Important: This document provides general information for educational purposes only and does not constitute legal, regulatory, or professional advice. The content was prepared without consideration of your specific circumstances. Information presented may not reflect the most current legal developments, and no guarantee is made regarding its accuracy or completeness. Each organization has unique business requirements, operational contexts, and compliance considerations that must be individually evaluated. We strongly recommend consulting with qualified legal counsel regarding any specific questions or before taking any action based on this information.
Even as digital communication continues to evolve, SMS remains a powerful and direct channel for businesses to engage with customers.
However, to minimize risk and make effective use of the channel, businesses must comply with regulations, consumer privacy expectations, and ethical marketing practices.
The cornerstone of responsible SMS communication is obtaining clear, explicit consent from customers. This means customers must actively and knowingly agree to receive text messages. In many countries, including the U.S., there’s a legal requirement for businesses to obtain written consent before sending customers text messages.
Telephone Consumer Protection Act (TCPA)
The Telephone Consumer Protection Act (TCPA) is a federal law enacted in 1991 to safeguard consumer privacy and protect from unwanted telecommunications. The legislation places restrictions on voice calls, SMS, and fax. The 2015 TCPA Omnibus Declaratory Ruling and Order expanded upon the Telephone Consumer Protection Act to address key issues related to modern communication technologies.
- Clarified that ‘prior express written consent’ must be clear, conspicuous, unambiguous, and documented. Consent is required before sending any automated marketing SMS messages to individuals, and the burden of proof lies with the sender.
- Reinforced that businesses must obtain consent prior to sending SMS messages to an individual.
- Ensures businesses provide individuals the ability to opt out easily with clear instructions.
- Establishes the framework for penalties, allowing consumers to sue for damages of $500 per call or text message, or $1,500 per call or text message, if the violation was knowing or willful.
Cellular Telecommunications Industry Association (CTIA)
The Cellular Telecommunications Industry Association, is a trade association representing the U.S. wireless communications industry. The CTIA exists as a central voice and guidance of the wireless industry in the U.S. and other countries have similar trade associations for this purpose. Its primary responsibility is advocating for legislative and regulatory policies that foster innovation and investment in wireless technology, as well as create industry-wide standards for messaging and other services.
CTIA Messaging Principles & Best Practices
The CTIA has developed a set of voluntary guidelines for wireless messaging that, while not legally mandatory, are critically important for businesses to follow. These principles were created collaboratively by wireless industry stakeholders to establish clear operating parameters for businesses that align with consumer protection standards.
Although these are voluntary guidelines, they effectively serve as an industry standard that businesses must adhere to in order to maintain reliable SMS communication channels. Carriers take these principles seriously and may take action to restrict messages from businesses that do not respect consumer messaging protections.
P2P vs A2P
The CTIA defines messaging interactions in two ways:
- Consumer (Person-to-Person, P2P): Low-volume exchange of wireless messages between two individuals, excluding employees or agents of businesses, or organizations sending messages to consumers. These are wanted messages between two consumers, like the kind one might send to a friend or family member.
- Non-Consumer (Application-to-Person, A2P): All traffic that falls outside of normal consumer-to-consumer interactions. For example, conversational messages with a support team or a sales rep, as well as marketing messages, appointment notifications, IT alerts, and other types of calls to action.
All domestic US SMS messages sent from Revenue.io are considered Non-Consumer Application-to-Person (A2P). When messages are sent from local long codes (10-digit phone numbers), this is referred to as A2P10DLC messaging and businesses in the US must register before SMS can be enabled.
Revenue.io acts as a service provider enabling SMS capabilities through Twilio’s A2P10DLC infrastructure. Customers are responsible for registering their use cases with Twilio, managing consent collection, message content, and maintaining compliance with applicable laws, including the TCPA and CTIA guidelines.
See: Application-to-Person (A2P) SMS Registration Requirements
Now that you understand how your messaging traffic is classified, you can use the CTIA Principles & Best Practices as a framework for your business to develop responsible, compliant, and effective messaging strategies that protect consumer interests, maintain messaging reliability, and build trust with your audience.
Common Opt In Example
Under the TCPA, record of a consumer's opt-in must be made in writing, whether by electronic means or old-fashioned pen and paper. It's recommended that all opt-ins be documented in some way so that you can easily demonstrate how and when you received the consumer’s consent to send them messages. The burden of proof to establish that a consumer provided consent to recurring messages lies with the business.
Website Contact Form
A contact form, such as the one above, provides the consumer with a clear and explicit agreement allowing them to make an informed consent decision.
- Identifies the purpose of the message campaign and who will be contacting them
- References the business's privacy policy and terms of use and provides customer care contact information if there are questions about messaging policies
- Includes clear instructions on how the consumer can opt-out of messages in the future
- Sets the expectation for how often messages will be received (eg. once a week, once a month, or message frequency varies)
- Required “Message and data rates may apply” disclosure
A completed contact request may create a Lead record in Salesforce. Depending on your business practices, this could function to store consent.
- Date and timestamp of lead creation and consent (CreatedDate)
- Field History Tracking (SMS Opt Out)
- Contact details (Name, Phone, Mobile)
- Source of consent (Campaign)
- Specific messaging preferences, service interest, etc
Opt-Out Management
Revenue.io handles standard English-language reply messages such as STOP, UNSUBSCRIBE or CANCEL for Toll-Free and Long Code messages, in accordance with industry standards. These keywords trigger automatic standard replies and adds a block which prevents your users from messaging the individual.
Automatic Reply: "You have successfully been unsubscribed. You will not receive any more messages from this number. Reply START to resubscribe."
Only single-word messages will trigger the block. So, for example, replying STOP will stop the customer from receiving messages from that particular Twilio number, but replying "STOP PLEASE" or "PLEASE CANCEL" will not.
Once a block is in place, the only way for it to be removed is if that individual texts START, YES, or UNSTOP to opt back into messaging. An account administrator cannot remove the block.
Automatic Reply: "You have successfully been re-subscribed to messages from this number. Reply HELP for help. Reply STOP to unsubscribe. Msg&Data Rates May Apply."
Sync to Salesforce
When an individual responds to opt-out or re-opt-in to messaging, our application will reflect that status in the Salesforce record's SMS Opt Out field (ringdna__HasOptedOutOfSms__c)
Checking this checkbox will also allow users and administrators to opt-out an individual if they have made a direct request to no longer receive SMS messages. This allows your team to manually fulfill these requests even if the individual did not use a keyword.
Note that unchecking the checkbox will not unblock SMS.
First Message Disclosure
Your first message sent to a phone number will include a disclosure in order to provide individuals clear instructions on how to opt out easily to communication, per TCPA and CTIA guidelines.
This disclosure is repeated if it's been more than 30 days since your last message to the individual.
Example Message:
"Hi Florence. This is Philip from Acme Inc. I called and left you a voicemail earlier regarding your request to learn more about our products. Feel free to give me a call back at this number, or text me if it's easier. Looking forward to connecting soon!
Reply HELP for info. Reply STOP to cancel. Msg&data rates may apply."
This disclosure cannot be removed or modified.