In case you missed it (in which case you probably live under a rock), the digital world has been going through a bit of a privacy crisis over the past two or so years. There have been major changes with websites, ads, and emails…and now, text wants in.
Texting regulations are nothing new, but the enforcement of these regulations has been accelerating in recent months—the big one being that you are required to obtain prior express written consent before texting anyone. So what does that mean?
Read on to learn:
- What prior express written consent is.
- Why you need it
- How to obtain it, and what happens if you don’t.
Disclaimer: Please note that this is not legal advice and is for informational purposes only. It is not intended to substitute for advice from qualified legal counsel, nor is it to assist you or help you be compliant as you assume 100% responsibility in all legal matters.
Table of contents
What is prior express written consent?
In plain speak, prior express written consent is a term in the Telephone Consumer Protection Act (TCPA) that means a consumer has granted you permission to call or text them.
What does that look like? Well, the TCPA’s definition of “prior express written consent” is as follows:
Before sending a marketing text or making a marketing call to consumers, the texter/caller must have the consumer's prior express invitation or permission, “which must be evidenced by a signed, written agreement between the consumer and seller, which states that the consumer agrees to be contacted by this seller and includes the telephone number to which the calls may be placed.”
Image source
The CTIA (Cellular Telecommunications and Internet Association) also requires prior express written consent, by way of requiring businesses to adhere to the TCPA:
Image source
Okay but what exactly does prior express written consent mean?
Let's break it down:
- Express: This means explicitly and intentionally given by the consumer, not implied.
- Written: As in, not verbally or implied, but rather documented and accessible somewhere, such as in a form or terms and conditions page.
- Signature: This doesn’t have to be an actual penned signature. It can come in the form of submitting one’s name and contact information through a website, app, or form.
- Prior means that the consent needs to be given before the first text or call (i.e. you can’t text them to ask if you can text them).
This needs to happen on any place on your website where you collect a visitor’s contact information for the purpose of reaching out to them via text.
Why do I need to obtain prior express written consent?
Not only is this a legal requirement, but it stands to benefit your business to obtain prior express written consent.
SMS consent is a legal requirement
All businesses sending texts to consumers must have that number registered with its appropriate third party (shortcode, toll-free, and 10DLC numbers each have different registration processes). Registration requires adherence to the TCPA as well as CTIA Messaging Principles and Best Practices both of which require SMS consent.
It’s not a new requirement
SMS consent is a way to protect consumers from being bombarded with excess and/or unwanted texts and calls. It is not actually a new regulation, but it is being newly enforced in the text realm as 10DLC regulations have ramped up.
10DLC stands for 10-digit long code, by the way. You can learn more about 10DLC here.
For the full history:
- In 1991, the Federal Communications Commission instated the TCPA, which required all businesses to obtain consent from consumers to make telemarketing calls.
- In 2015, the Omnibus Declaratory Ruling and Order declared that the same rules in the TCPA would now apply to text messaging.
- In 2017, the CTIA and all MNOs (major mobile network operators, like AT&T, Verizon, and T-Mobile) began rolling out programs to make texting secure and successful for consumers and businesses.
- In early 2022, the major MNOs began requiring that all 10DLC numbers being used for business texting be registered (which means through The Campaign Registry. This is not surprising, as shortcode and toll-free numbers already had a registration process.
- In late 2022/early 2023, this requirement was only loosely enforced, but with each passing month the consequences for not having a registered number have ramped up.
- As of July 6, 2023 all mobile carriers (AT&T, Verizon, T-Mobile, etc.) are restricting texts from businesses to customers from unregistered 10DLC numbers.
- As of August 31, 2023 they are blocking texts altogether from unregistered 10DLC numbers.
Image source
It’s to protect consumers
So, why are texting regulations ramping up? Because the goal of the rules is to protect consumer privacy and ensure a pleasant experience, and yet the number of unwanted and robotexts has been skyrocketing over the past few years.
From 2015 to 2022, the number of robotext complaints rose from 3,300 to 18,900—a more than 500% increase.
Image source
As a result, the FCC has recently begun stronger initiatives to crack down on texts from illegitimate numbers. No, your business may not be illegitimate and you aren’t sending spam texts, but unfortunately, the bad players in the industry have to ruin it for everyone. Blanket regulations have to be in place to keep things in check.
It’s to protect you
The explosion of robotexts isn’t the only factor at play here. As mentioned in the intro, the digital world is going through a privacy revolution right now. Consumers are extra vigilant of how their information is used and how and why they are contacted.
By following the ground rules, you can ensure protection against lawsuits—not to mention financial and reputation-related consequences, which we’ll talk more about later.
How do you obtain prior express written consent?
There are three ways to obtain prior express written consent for SMS: Form, text widget, or text opt in.
SMS written consent via form
As a means of lead generation, with any offer from a business—such as to get an estimate, submit an inquiry, or download a guide—there is a form for the consumer to fill out to obtain it.
These can appear anywhere on your website, such as your contact us page, popups, landing pages, and live chat widgets. Anywhere where you collect their contact information is considered a form. Note that forms can also be offline, physical forms such as sign-up sheets in your store or at events.
SMS written consent via text widget
Many home services businesses have a widget on the bottom right of their website that enables them to opt in to text communication.
SMS written consent via text opt-in
Many websites have offers to sign up directly to get updates, offers, and discounts through text. (Hatch Chat, for example)
These two examples may appear simple, but they are actually meeting a long list of requirements for obtaining consent. Let’s go over them.
What are the requirements for obtaining prior express written consent?
Regardless of which SMS consent method you are using, they are all considered an “agreement” and your agreement must contain the following:
- The telephone number of the person who is giving permission to receive texts or calls
Aka the form field where the user provides their number
- The purpose of your campaign
Aka the type of messages customers will receive
- Text message frequency
This is not mandatory, but is a recommended best practice.
- The following disclosures:
- By submitting/signing the form, the user is opting in to receive text messages. (we’ll provide verbiage on this in a bit)
- How subscribers can opt-out
- “Message and data rates apply.”
- “Consent is not a condition of purchase.”
- Link to terms and conditions: Your terms and conditions outline the rules of engagement for your website, for both your business and your visitors. They primarily protect your business. Your SMS terms and conditions can be its own page or a section in your existing page. (See our guide to writing your SMS terms and conditions.)
- Link to privacy policy: Your privacy policy discloses how you collect, store, and distribute user data. It primarily protects user rights. Your SMS privacy policy can be its own page or a section in your existing page.
Templates for consent to receive text messages
Here are some examples of verbiage you can use in your forms and landing pages to obtain prior express written consent.
NOTE: This is not legal advice, but just meant to give you a starting point. Please clear these with your legal representative.
ALSO NOTE: Remember that they all require the following:
- “Message/data rates apply.”
- “Consent is not a condition of purchase.”
- A link to your SMS terms and conditions and SMS privacy policy.
Prior express written consent templates and examples:
Note that "By submitting" can be replaced with anything that describes the action, like "By clicking [button name]," "By signing up," etc.
- By submitting, you agree to our Terms and Conditions and Privacy Policy, which state that we will never share your personal information or spam you.
- By submitting, you authorize [company] to send text messages with offers and other information. Message/data rates apply. Consent is not a condition of purchase.
- By submitting, You agree to our terms and conditions/privacy policy, which state that we will never share your personal information or spam text you.
- By clicking “Sign up” you authorize this business to send text messages with offers and other information, possibly using automated technology, to the number you provided. Message/data rates apply. Consent is not a condition of purchase. You may unsubscribe at any time.
- By opting into the web form, keypad or keyword above you are providing consent for [Company] to send you periodic text messages. Standard message rates may apply. You can reply HELP at any time to learn more. You may opt-out anytime by replying STOP.
- By pressing “[Name of Button, i.e., ‘Submit’],” I agree to receive recurring messages from [Company Name] to the provided mobile number and also agree to the [Company Name] terms and privacy policy at [link]. Message & data rates may apply. Reply STOP to cancel. Reply HELP for info.
- By submitting this form, you agree to receive up to X text messages per week delivered to the phone number provided at opt-in. Text STOP to cancel. Consent not required to purchase goods or services. Message and data rates may apply.
Checkbox examples:
These are optional, but we recommend using this especially if you use text in more of a conversational manner:
- Can we text you to get in touch?
- Can we converse with you over text?
- Enable text communication?
- What’s the best way to reach you?
- Text me with [updates, appointments, etc.]
- It’s okay to reach out to me for scheduling and questions via text.
- A lot of our customers find it more convenient to interface with us over text. Check this box to opt in.
SMS consent tips and best practices
Other than staying compliant with the above TCPA and CTIA rules, there are a few more best practices that you can follow to ensure your reputation and rights are protected, and that you get the opt-ins you desire!
Use a double opt-in
A double opt-in means you obtain consent in the form and then again via the first text you send. This is not required by the TCPA, but the CTIA recommends it if you’re sending recurring messages.
For example:
- Thanks for contacting [Company]. Please reply YES to consent to sending and receiving text messages with us.
- Hey [name], thanks for signing up for [restate offer]. Msg & Data rates may apply. Reply YES to confirm, HELP for help, or STOP to opt out.
- Hi [name]! You are now enrolled in [program]. X messages per [month/week]. Msg&Data rates apply. Type YES to confirm, STOP to stop, HELP for help.
Image source
Embrace it
We get it—a well-designed website form needs a block of legal text like you need a hole in the head. Not only does it not look attractive, but legal stuff always runs the risk of scaring away a consumer. The problem is, you’ll only make things worse by trying to make it extra small or trying to reword it to sound less legal.
Stick to the verbiage required. If your website, content, and customer experience are all in top shape, you’ll have earned enough trust for consumers to feel comfortable opting in. Plus, at the end of the day, you only want to be texting consumers who want to be texting with you.
RELATED:
Find out what verbiage works for your business
If your business uses text in a more conversational manner, don’t be afraid to explore your options and find the messaging that works best for you.
For example, Hatch customers primarily use business texting to converse with customers in real time. This is very different from, say, an ecommerce business sending texts with promo codes once a week.
As such, we recommend different verbiage than what is suggested (after clearing it with compliance). For example:
- Instead of “You agree to receive texts with offers and information.”
- We recommend “You agree to let us reach out to you to schedule and coordinate appointments and projects.”
- Instead of “Reply STOP to unsubscribe.”
- We recommend “If you don’t wish to converse over text, reply END.”
Focus on conversion rate optimization
There are so many factors involved in whether a person converts on your forms and landing pages. While you can’t control the legal aspect of things, there are still plenty of elements you can test to find out what works best: the images, the copy, the button color, the messaging, the layout of the page, and more. Run A/B tests on these elements so you can ensure that everything is in optimal conditions for conversion.
Check out my post on WordStream for more landing page tips:
Be personable
Even though there is specific verbiage to be used for SMS opt-ins, there is still enough opportunity to make it conversational—which can help offset the rigid legalese.
For example:
- We promise never to share your personal information or send annoying spam texts.
- We respect your privacy.
- We promise not to spam text you.
- We ask for your phone number so we can coordinate estimates, appointments, and projects over text.
Think about how you would talk to a friend and use that tone in your forms.
Why should I take express written consent seriously?
The TCPA is federal law, and its guidelines are in place to keep texting a win-win for both consumers and businesses. Here are five key reasons you need to take express written consent seriously:
- Fees: Violating TCPA guidelines can result in hefty fees. OpenPhone mentions $1,500 for every text that violates guidelines, while Forbes mentions $20,000. For more on this, head to Active Prospect's post on TCPA violations.
- Keep your customers: Violating the TCPA can also result in losing access to mobile networks and therefore the customers that use them. Also, at the end of the day, you only want to be texting consumers who want to be texted anyway.
- Campaign performance: Your adherence to TCPA and CTIA guidelines factors into your “trust score” which mobile networks use to prioritize messages. The higher your trust score, the better your deliverability and throughput.
- Reputation: These rules are in place to ensure you don’t cross boundaries with consumers which will of course turn them away. Not to mention the negative reviews you are likely to receive if you violate guidelines.
- ROI: Following these guidelines builds customer trust and ensures your campaigns run smoothly—two crucial things for maximizing your ROI and ultimately growing revenue.
TCPA checklist for express written consent
Let’s finish off with an overall checklist for SMS opt-in requirements per the TCPA.
1. SMS terms and conditions
Create an SMS terms and conditions page or add an SMS section to your current terms and conditions page. It must include:
- Program name
- Program description (types of texts, frequency)
- How to opt out
- How to get support
- Carriers not liable for interruption of service statement.
- Message/data rates apply.
- Link to privacy policy
2. SMS privacy policy
Create an SMS privacy policy page or add an SMS section to your current privacy policy page. It must:
- Provide an accurate description of the SMS service, including when and what type of messages users will receive
- List the kind of personal information you're collecting (name, email address, phone numbers etc).
- List the methods you use to collect personal data (a form, cookies, etc).
- Explain how you're using the personal data you collect (sending emails or text messaging, etc).
- Explain how you store, maintain, and safeguard the personal information you're collecting.
- Explain if, how and why you share personal data with third parties.
- Provide a method for correcting, verifying, changing, or removing personal information.
3. SMS opt in on forms
Anywhere that you collect a consumer’s phone number for the purpose of reaching out to them via text, you must include the following on that form:
- The telephone number of the person who is giving permission to receive texts or calls
- The purpose of your campaign
- Text message frequency (optional)
- The following disclosures:
- By submitting/signing the form, the user is opting in to receive text messages. (we’ll provide verbiage on this in a bit)
- How subscribers can opt out
- “Message and data rates apply.”
- “Consent is not a condition of purchase.”
- Link to SMS terms and conditions
- Link to SMS privacy policy
Additional resources
Many of these resources are already linked in the above article, but here is a list of them for easy reference.
From Hatch
- From the FCC (Federal Communications Commission)
- From the CTIA (Cellular Telecommunications and Internet Association)
- From Twilio (Direct Connect Aggregator that interfaces with the mobile networks):
- 10DLC help from Hatch (us!)
- From The Campaign Registry (the third party that registers 10DLC numbers)