Please note:
To unlock this capability, you will need to have added OptiText to your Optimove package. If you can’t see this feature in your Optimove instance, contact your CSM to find out more.
Across all geographies, you will find that there are different regulations or guidelines when it comes to sending SMS campaigns. These can range from the actual content of the messages being sent, to how your company handles opting in or out of promotional campaigns. In this article, we’ve laid out more detail on some of the key regulations and guidelines which should be taken into consideration before and while sending SMS campaigns with OptiText.
For more best practices for SMS campaigns sent with OptiText, learn more here.
General Rules
Across all regulations and guidelines, there are some common themes that are worth highlighting.
- Obtaining Consent
- Stating Your Purpose
- Terms and Conditions
Obtaining Consent
Before you send any SMS campaigns to your customers using OptiText, you must ensure that you have your customers’ consent to send them text messages. The exact rules for obtaining consent do vary by geographic area (see below for International Guidance), but in general, the customer must freely and explicitly give their consent to be contacted with marketing messages. This can be done in a number of ways, for example, with an opt-in checkbox or a pop-up that encourages the customers to “subscribe for updates”.
Stating Your Purpose
In the SMS content itself, you should not only make sure it is clear who you are, but you should also make the purpose of your message clear, for example, are you sharing a promo code for a sale, or are you sending an update on their most recent order. Not only should your purpose be clear, but also the value you’re providing. Showing your value will not only help you adhere to regulation, but also encourage customers to stay subscribed to your SMS campaigns.
Terms and Conditions
Keeping your terms and conditions up-to-date is of particular importance for your SMS campaigns, as you should share access to the terms each time you send a promotional SMS message. If you are in certain industries, it’s even more important to include your terms and review them on a regular basis.
International Guidance
US and Canada
Regulation
US Telephone Consumer Protection Act of 1991 (TCPA)
The US government created the Telephone Consumer Protection Act (TCPA) to help protect consumers from unwanted marketing texts. This law ensures that companies get explicit permission from their customers before they start sending SMS messages.
Brands need to make sure that not only do they have customers’ express consent to send them SMS messages, but they also need to let the customers know what they will do with their information. Lastly, if the customers change their minds, companies must ensure that they provide a way for clients to opt-out. For more information on consent management for SMS with Optimove, learn more here.
There are some exceptions to the rule: Emergency texts don't need TCPA consent, and neither do non-profits, but exceptions are very rare.
US Cellular Telecommunications Industry Association (CTIA)
The Cellular Telecommunications Industry Association (CTIA) has established guidelines for how companies can make use of SMS marketing messages in an ethical way. They have created two resources, the Short Code Monitoring Handbook and Messaging Best Practices guide. These are widely regarded as the best guidelines to follow, especially when carrying out SMS marketing in the US, although compliance is not required by law.
There are no legal ramifications for ignoring the guidelines set out by the CTIA, however, both mobile network operators and the CTIA compliance team monitor SMS messages and campaigns for violations – and this could result in your SMS campaigns being blocked.
Messaging Best Practices: The CTIA’s Messaging Best Practices guidelines lay out, in detail, their recommendations in terms of your SMS campaigns’ content, consent policy and data handling. The goal of the document is to keep your customers safe and ensure that they are protected from “unwanted” messages. Examples of best practices as stated by the CTIA include:
1. Message senders should provide clear and conspicuous calls-to-action
2. Message senders should conduct regular and thorough security audits
3. Message senders should maintain and conspicuously display a clear, easy-to-understand privacy policy
To learn more about SMS best practices, read more here, where we lay out more detail on both adhering to the guidelines and improving the impact of your SMS campaigns.
Short Code Monitoring Handbook: There are 4 “guiding principles” which sum up the CTIA’s goals for the Short Code Monitoring Handbook:
1. Display clear calls-to-action
2. Provide applicable consent mechanisms
3. Send opt-in confirmation messages
4. Acknowledge and honor opt-out requests
Canada Anti-Spam Legislation (CASL)
In Canada, CASL is the regulation to be aware of when ensuring your SMS campaigns are fully compliant with local regulatory guidelines. Under CASL, companies who sending SMS messages to consumers must make sure they have covered three key areas:
· Obtain consent
· Provide identification information
· Provide an unsubscribe mechanism
For more information on consent management for SMS with Optimove, learn more here.
Content Guidance
In the US and in Canada, there are limitations on the type of content that can be included in your SMS campaigns. These limitations are commonly known as SHAFT, which is an acronym of the following prohibited topics:
- S: Sexually inappropriate content
- H: Hate speech or profanity
- A: Alcohol
- F: Firearms, and depictions or endorsements of violence
- T: Tobacco (including vaping), or endorsement of illegal or illicit drugs (including marijuana and cannabidiol)
Some of this content (such as nightclubs, bars that serve alcohol, and firearms or tobacco sales) may be allowed by certain carriers if a campaign is submitted and approved in advance and a functioning "age-gate" is in place. Content promoting the use of marijuana, including businesses selling cannabidiol, is included in this restriction. This must not be sent on a U.S. short code, TFN, or 10DLC.
In addition to the above, promoting gambling, sports betting and casinos is more limited than other industries. That said, SMS campaigns can still be a very effective tool for these industries, providing they adhere to the following guidelines:
- Ensure campaigns are not targeted at children. They should not be in the Target Group, the content should not be appealing to those 18 or under, and the SMS message itself should have an 18+ warning.
- Gambling should not be promoted as a way to increase income, as a form of employment, or way to pay off debts – companies can promote specific events, odds or games, but they should not portray gambling in a socially irresponsible way.
UK
Regulation
General Data Protection Regulation (GDPR)
GDPR requires companies to obtain explicit consent from individuals before collecting, using, or sharing their personal data. It also gives individuals the right to access, correct, and delete their personal data, as well as the right to data portability.
When creating SMS campaigns that will target your customers in the EU, GDPR will affect you in the following ways:
- You will need to obtain explicit consent from individuals before sending them text messages.
- You will need to provide a clear and easy way for individuals to opt-out of receiving text messages from you.
- You will need to keep records of the consent obtained from individuals, as well as the date and manner in which they provided it.
- You will need to ensure that you are processing personal data of EU citizens in accordance with GDPR and other applicable laws.
Privacy and Electronic Communications Regulations (PECR)
The PECR governs the use of electronic communications – including text messages – in the United Kingdom. These regulations apply to companies who are sending text messages, or other electronic communications, for marketing or other non-essential purposes.
PECR requires that companies get explicit consent from their customers before sending them promotional text messages. Companies must have easy and clear opt-in ad opt-out mechanisms in place for customers to give their consent or unsubscribe.
PECR also regulates the use of automated decision-making and profiling, and companies must let their customers know of their right to object to the processing of their personal data for these purposes – this should be included in your Privacy Policy that you have created for SMS marketing.
Content Guidance
Due to GDPR and PECR regulations, it’s now a legal requirement to offer customers a simple way to remove their consent. For SMS marketing, include an opt-out message in every text to remind customers they can unsubscribe at any time by asking them to respond to messages using the word ‘STOP’, and following this up with confirmation.
The SMS message should also contain a clear description of what the customer is subscribing to and a full privacy policy. This should contain a specific SMS policy that explains what information is gathered, how data is used, and a communications clause that details what users can expect and why.
In terms of the content of your SMS marketing messages, you must ensure that they are appropriate for the intended audience (for example, ensuring under-18s are not targeted with promotional messages for alcohol). You should ensure that your message is not likely to offend, upset or harm, etc, any recipient of the message, whether deliberately or otherwise. In this regard, you must comply with all applicable laws and industry standards that apply to the marketing to children in the UK.
EU
Regulation
General Data Protection Regulation (GDPR)
GDPR requires companies to obtain explicit consent from individuals before collecting, using, or sharing their personal data. It also gives individuals the right to access, correct, and delete their personal data, as well as the right to data portability.
When creating SMS campaigns that will target your customers in the EU, GDPR will affect you in the following ways:
- You will need to obtain explicit consent from individuals before sending them text messages.
- You will need to provide a clear and easy way for individuals to opt-out of receiving text messages from you.
- You will need to keep records of the consent obtained from individuals, as well as the date and manner in which they provided it.
- You will need to ensure that you are processing personal data of EU citizens in accordance with GDPR and other applicable laws.
Content Guidance
As we mentioned above, GDPR is the main legislature in place that companies should be aware of when sending SMS campaigns to customers within the EU.
The key things to be aware of when creating your SMS messages, in terms of meeting regulatory requirements for your content, are as follows:
- Making it easy for customers to opt-out – by including clear options for the customer within the SMS content.
- Being conscious about your message frequency and scheduling, to ensure you are not spamming the customer’s message inbox.
- Making your company’s identity and purpose for messaging clear to the customer.
- Maintaining an easy-to-understand privacy policy and sharing this with your customers in all of your SMS communications.
UAE
Regulation
It's important to note that the UAE has strict laws on data protection and personal privacy, thus companies need to be extra careful when handling personal data and must adhere to the relevant data protection laws.
The Telecommunications Regulatory Authority (TRA) is responsible for regulating the telecommunications industry in the UAE, including promotional text messaging. The TRA has guidelines for companies who want to send SMS marketing campaigns to their customers in the UAE. These guidelines, similar to regulation in other geographic areas, state that you must get explicit consent from individuals before sending them text messages. The consent must be obtained through a clear and conspicuous opt-in mechanism, and individuals must be able to opt-out of receiving SMS campaigns at any time.
The TRA also has guidelines on the content of the SMS that you can send. Messages that are misleading, deceptive, or contain any offensive or discriminatory content are all prohibited. Your SMS must also be clearly identifiable as marketing messages and must comply with all other UAE laws and regulations.
Content Guidance
When targeting customers in the Middle East, it’s important to be aware of any limitations on the type of content you are sending.
In the UAE, there are a range of forbidden SMS marketing topics, including:
- Mobile gambling
- Illicit language
- Adult themes
- Political speech
- Religious topics
The UAE also takes a different approach to opt-in, which in this geographic area depends on the type of message being sent:
- Transactional messages do not require any prior consent, as they are only sent after a relationship has been established. These types of messages include shipping notifications and appointment reminders.
- Promotional or marketing messages must include the sender, type of campaign, and content type in order to be compliant.
When marketing to customers in this geographic area, it is worth reviewing the guidelines laid out by the Telecommunications Regulatory Authority (TRA) which oversees telecommunications (including SMS marketing) in the UAE.
Important Note
The guidance given here is purely informational and not exhaustive, to help you to ensure your SMS campaigns continue to run smoothly and avoid SMS messages being blocked by mobile network carriers or regulatory bodies.
For more information regarding compliance, please contact your OptiText Partner Customer Success Manager.