated texting platform is designed with compliance in mind. You get all the tools you need to organize your contact list, obtain consent, and maintain accurate records.

Streamline your approach to SMS marketing and communications with the state-of-the-art auto texting platform that empowers you to control everything from a single automated dashboard.

To learn more about SMS marketing compliance, contact us now.

• Previous Article
• Next Article