Rules & Regulations for SMS Compliance in the United States

The Federal Communications Commission has issued rules to ensure consumer protection in regard to commercial SMS messaging; that is the sending of marketing text messages to mobile phones. The Telephone Consumer Protection Act (TCPA) and CAN-SPAM Act are the applicable laws regulating marketing using SMS messaging in the United States of America.

The CAN-SPAM Act defines commercial messages as those that primarily advertise or promote a commercial product or service. This excludes transactional messages – notifications to facilitate a transaction a consumer has already agreed to, for example, messages that provide information about your existing account or warranty information about a product you’ve purchased. Also excluded are non-commercial, informational texts, for example, those by or on behalf of tax-exempt non-profit organizations, those for political purposes, and other non-commercial purposes, such as school closings.

The application of these regulations to commercial SMS messaging are set out in compliance and best practice manuals by industry bodies, namely the CTIA – The Wireless Association and the Mobile Marketing Association (MMA). It is your responsibility to ensure that your SMS messaging program is compliant, and you should make yourself familiar with the relevant industry codes, guidelines and all applicable laws.

IVR Lab has a zero-tolerance policy for SMS/text message spam. Subscribers to SMS messages must have opted into and given permission to receive your SMS broadcasts and autoresponder sequences.

Any unwanted SMS message is spam. If the recipient hasn’t explicitly requested and specifically granted permission to receive your message you cannot message them. Violations of this policy may result in the termination of your account or messaging privileges.

Some Key Requirements for SMS Marketing

Privacy and Data Protection

Consumers have the right not to receive unsolicited marketing communications via SMS. It is your responsibility to ensure compliance with this.

Opt-in: Consent to Marketing

A consumer has to provide consent before they receive marketing communications via SMS. This consent needs to be in writing (for example, in an email or other formal method). This means that you need to ensure that consumers are informed about what they are to receive before sending them marketing messages. Records of consumer approvals to receive marketing communications must be kept. These records are to include the method, time, date, and location by which a consumer provided their agreement as well as the terms for the receipt of marketing communications to which a consumer agreed to. {NO third party lists}. IVR Lab may ask you to provide proof of compliance.

Opt-out: Removal of Consent to Marketing

The universally recognized method of opting out from receiving marketing communications via SMS is for a consumer to send STOP to a message they received. You also need to honor an opt-out request via other channels you can be contacted on, for example, via email or by telephone. A STOP confirmation message must be sent to the consumer to confirm the opt-out. This message should include the name of your company and the following words: “You have opted out. You will not receive additional messages”. Records of opt-out communications need to be kept.

Message Content

The content of marketing messages must be appropriate to the intended audience and will not be likely to offend, upset or harm, etc, any recipient of the message, whether deliberately or otherwise. In this regard, you must comply with all applicable laws and industry standards that apply to the marketing to children. Your account or message sending privileges may be suspended or terminated if you are found to be in violation of these rules.

Sending Time-frame

The TCPA (Telephone Consumer Protection Act) stipulates that text messages may only be sent between 8 a.m. and 9 p.m. in the time zone your recipient is in. If your service sends messages to contacts in different time-zones, you must have permission to do so.

Record Keeping

To protect your organization from future disputes, it’s advisable to maintain each contact’s consent for at least four years from that date in which it was given, which is the federal statute of limitations for bringing an action under the Telephone Consumer Protection Act.

Additional Compliance Information can be found here


The information contained in this note is for general guidance on compliance matters only. While we have made every attempt to ensure that the information contained here has been obtained from reliable sources, IVR Lab or its partners are not responsible for any errors or omissions, or for the results obtained from the use of this information. It shall be the sole responsibility of Users of IVR Lab services to familiarize themselves with all applicable laws, regulations and codes of conduct to which they may be subject and to ensure compliance therewith.


A Stormfire Group Company
Website Designed & Maintained by Level9Solutions