TCPA
[tiː siː piː eɪ]TCPA (Telephone Consumer Protection Act) is the federal law regulating automated calls and text messages to consumers, requiring prior express consent and establishing penalties of $500-1,500 per violation. For businesses using SMS marketing, TCPA compliance forms the foundation of legal messaging operations.
Why TCPA matters
The TCPA stands as the most powerful consumer protection law in digital marketing, with teeth sharp enough to bankrupt companies overnight. Created in 1991 to combat robocalls, the law evolved to become the primary governance framework for business texting. Its private right of action empowers individual consumers to sue directly for violations, creating a litigation industry that files thousands of cases annually.
The financial stakes reach staggering heights. Dish Network’s $280 million settlement, Caribbean Cruise’s $500 million judgment, and dozens of eight-figure settlements demonstrate TCPA’s devastating impact on non-compliant businesses. Even small violations multiply quickly - a single promotional text to 5,000 customers without proper consent creates $7.5 million in potential liability. Unlike other regulations with warning letters and correction periods, TCPA enforces strict liability from the first violation.
Yet TCPA serves a vital purpose in preserving SMS as a trusted communication channel. By requiring explicit consent and immediate opt-out processing, the law prevents the spam-flooding that destroyed email marketing effectiveness. Businesses that embrace TCPA compliance through proper systems and platforms like Clerk Chat build sustainable messaging programs on foundations of trust and respect. The companies thriving with SMS marketing view TCPA not as an obstacle but as the framework ensuring their messages reach engaged audiences who actually want to receive them.
How TCPA works
TCPA creates a comprehensive regulatory framework governing business texting:
Consent Requirements: Before sending marketing messages, businesses must obtain “prior express written consent” including clear disclosures about message types, frequency, and charges. Transactional messages require “prior express consent” which can be verbal or implied.
Disclosure Standards: Consent forms must include specific language stating the consumer agrees to receive automated marketing messages, that consent isn’t a purchase condition, and that message and data rates may apply.
Record Keeping Mandates: Businesses must maintain detailed records proving consent for each number messaged, including when, how, and what disclosures were provided during consent collection.
Identification Rules: Messages must clearly identify the sending business. Anonymous or misleading sender identification violates TCPA regardless of consent status.
Opt-out Processing: Recipients must be able to revoke consent easily and at no charge. Businesses must honor opt-out requests immediately and send confirmation of unsubscribe completion.
Enforcement Mechanisms: Violations trigger three enforcement paths: FCC regulatory actions with fines up to $43,792 per violation, individual lawsuits for $500-1,500 per message, and class action suits aggregating thousands of violations.
Liability Assignment: TCPA holds businesses strictly liable for violations regardless of intent. Using third-party services doesn’t transfer liability - the business whose products or services are promoted bears ultimate responsibility.
Best practices with TCPA
Document Every Consent Meticulously - Capture timestamp, IP address, exact disclosure text shown, webpage URL, and customer identifier for every opt-in. Store records in immutable formats that prove authenticity in court.
Use Clear, Conspicuous Disclosure Language - Write consent language at 8th-grade level in contrasting fonts near submit buttons. State: “By providing your number, you agree to receive recurring automated marketing messages. Consent not required for purchase. Msg & data rates apply.”
Implement Double Documentation Systems - Maintain consent records in both your messaging platform and separate backup system. Court cases often hinge on producing original consent records years later.
Audit Consent Collection Points Quarterly - Review all web forms, point-of-sale systems, and paper forms collecting phone numbers. One forgotten form without proper disclosures can trigger massive liability.
Train Every Employee on TCPA Basics - Staff adding numbers manually, even with good intentions, create violations. Implement systems preventing manual additions without verified consent documentation.
Separate Marketing from Transactional Messages - Maintain distinct opt-in lists for different message types. Adding “Visit our sale!” to appointment reminders converts them to marketing messages requiring different consent.
Engage Specialized Legal Counsel - TCPA interpretation evolves through court decisions. Regular legal reviews of your compliance program cost far less than defending a single lawsuit.
Real world examples
- Healthcare
Avoided $2M in fines through automated TCPA compliance systems
Read more - Education
Protected 50K student communications with proper consent protocols
Read more
Common misconceptions
TCPA fully governs SMS/MMS messaging. Text violations often face stricter enforcement than voice calls with identical penalties.
TCPA applies to all businesses regardless of size. Even sole proprietors face full liability for violations.
Consumers can collect statutory damages of $500-1,500 per message without proving any actual harm or damages.
TCPA enforces strict liability with no warning period. First violations face full penalties immediately.
Related terms
In this article:
Ready to use your business number for text messaging?
Thousands of businesses are already experiencing the power of conversational messaging through SMS. Join us. Free trial and paid tiers available.
Get Started
FAQ
Have questions? We've got answers.
Find what you need quickly and clearly with our most frequently asked questions.
TCPA requires businesses to obtain prior express written consent before sending marketing texts, maintain detailed consent records, honor opt-out requests immediately, and identify themselves in messages. It covers all automated texting systems and applies to both SMS and MMS. The law distinguishes between marketing messages (requiring written consent) and transactional messages (requiring prior consent), with violations carrying penalties of $500-1,500 per message regardless of intent.
Build compliance into every step: collect explicit written consent with clear disclosures, store time-stamped consent records indefinitely, implement automatic opt-out processing for multiple keywords, send immediate confirmations for all subscription changes, and regularly audit your processes. Use platforms like Clerk Chat that include built-in TCPA compliance features. Train all staff handling customer data and establish written policies documenting your compliance procedures.
TCPA violations cost $500 per message, or $1,500 for willful violations. Class action settlements average $5-50 million, with some exceeding $250 million. Beyond fines, businesses face legal fees ($100K+ for defense), operational disruption, damaged reputation, and potential criminal charges for egregious violations. A 10,000-message campaign sent without proper consent could result in $15 million in maximum statutory damages plus legal costs.
Marketing messages promote products, services, or brands and require prior express written consent with specific disclosures. Transactional messages relate to existing relationships (appointment reminders, delivery notifications, account alerts) and require prior express consent, which can be verbal or implied through business relationships. The distinction affects consent requirements but both must allow opt-out. Mixing marketing content into transactional messages converts them to marketing, requiring written consent.
No, existing business relationships don't automatically permit texting. Each communication channel requires separate consent - email permission doesn't transfer to SMS. You must obtain explicit consent for texting even from long-time customers. However, you can invite existing customers to opt-in through other channels they've approved. Many businesses achieve 20-30% SMS adoption from existing customer bases through proper consent campaigns.
Retain consent records indefinitely, or at minimum 4 years after the last message sent. TCPA has a 4-year statute of limitations, but class actions can reach back further. Store complete records including consent timestamp, exact disclosure language shown, IP address for digital consent, method of consent, and any preference changes. Electronic storage with secure backups protects against data loss while enabling quick retrieval for compliance audits.
