It’s Friday. A typical night when you order in - especially after a long workweek. Your phone buzzes, and you notice it’s from an eatery that sounds familiar - maybe you’ve been there once, but you’re certainly not a regular. Hmm. Maybe they’re offering a special, you wonder. Nope, just a generic advertisement. Bummer.
Over the next week or two, you receive more messages from the same place, and in some cases, more than once a day - even worse, there’s zero value, at least not for you. At this point you find the messages annoying and decide to opt-out altogether. You don’t even recall ever opting in.
Is this scenario all too familiar? There’s a reason why: more and more businesses are turning to text messaging as a way to communicate with customers. This is especially important, as customers do rely on mobile devices throughout their day. However, many businesses are missing a piece of the puzzle - SMS compliance and government rules. Customers deserve the right for their privacy to be protected. Likewise, the messages they receive should be relevant and helpful. Ultimately, if businesses don’t follow guidelines, they will feel the loss in more ways than one, while potentially damaging their brand’s reputation along the way.
So, let’s dive in deeper and learn the what, the why, and the how of SMS compliance and government rules.
What is SMS Compliance?
Enabling text messaging for business communication is a good move for any modern-day business or those moving in that direction. Text messages open the door to more effective and specific support, can be cost-effective (especially when you have the option to start with a free trial), and it’s a quick way to send out brief information to customers.
For businesses that already use Slack or Microsoft Teams for communication with colleagues, Clerk makes it so simple to add texting capabilities to easily contact people outside the organization (customers and clients, for instance) without having to leave the platform.
However, before enabling SMS on your business line, it’s important to understand what SMS compliance means, especially if you’re a business professional who regularly sends out text messages to customers or clients.
SMS compliance refers to the rules and regulations that a business must follow when sending text messages to customers. These guidelines are designed to protect privacy, reduce unwanted or spam-like messages, ensure that messages are relevant and helpful, and encourage companies to use SMS marketing responsibly and ethically.
SMS compliance may include guidelines such as, but not limited to, obtaining consent from customers to receive messages from a business, providing the ability to opt-out, a way to save or archive message records, and making sure relevant messages are sent with a clear sender identification and at appropriate times.
It’s important to note that policies for SMS compliance can vary depending on your location and industry. It’s also recommended to become familiar with the latest rules and regulations, stay up-to-date on any changes or updates, and to adjust your SMS practices accordingly or as necessary.
Why does SMS Compliance Matter?
There are several reasons why SMS compliance is important for businesses.
First, it is one of the steps to protecting your business from legal repercussions. Failure to comply with SMS laws and regulations can result in consequences, including fines and lawsuits. No one wants to deal with this, and it’s certainly not worth your time. What is worth your time is following government rules and best practices.
Second, compliance protects customers’ privacy and ensures that they receive messages that are relevant and helpful to them. This is a way for a business to maintain trust and confidence - important factors in reaching goals of increased sales and/or customer loyalty and retention. If a business is seen as untrustworthy or spammy, it can create a downward spiral and ultimately have a negative impact on a company’s reputation.
How Can Businesses Ensure SMS Compliance?
To ensure SMS compliance, businesses should follow a few key best practices.
- Obtain consent from customers: This can be done through an opt-in practice, where customers choose to receive a text message from the business. SMS opt-ins are contacts who have, in some way, acknowledged it is okay to be text messaged by your business. Some ways you can ensure your customers have opted in include:
- Receiving a message from a contact.
- Send confirmation messages to confirm a subscription.
- Including a disclaimer when a customer makes a purchase or requests a service.
- Use a form that clearly explains the types of messages and frequency customers can expect to receive texts.
- Require customers to click on a link or respond to a text.
- Create a written consent or confirmation from customers.
- Follow guidelines set by your carrier via short codes, keywords, or terms and conditions.
- Provide opt-out instructions: Customers should easily be able to stop receiving messages if they no longer are interested.
- Be transparent: Explain what types of messages customers can expect, how often they will be sent, and any associated costs - immediately after opt-in. Messages should never be deceptive or misleading.
- Maintain records: Save or archive messages, including consent and opt-out requests, with hopes you’ll never need to use them.
- Use a secure messaging platform: It’s important to protect your customers’ data.
- Be aware of formatting or content requirements: check carrier guidelines, research industry regulations, use a reliable platform, and conduct testing. Yes, that was a mouthful. More on this later.
By being aware of SMS compliance, you can ensure your business messages are responsible, ethical, compliant, and effective while improving customer experience and building trust.
Clerk takes data privacy very seriously. We outline all our policies and procedures directly on our website under our Privacy, Anti Spam, and Fair Use policies. We allow only verified opt-in subscriptions, and all subscribers can easily opt-out. Additionally, our terms and conditions agreement indicates that our clients specifically agree not to use Clerk for the purposes of sending unsolicited text messages or spam.
An Overview of Where to Find SMS Legal Requirements
To safeguard consumers from SMS spam and scammers, the texting industry is governed by specific rules and regulations. Here are some of the organizations that provide specifics on SMS compliance.
Federal Communications Commission (FCC): This government agency, overseen by Congress, regulates communication through various mediums such as radio, television, wire, satellite, and cable in all 50 of the United States, the District of Columbia, and U.S. territories. This commission is a go-to resource for communications law, regulation, and technological innovation. It is responsible for enforcing compliance with laws related to SMS communications.
Federal Trade Commission (FTC): This government agency works to protect consumers in various sectors of the economy. They enforce laws to ensure businesses follow rules and are fair to consumers. They also share their knowledge with other U.S. and international government agencies, hold meetings and conferences, and create programs to help people navigate the ever-changing technological landscape.
The Wireless Association (CTIA): This organization was formerly known as the Cellular Telephone Industries Association. They represent the wireless communication industry, including companies involved in making devices, providing wireless service, and creating mobile apps and content. They support policies dedicated toward innovation, investment, and economic growth for the wireless industry. They organize meetings to address challenges and create solutions for best practices. Additionally, the association raises awareness among policymakers and the public through campaigns and events.
National Telecommunications and Information Administration (NTIA): This Executive Branch agency advises the President on telecommunications and information policy issues. Programs focus on expanding Internet access and its contribution toward innovation and economic growth.
In addition to these organizations, it’s wise to investigate in ways that work for you including consumer protection agencies, legal websites, industry associations, publications, and blogs, online forums, and professional legal consultants.
The Telephone Consumer Protection Act (TCPA)
The FCC has established rules for SMS marketing under the TCPA, which requires businesses to obtain consent from customers before sending them text messages for marketing purposes. This means that customers must provide their consent, which can be obtained through electronic means, before receiving any text messages from the business.
The TCPA was created in 1991 to address the growing problem of telemarketing calls and faxes that people found to be frustrating. It has since expanded to include SMS. This act restricts the ability to make telemarketing calls or use automated phone systems that play pre-recorded messages. In order for a business to follow these rules, they must be familiar with rules about calling time restrictions, automatic telephone dialing systems, do not call lists, robocalls, and identification requirements. It is also recommended that businesses keep accurate records of customer consent, avoid sending messages outside of appropriate hours, and ensure that messages are relevant and useful to the recipient.
By familiarizing yourself with organizations and laws, your business will maintain the trust and confidence of your customers, which can lead to increased engagement and loyalty. Compliance can also minimize the risk of legal repercussions, which can be costly and damaging to a business’s reputation. Ultimately, by complying with the TCPA rules, you will take the necessary steps to ensure you’re in compliance and improve the overall effectiveness of your communication efforts.
Clerk Security, Data Privacy & Compliance Policies
Clerk’s data is transmitted over HTTPS (hypertext transfer protocol secure) - meaning it is encrypted via a secure certificate (ever notice the little lock in the address bar?) and is used for secure communication. For a more relevant example, when you make an online purchase, it’s important to make sure the website is HTTPS as opposed to HTTP, because then you know the transmission of your credit card data or other sensitive information is secure.
It’s also important to know that Clerk’s data and services are hosted in Amazon Web Services (AWS) Cloud in U.S. data centers spread across multiple availability zones and private/public subnets, providing protection against localized infrastructure failures. This ensures the highest levels of reliability, security, and disaster recoverability.
In addition, AWS is FedRAMP authorized, which means it has gone through a full, rigorous security assessment and is prepared to handle sensitive data. This authorization provides an extra level of assurance to customers who are concerned about the security of their data.
The Federal Risk and Authorization Management Program (FedRAMP) is a program that helps the U.S. government use secure cloud services. It provides a standardized way to assess, authorize, and monitor the security of cloud-based products and services. By using FedRAMP-authorized cloud services like AWS, agencies can be confident that their data is secure and that they are complying with the latest security standards.
FedRAMP allows agencies to use the latest cloud technology while ensuring the security and protection of sensitive government information. FedRAMP makes it easier for the government to use cloud services by creating clear rules and steps for security authorizations.
Overall, by choosing to host its data and services in AWS, which is FedRAMP authorized, Clerk is demonstrating its commitment to the highest standards of security and reliability. This provides peace of mind to our customers who need to be sure that their data is safe and secure at all times.
As businesses continue to rely on text messaging as a crucial communication tool, the industry is constantly evolving to ensure the safety and reliability of text messaging services. One such development in recent years has been the introduction of 10DLC, or 10-digit long code, which is a type of messaging that has become increasingly important in the United States.
What is 10DLC?
10DLC is a type of messaging that utilizes a 10-digit long code phone number, similar to the phone numbers we use to make voice calls. In contrast to short codes, which are 5-6 digit numbers used for mass messaging, 10DLCs allow for greater flexibility, customization, and control over text messaging campaigns.
Why is it important?
One of the key advantages of 10DLC is that it allows businesses to have greater control over their messaging campaigns. With short codes, messages are subject to strict regulations and are often limited in terms of the types of content that can be sent. 10DLC, on the other hand, offers more flexibility, allowing businesses to send a wider range of messages, including promotional, transactional, and informational messages.
In addition, 10DLC also offers greater security and reliability. Carriers are more likely to trust 10DLCs because they are tied to a specific phone number, making it easier to identify and prevent spam and fraud. This helps ensure that legitimate messages are delivered, while spam and fraudulent messages are blocked.
Clerk can register your brand with 10DLC to make sure you fully comply with the industry standards. With 10DLC, messages are delivered directly to the carrier, which can improve delivery rates and ensure that messages are delivered quickly and reliably.
Archival of Data
In many industries, it is a legal requirement to keep records of all communications, including text messages, for a certain period of time. This is known as compliance archiving, and it is essential for businesses to ensure they are in compliance with industry regulations and legal requirements.
When it comes to SMS archiving, there are a few key considerations to keep in mind:
- Determine what needs to be archived: Before implementing an archiving solution, it’s important to determine what types of text messages need to be archived. This can include messages related to financial transactions, customer inquiries, and marketing promotions.
- Choose an archiving solution: There are a variety of archiving solutions available, including cloud-based solutions and on-premises solutions. It’s important to choose a solution that meets your specific needs and is compliant with industry regulations. Some examples include:
- Global Relay - Microsoft Teams SMS and WhatsApp
- Automatic sync into Microsoft One Drive or Azure Storage
- .CSV export into your existing system
- Set retention policies: Once you have determined what needs to be archived, you will need to set retention policies that specify how long the messages should be stored. Retention policies can vary depending on the industry and legal requirements.
- Ensure security and access controls: It’s important to ensure that the archived messages are secure and that access is limited to authorized personnel. This can include implementing encryption and access controls to prevent unauthorized access.
- Monitor and audit: Regular monitoring and auditing the archiving solution can help ensure that it is functioning properly and that all messages are being properly archived. Leverage a tool like the Microsoft Purview compliance portal to proactively monitor your organization’s compliance footprint.
Experience Clerk for Yourself
For companies looking for easier ways to manage logins and passwords, Clerk offers a Two Factor Authentication (2FA) product to help you keep everything safe and secure, yet consolidated and automated amongst teams that share accounts. Clerk provides you with an easy way to receive verification codes and share logins with teammates while still securing your account.
Clerk works seamlessly with Slack and Microsoft Teams, eliminating the need for outside platforms, and instead consolidating your communication and security best practices. We are designed under the least privilege methodology and are committed to our customers’ privacy and security. Therefore, we request only the Slack and Teams permissions needed to make the app function.
We are trusted across various industries including medical practices, support teams, real estate, and insurance agencies. Clerk has helped countless businesses reach customers faster, efficiently, and more importantly - securely.
Have questions about SMS compliance or are curious how Clerk can help your business? Book a free demo today!
- Please be advised that we are not qualified to provide legal advice. The content provided is for informational purposes only. Questions or concerns should be directed to a government agency or legal specialist. *