TCPA Regulations Text Messages: Your Guide for A2P Texting

Published on April 28, 2023

Did you know that around 45% of people who receive SMS marketing messages actually respond to them? This means text message marketing has the potential to be highly effective to engage with your audience and drive conversions. In fact, 91% are interested in receiving text messages from businesses. With such high engagement rates, it’s no surprise that many organizations are turning to SMS as a communication channel. 

However, when you send text messages, it’s crucial to abide by the Telephone Consumer Protection Act (TCPA) regulations to avoid any legal or financial consequences. 

These regulations apply to

  • Businesses of all sizes, 
  • Non-profit organizations, 
  • Political campaigns, and 
  • Other organizations that engage in texting as a means of communication.

Failure to comply with the regulations can result in fines and lawsuits, with penalties that can reach up to $1,500 per violation.

In this blog post, we dive deep into the TCPA regulations, how they can impact your business, and the steps you can take to stay compliant. 

What is TCPA and how does it apply to SMS messaging and SMS compliance?

The TCPA is a federal law that was passed in 1991 to protect consumers from unwanted telemarketing calls and texts. It regulates phone calls, text messages, and other electronic communications in the United States. 

Overview of TCPA regulations for text messages

Here are the 3 fundamental TCPA regulations for text messages that protect consumers and ensure you stay compliant. 

  1. Secure consent
  2. Make opt-out easy and free
  3. Identify yourself

TCPA regulations mandate explicit permission from consumers before sending A2P (Application to Person) text messages. The consent should be in writing; you can obtain it through online forms, text messages, or even verbal confirmation (prior express oral consent).

Keep the consent statement clear, simple, and unambiguous. This means the person giving consent should know exactly what they are agreeing to and how they will be contacted. Avoid using technical terms or legal jargon that might confuse or mislead the person giving consent. 

Keep records of the consent, including the 

  • Date and time, 
  • Method used to obtain it, and 
  • Specific language used to explain the type of messages that will be sent. 

This documentation is crucial in case of a compliance audit or legal dispute.

Make it easy for your recipients to opt out

TCPA regulations mandate A2P users to allow easy and free opt-out options to contacts. That way, you ensure their agency and confirmed consent. Overly complicated processes may result in non-compliance. Keep the opt-out process simple and easy to use, like: 

  1. Provide a reply keyword that recipients can send. (Text messaging tools typically have a default message with trigger words that automatically opt them out. CallHub, for instance, adds people to a DNC list when they reply with keywords like STOP, CANCEL or UNSUBSCRIBE. The DNC list skips these contacts from all future communications from that account on CallHub.)
  2. Share a link they can click on to opt out in the initial message. 

Identify yourself in the first message

Clearly identify yourself as the sender. 


  • The types of messages you’ll be sending,
  • The frequency, 
  • Any charges that may apply, and 
  • That they can opt out at any time.

Let’s look at the three main TCPA consent levels: 

  1. Prior express written consent, 
  2. Prior express oral consent, and 
  3. Implied consent. 

This is the highest form of consent under TCPA regulations for text messages. It requires the recipient to explicitly agree to receive text messages from an organization through a written consent form online or offline. The form must explain the nature of the messages and include a clear opt-out option.

A prior express oral consent is obtained when a recipient verbally agrees to receive text messages from an organization, usually over the phone. 

In this case, in addition to the date and time of the call, keep accurate records of the 

  • Identity of the caller and the recipient, and 
  • A recording of the conversation. 

Implied consent is a more ambiguous form of consent. It’s obtained when a recipient’s actions or behavior suggest they have given consent, even if they haven’t explicitly agreed to receive text messages from an organization.

For example, a customer provides their phone number to an organization in the context of a purchase. This could be considered implied consent to send them transactional or service-related messages. However, do not interpret implied consent too broadly and send marketing messages without explicit consent.

Source: Wisepops

While implied consent may seem like a convenient option, it’s often subject to interpretation and can be challenged in court. 

Using a double opt-in method can be a safer and more reliable approach to obtaining consent for text messaging. With a double opt-in, the recipient must first provide their phone number, and then confirm their consent by responding to a message or clicking a link. This method ensures you have a clear record of the recipient’s explicit consent, reducing the likelihood of legal challenges.

Prioritize obtaining prior express written or oral consent whenever possible to minimize the risk of legal disputes and ensure compliance with TCPA regulations. 

What are the latest TCPA regulations?

The TCPA regulations are constantly evolving. 

Let’s look at the 

  • Latest TCPA regulations and how they impact text messages. 
  • Best practices for complying with these regulations. 

Reassigned numbers database 

The Reassigned Numbers Database aims to prevent organizations from inadvertently contacting individuals who have recently had their phone numbers reassigned to someone else.

In the past, it was common for organizations to rely on the consent obtained from customers when they first provided their phone numbers. Under the new regulation, organizations are required to check the Reassigned Numbers Database before sending text messages or making calls. If a number appears in the database, the organization cannot contact it without prior express consent from the new owner.

Opt-out requirements

Opt-out requirements allow consumers to unsubscribe from receiving text messages and ensure that businesses respect their wishes. 

Under the new regulation, the FCC provided further guidance on opt-out mechanisms for text messages, stating that they must 

  • Be user-friendly and 
  • Not require any additional information beyond the consumer’s phone number and a “STOP” request. 

Text messages to landlines

TCPA regulations apply not only to text messages sent to mobile phones but also landlines. The latest TCPA regulations have clarified that text messages sent to landlines using an autodialer are prohibited without prior express written consent. 

How can organizations comply with TCPA regulations when sending A2P text messages?

Let’s explore some strategies you can implement to comply with TCPA regulations when sending text messages on a large scale.

Here are some of the most common ways to obtain consent:

  • Web forms: Include a checkbox on a web form that users must select to consent to receiving text messages.
Source: Emotive
  • Text-to-join campaigns: Allow users to text a keyword to a specific number to opt in to receive text messages.
  • In-person opt-in: Ask customers or supporters to provide their phone numbers and explicitly ask for their consent to receive text messages.
  • Mobile apps: Include a consent request as part of the app’s onboarding process or in the app settings.

Providing an easy opt-out

CallHub’s text marketing tool makes it easy to provide an opt-out mechanism for your text messages. Our automatic DNC (Do Not Contact) feature ensures that your list stays clean and up-to-date. 

Your contacts can unsubscribe from receiving further messages by sending one of these three words to your number: STOP, REMOVE, or UNSUBSCRIBE. These keywords automatically add the contacts to an account-level DNC list


An account-level DNC list operates on all campaigns created from that account on CallHub. The people who have opted out will not receive messages even from future campaigns, keeping you compliant with TCPA regulations. 

Keep accurate records

One effective way to maintain records is by using a dedicated database to keep track of all consent and opt-out requests. This database should contain detailed information, including the 

  • Date and time of the request
  • Mobile number, and
  • Type of request (consent or opt-out).

CallHub records all messages sent and received, including timestamps and message content. 

Use reputable text messaging providers

CallHub has a reputation for reliability and compliance. With over 9 years of experience in the industry, CallHub is a trusted partner in the text messaging space. 

It provides the necessary tools to obtain consent, maintain accurate records and ensure compliance with various regulations

Monitor and update campaigns

Here are a few actionable ways to monitor and update your text message campaigns regularly:

  1. Review and update your consent language regularly to stay compliant with TCPA requirements.
  2. Keep an eye on opt-out requests and ensure that individuals who have opted out are promptly removed from your text messaging list.
  3. Regularly review your messaging content to ensure it is not misleading or deceptive.
  4. Monitor your messaging frequency to avoid sending more messages than the frequency you mentioned in your initial text.
Create a free account to use CallHub’s TCPA-compliant text messaging platform.

How do long codes and short codes apply to TCPA and CTIA?

CTIA, or the Cellular Telecommunications and Internet Association, is a trade association that represents the wireless communications industry in the United States. 

et’s take a closer look at how long codes and short codes fit into TCPA regulations and what you need to know to stay compliant.

Long codes

Long codes, also known as 10-digit phone numbers, are commonly used to send and receive text messages. They are often used for 

  • One-on-one communication between a business and its customers. 
  • A2P SMS marketing campaigns.

10DLC, or 10-digit long code, is a newer type of long code that is designed specifically for A2Pmessaging. It offers better deliverability rates and fewer spam complaints.

Curious about which is right for your business? Read our blog post on long codes vs 10DLC to help you decide.


Shortcodes typically consist of 5-6 digits. They are often used for marketing and customer engagement purposes. 

One advantage of shortcodes is that they are typically easier to remember than long codes and can be used for high-volume text messaging campaigns. However, they can be more expensive to acquire and maintain than long codes. 

Both long codes and shortcodes must adhere to strict regulations regarding obtaining consent, message content, and opt-out mechanisms. 

SMS opt-in examples

Here are some examples of SMS opt-in messages, keywords, and shortcodes or long codes you can use to obtain consent from customers:

Keyword: JOIN
Shortcode: 12345
Opt-in message: Text JOIN to 12345 to receive our latest promotions and updates. Msg&data rates may apply.

Keyword: YES
Long code: 555-555-5555
Opt-in message: Text YES to 555-555-5555 to receive exclusive deals and offers from our store. Std msg&data rates may apply.


Important note: Always acknowledge the customer’s opt-in and provide clear instructions on how to opt-out. 

For example: 

Thank you for joining our text club! To opt out, simply reply STOP. Msg&data rates may apply.

What are the penalties and fines for not adhering to the TCPA laws?

Let’s discuss the various penalties and fines you can face for violating TCPA laws.

Statutory damages

Statutory damages do not require proof of actual harm or damages suffered by the individual. Instead, these damages are set by law and can be quite severe. The TCPA allows for statutory damages of up to $500 per violation for each unsolicited text message or call. However, if the violation was intentional or willful, the damages can increase by up to $1,500 per violation.

Class action lawsuits

Class action lawsuits can be filed by individuals or groups of people who have been affected by unsolicited text messages or phone calls. In a class action lawsuit, the damages can add up quickly, as multiple plaintiffs may be involved. In fact, some class action TCPA settlements have resulted in millions of dollars in payouts

For example, a company that sends thousands of unsolicited text messages could be hit with a class action lawsuit, with each plaintiff potentially receiving statutory damages ranging from $500 to $1,500 per violation.

FCC fines


The FCC can impose penalties of up to $16,000 per violation for each message sent without proper consent or opt-out mechanisms. 

Possible scenarios that result in statutory damages, class action lawsuits, or FCC fines:

  1. Sending unsolicited text messages without obtaining prior express consent from the recipient.
  2. Failing to include a valid opt-out mechanism in the message or call, such as an easy-to-use reply message or automated menu option.
  3. Continuing to contact a recipient after they have opted out.

Reputation damage

In addition to the financial penalties and legal consequences, not adhering to the TCPA laws can also result in reputation damage Individuals who receive unwanted or unsolicited messages may view the sender as intrusive or unethical, which can lead to

  • Negative feedback,
  • Reduced loyalty, and ultimately, 
  • Lost connections.

Ready to ensure your text messages are TCPA-compliant? 

Adhering to TCPA regulations for text messages is crucial to avoid costly penalties, lawsuits, and damage to reputation. Fortunately, there are solutions available that can help you stay TCPA-compliant, such as CallHub’s text messaging platform

Create an account on CallHub now and ensure your messages are always compliant.

The importance of TCPA compliance cannot be overstated. It’s not just about avoiding penalties and fines – it’s about building trust with your customers and protecting your organization’s reputation. 

Stay up-to-date with the latest TCPA updates.

Featured image: Photo by Ketut Subiyanto