AI Summarize

Share

Businesses can avoid Telephone Consumer Protection Act (TCPA) fines by taking steps such as providing disclosures, honoring opt-out requests, and getting express written consent before sending Short Message Service (SMS) marketing texts.

This article explains what the TCPA is, whether it applies to SMS messages, the differences between how SMS messages and emails are regulated, and the penalties for TCPA violations. It includes a step-by-step guide for complying with the TCPA and the Federal Communications Commission's (FCC) rules for SMS marketing.


What Is the TCPA?

The TCPA is a 1991 federal law that regulates telemarketing and other types of automated or prerecorded calls with the goal of protecting consumers from receiving unwanted communications. The law applies to anyone who uses automated calling systems, prerecorded voice messages, or similar technologies.

It requires businesses to get consent before using an Automatic Telephone Dialing System (ATDS) or autodialer or sending prerecorded voice messages, and authorizes the FCC to create additional rules, such as calling time restrictions, caller identification requirements, and Do Not Call regulations.

Takeaway: If you market by text, assume TCPA risk unless you can prove compliant consent + opt-out handling.

Does the TCPA Apply to SMS Marketing Messages?

The TCPA can apply to SMS marketing messages sent using an autodialer or automated system.

The FCC views texts sent using an autodialer as "calls" subject to the TCPA. This means that FCC rules apply for SMS marketing messages sent through automated systems. However, the way courts treat text messages isn't set in stone.

Courts have historically treated text messages as calls under the TCPA, but a June 20, 2025, Supreme Court decision (McLaughlin Chiropractic Associates, Inc. v. McKesson Corp.) changed that when it determined that district courts no longer need to defer to the FCC's interpretations of the TCPA when deciding private lawsuits.

As of December 13, 2025, courts are split as to whether text messages are considered calls, with some courts ruling that SMS texts count as calls under the TCPA–particularly regarding Do-Not-Call rules–and other courts saying that since the TCPA doesn't directly mention text messages, the law only applies to phone calls.

For example, on October 7, 2025, a California district court held in Wilson v. Medvidi, Inc. that text messages qualify as calls under the TCPA, while on July 21, 2025, a federal court in Illinois ruled in Jones v. Blackstone that the TCPA's private right to action only applies to telephone calls.

A National Law Review article from December 10, 2025, reports on a recent federal court ruling that SMS messages are considered calls under the TCPA for Do-Not-Call purposes, remarking that the issue is set for appellate review and not yet settled.

Dilanyan v. Hugo Boss court document discussing SMS messages under TCPA regulations

Since courts are divided on whether the TCPA applies to SMS, the safest approach is to treat marketing texts as if they were calls and take steps to comply with TCPA and FCC rules. This can help protect you from potential fines and lawsuits and build trust with consumers.

A 2024 FCC order explains that it considers texts sent using an autodialer as "calls" subject to the TCPA.

The FCC has long taken the position that a text message can be treated as a "call" for TCPA purposes (a view reflected in its 2003 TCPA Order and echoed in later guidance). After the Supreme Court's 2025 McLaughlin decision, some courts have continued to follow that approach while others have declined to extend the statute's "telephone call" language to texts in private DNC suits, so businesses should not treat the issue as settled nationwide.

TCPA introduction and background on robocalls and robotexts in a legal document

In practice, TCPA exposure for marketing texts usually shows up in two ways:

  • Texts sent using an "automatic telephone dialing system" (ATDS) under TCPA § 227(b).

    Important nuance: In Facebook, Inc. v. Duguid (2021), the Supreme Court held that to qualify as an ATDS, equipment must have the capacity to use a random or sequential number generator (to store or produce numbers). Many modern SMS platforms that dial from customer lists may fall outside § 227(b)'s ATDS theory, while still triggering other TCPA/FCC obligations (including consent requirements under FCC rules, do-not-call compliance, and revocation handling).

  • Telemarketing/DNC restrictions that the FCC has applied to certain text messages

What's the Difference Between How SMS Marketing Messages and Marketing Emails Are Regulated?

SMS marketing messages sent via automated systems may be subject to the TCPA and FCC rules, while marketing emails fall under the Controlling the Assault of Non-Solicited Pornography And Marketing Act of 2003 (CAN-SPAM).

Topic SMS marketing (TCPA/FCC) Marketing email (CAN-SPAM)
Baseline rule Prior express written consent is generally required for telemarketing texts made with an ATDS (and FCC rules also apply DNC/telemarketing restrictions to certain texts). Prior consent is not generally required, but you must follow CAN-SPAM content and opt-out rules.
Opt-out Must honor seller-specific DNC requests within 10 business days (and operationally should suppress faster). Must honor unsubscribe requests within 10 business days.
Consent scope Written consent must authorize no more than one identified seller and be tied to the interaction. Not a consent regime; it's a disclosure + opt-out regime.
Statutory exposure $500 to $1,500 per violation + class action risk. FTC/state enforcement + ISP filtering; no TCPA-style per-message statutory damages framework.

SMS Marketing Messages

SMS marketing messages sent via automated systems have historically been treated as phone calls under the TCPA, and are heavily regulated. The FCC requires businesses to get prior express written consent before sending marketing texts.

The FCC gives consumers the right to revoke consent in any reasonable way, such as by replying "STOP" or "QUIT" to an automated message. TCPA violations can cost $500 to $1,500 per text.

Section 227(b)(3) of the TCPA explains that individuals have a private right to action to recover up to $1,500 per violation.

TCPA private right of action for violations and monetary damages outlined in document

Marketing Emails

Businesses don't need to get prior consent before sending marketing emails. CAN-SPAM requires marketing emails to contain a functioning unsubscribe link, the sender's physical mailing address, and accurate subject lines. Businesses must honor unsubscribe requests within 10 business days.

The Federal Trade Commission's (FTC) CAN-SPAM Compliance Guide for Business lists the law's main requirements, including letting recipients know how they can opt out of receiving future emails.

Guidelines on email marketing practices for compliance with regulations in list format

What Happens If You Violate the TCPA?

TCPA violations can result in financial penalties of up to $500 per violation, or $1,500 per willful violation, as well as potential class-action lawsuits.

TCPA violations can be costly: DSW Shoe Warehouse agreed to a settlement of over $4.4M after allegedly sending marketing texts to consumers who had opted out. The Final Approval Hearing for this settlement was held on July 31, 2025, and Final Approval was granted.

In another TCPA class action case, Uber agreed to pay $20m in 2017 to resolve claims involving unsolicited robocalls/texts, including messages allegedly sent after opt-out attempts.

TCPA class action settlement against Uber Technologies involving non-emergency text messages

How to Comply With the TCPA and FCC Rules

These steps can help you comply with the TCPA and FCC rules and avoid potential fines and lawsuits.

To reduce TCPA risk for SMS marketing, you need:

  • Compliant prior express written consent where required
  • Always-on opt-out and revocation handling
  • Do-not-call suppression and recordkeeping
  • Time-of-day controls (quiet hours) until the FCC and courts fully settle the scope for texts.

Let's dive in.

The FCC requires senders of SMS marketing messages sent through an autodialer to get prior express written consent from recipients before sending messages.

Prior express written consent under the FCC is a written agreement between the sender and recipient of marketing communications sent via automated means. The agreement needs to be signed by the recipient and clearly explain that they agree to have SMS marketing messages sent to their phone number.

The agreement should include a "clear and conspicuous" disclosure that contains the following information:

  • The recipient authorizes the sender to deliver SMS marketing messages via an automated system
  • The recipient's agreement to receive SMS marketing messages is not required to purchase property, goods, or services

Important: Under the FCC's definition of "prior express written consent," the consent must clearly and conspicuously authorize no more than one identified seller, and the calls/texts must be logically and topically associated with the interaction that prompted the consent (for example, a checkout opt-in for that brand's promotions). If you use multi-brand lead forms, make sure each seller obtains its own compliant written consent.

Section 64.1200(f)(9) of the FCC's rules explains that prior express written consent needs to include a clear and conspicuous disclaimer that informs the recipient that they are authorizing automated marketing messages and that the agreement is not a condition of purchasing property, goods, or services.

Agreement text detailing TCPA requirements for prior express written consent

Harbor Star Insurance's Text Messaging Consent Form explains that by filling out the form, users are consenting to receive marketing text messages–including those made via autodialer–and that consent is not required to purchase products or services from the company.

SMS-text messaging terms and conditions for Harbor Star Insurance, LLC opt-in form

So, how does getting prior express written consent work in the context of SMS marketing messages?

Let's take a look at some common methods for obtaining consent for SMS marketing messages.

Takeaway: Your checkbox copy matters. Save the exact language + timestamped logs.

Online Forms

If you have a website where users sign up to receive texts, you might get consent via an online form. Consent can be obtained by asking users to tick a checkbox next to a statement that says something like "I agree to receive marketing texts at this number."

If you use this method, you need to make sure the checkbox is unticked by default, as Greenridge Realty, Inc. does here.

Greenridge Realty consent form for marketing texts featuring an opt-in checkbox

Users can join Hanna Andersson's SMS list by submitting their phone number via its online form.

Hanna Andersson SMS sign-up consent popup for marketing messages with phone field

Signing up automatically sends a text from the user's number to Hanna Andersson, which responds with a welcome message and information about message frequency and potential cost, as well as how to opt out.

Hanna Andersson automated SMS subscription message with marketing alerts and privacy link

Text-To-Opt-In Workflows

You can get consent for SMS marketing messages by enabling users to text a keyword such as "JOIN" to a dedicated short code.

Users can text a keyword to SKIMS' short code to opt in to receive promotional and marketing text messages.

SKIMS SMS signup instructions for marketing messages with opt-out details

If you go this route, it's a good idea to use a double opt-in workflow to provide legal protection.

A double opt-in workflow requires the user to confirm their subscription, and can help ensure a user has actually consented to receiving SMS marketing messages, while a single opt-in can open the door to disputed consent or wrong number claims.

For example, when a user texts the SKIMS short code, they get an automated text that requires them to reply "Y" to confirm their subscription to automated personalized marketing texts.

SKIMS automated marketing SMS alert subscription with opt-in reply instructions

Email or Written Agreements

You can also get consent for SMS marketing through a signed agreement, including electronically signed documents (such as DocuSign), digitally completed PDF forms, or traditional paper agreements.

Goosehead Insurance collects clients' consent and e-signatures to send automated marketing texts through DocuSign.

Goosehead consent form for automated calls and text messages

Once you have obtained consent, it's a good idea to maintain timestamped consent logs to prove that you collected valid consent in case a consumer sues.

Provide Easy Opt-Out Mechanisms

You should provide an easy way for recipients to opt out of receiving future communications in every SMS marketing message.

This is typically done by informing users that they can opt out of receiving future messages by replying to a text with a word such as "STOP" or "CANCEL."

While not required by the FCC or the TCPA, including the sender's identity, a notification that your message is an ad or promotion, and information about the frequency and potential costs of messages in your texts can help reduce compliance risk by supporting informed consent.

A text message from the USPS identifies the sender, lets the recipient know that they can opt out by replying "STOP," and includes information about message frequency and message and data rates.

USPS change of address service request text with opt-in instructions

Honor "Reasonable Reply" Opt-Outs

The FCC's "reasonable reply" opt-out rule requires businesses to respond to common opt-out terms. The rule went into effect in April 2025, and says that consumers can revoke consent in any reasonable manner, including by replying with certain keywords like "STOP," "QUIT," and "CANCEL.

Keep in mind, this rule prohibits businesses from specifying an exclusive way to opt out, and requires businesses to honor opt-outs sent through any reasonable channel.

Section 64.1200 (a)(10) of the FCC's rules explains that recipients can opt out of receiving communications by using automated, interactive voice, or key press-activated opt-out mechanisms, or responding to a text with the words "stop," "quit," "end," "revoke," "opt out," "cancel," or "unsubscribe."

TCPA revocation of prior express consent text message guidelines

If your texting program uses a channel that does not support reply messages (or cannot reliably process replies), the FCC expects you to clearly disclose that limitation and provide reasonable alternative ways to revoke consent (for example, a link, website, or phone number).

Whenever someone opts out, you should stop messages as soon as practicable. Under the FCC's seller-specific do-not-call rules, businesses must honor a do-not-call request within a reasonable time that may not exceed 10 business days after receipt.

SMS marketing platforms like Twilio and Klaviyo automatically add users' numbers to a suppression list as soon as they opt out of receiving future messages.

Twilio's support for opt-out keywords page explains that it recognizes common opt-out keywords such as "STOP," "CANCEL," and "REVOKE."

Twilio support for opt-out keywords in SMS compliance overview

Don't Send Messages During TCPA Quiet Hours

While courts are split on whether TCPA quiet hours apply to SMS marketing messages, it's best practice to avoid sending texts before 8 AM or after 9 PM in the recipient's local time.

Section 64.1200(c) of the FCC's rules explains that no telephone solicitations can be sent between 9 PM and 8 AM of the recipient's local time.

TCPA rule on telephone solicitation time restrictions for residential subscribers

Practical takeaway: until the FCC resolves the issue, operationalize a conservative sending window (8 a.m. - 9 p.m. recipient local time) and document how you determine 'local time' for each recipient (e.g., shipping address ZIP/state, user-provided location, or other auditable method).

In March 2025, the FCC posted a Public Notice seeking comments as to whether consumers who provided prior express written consent to receive text messages can claim damages under the TCPA for receiving telemarketing texts during TCPA quiet hours.

FCC public notice on EIA petition for TCPA telemarketing text regulations

Conduct Regular Audits

While not legally required, conducting regular audits of your SMS marketing message system can help ensure that texting practices comply with the TCPA and FCC rules, opt-out requests are honored on time, and accurate consent records are maintained.

Summary

The TCPA is a 1991 federal law that regulates telemarketing calls, including those that use automated dialing systems and prerecorded technology. The FCC treats texts sent using an autodialer as "calls" under the TCPA.

While courts are split as to whether the TCPA applies to text messages, it's best practice to treat SMS marketing messages as calls to reduce compliance risk.

SMS marketing messages have historically been subject to the TCPA and the FCC's rules, while marketing emails fall under the jurisdiction of CAN-SPAM.

If you violate the TCPA, you run the risk of incurring fines of up to $500 per violation or $1,500 per intentional violation, and you may face class action lawsuits.

There are a few steps you can take to comply with the TCPA and FCC rules, including:

  • Getting express prior written consent before sending SMS marketing messages
  • Providing an easy way for recipients to opt out of receiving future messages
  • Allowing users to revoke consent using any reasonable means and honoring those requests promptly
  • Refraining from sending SMS marketing messages during TCPA quiet hours (between 9 PM and 8 AM in the recipient's local time)
  • Conducting regular audits of your SMS marketing message system to ensure compliance

Privacy Policy Generator
The first step to compliance: A Privacy Policy.

Stay compliant with our agreements, policies, and consent banners — everything you need, all in one place.

Generate Privacy Policy