Here at MailChimp, we only allow you to send SMS messages through our SMS app, Gather. Since we're dipping our toe into the SMS-messaging pool, we wanted to give you some information about SMS rules. We hope you'll come away from this a little wiser and more informed about Gather's privacy features.
Telecommunications is a heavily regulated industry in the United States, and with the advent of SMS text messaging, many of these laws and regulations have been determined to apply to texts and phone calls. Here are some of the laws and regulations you need to be aware of when you’re creating an SMS campaign.
1. The Telephone Consumer Protection ActThe Telephone Consumer Protection Act (TCPA) regulates any means “to communicate with or try to get into communication with a person by telephone.”
TCPA has some strict-opt in requirements—namely, that consent must: be in writing
come from the owner of the device
identify the advertiser and all companies that will have access to the customer’s phone number
make clear the type of text messages the consumer is signing up for (consenting to event updates is not the same as consenting to ads) state that standard messaging fees may apply
include how the subscriber can opt out at any time
Once consent is given, it can’t be transferred between affiliates or by sale or other contract. People may bring suit for up to $1,500 per message (yikes).
CAN-SPAM doesn’t apply to transactional messages, like confirming a signup for an event. CAN-SPAM only applies if the messages are sent using SMTP, which means using an internet address that includes a domain name (like email@example.com). Just like regular emails, you can't have a misleading “from” line, you must disclose the name and address of the sender, and you must include an opt-out option (an email address or otherwise). SMTP messages trigger the same fines that an email would under CAN-SPAM. These requirements aren't easily translated into a text message, which is why sending SMTP messages through MailChimp is not allowed.
3. State laws
California, Louisiana, Ohio, Rhode Island, Washington, North Dakota,
Oregon, Utah, Vermont, Alaska, Arkansas, and Colorado all have laws on the books that affect SMS messaging. If you’re a resident of one of these states or send to anyone who is, you need to comply with their laws too. Most of these laws are focused on sales communications, so making product offers or sales inquiries via SMS may be a violation. Violations are investigated by the State Attorney General and may result in some serious fines.
According to the Children's Online Privacy Protection Act of 1998, you can't collect information from children under 13 without parental permission.
5. Telemarketing Sales Rule/The Federal Do
Not Call List
This applies to text messages and calls. A marketer can’t send a text message to any number registered on the DNC unless they’ve obtained prior express consent or have an established business relationship with the consumer (a transaction within the last 18 months or inquiry within the last three months).
The Telemarketing Consumer Fraud and
Abuse Prevention Act
Under this law, the FTC can bring action against a company engaging in unfair or deceptive SMS marketing campaigns. This prohibits sending unsolicited messages and deceptive content.
If you send text messages to subscribers outside the U.S., you may be held accountable to other anti-spam requirements. For example, the European Union’s Privacy and Electronic Communications Directive requires an opt-in system for SMS marketing. They also prohibit the sender from concealing or disguising its identity (something you shouldn’t be doing anyway), and that a valid address for opt outs be made available. As always, it's best to consult with a lawyer who knows the SMS spam laws in your jurisdiction.
Some industries have set their own best practices for SMS campaigns. If you’re in one of these industries, it's a good idea to comply with their guidelines as well. Here are a few:
MMA - U.S. Consumer Best Practices for Messaging MMA- Code of Conduct for Mobile Marketing
Here are a few examples of lawsuits related to SMS messages. It’s not as exciting as Law & Order, but we hope you’ll read the summaries carefully to avoid making the same mistakes these people did.
Satterfield v. Simon & Schuster, $10 million
Simon & Schuster outsourced their promotional campaign to a marketing company. That company purchased a list of 100,000 phone numbers from a different website, Nextone.com. Nextone users then received a promotional message from S&S, including the plaintiff, Ms. Satterfield. Satterfield had signed up for Nextone promotions by clicking “Yes!” next to a consent
statement saying, “I would like to receive promotions from Nextones affiliates and brands.” The court interpreted “affiliates and brands” to include only a corporation that is related to another corporation by shareholdings or other means of control.” Because Nextone didn’t own or control S&S, nor had any direct relationship with S&S, Satterfield didn’t consent to receiving messages from S&S. The class action settled for $10 million ($175 per plaintiff, plus $2,725,000 in attorneys’ fees).
Takeaway: Consent for SMS messages is only granted to the company identified in the consent and may not be transferred to another company. Also, if you outsource your marketing, be aware that you’ll still be on the hook, both legally and in the eyes of the public, for their actions.
Heartland Automotive Services, $47 million
A Jiffy Lube franchise sent 2.3 million unsolicited text messages to advertise a discount offer.
class-action lawsuit, which is even less fun to litigate than a normal lawsuit. Papa John's is facing a $250 million lawsuit for sending over 500,000 unsolicited text messages too.
FTC v. Phillip Flora, $58,946.50 judgment
The FTC brought a case against Phillip Flora for sending millions of
unsolicited text messages. The messages also included deceptive content.
Takeaway: Even if you don’t get sued by individual recipients, you may still
be fined by the FTC.
ICO v. Niebel & McNeish, £440,000 settlement
Niebel and McNeish owned the company Tetrus Telecoms, which would send out more than 800,000 texts a day on behalf of clients. This practice was deemed a breach of the Privacy and Electronic Communications Regulations 2003.
Takeaway: This is an international issue, not just a U.S. one.
Thanks for taking the time to learn about the rules surrounding SMS messages. It can be a great way to communicate during events, which is why we created Gather. But if you’re using Gather to send text messages for events, please respect your recipients and keep these laws in mind.