TCPA and CTIA Compliance

A quick primer on the Telephone Consumer Protection Act (TCPA) and Cellular Telecommunications Industry Association (CTIA)

If you’ve never heard of the TCPA and CTIA, here’s a quick primer for how to follow best practices and guidelines for SMS messaging. Note, this post is meant for general information only, for legal advice, please consult a professional.


The Telephone Consumer Protection Act (TCPA) is a federal law in the United States that regulates how brands and organizations can contact consumers via phone calls or text messaging. You can read a breakdown of the FCC guidelines here but we also broke them down for you below:

  1. You must have express consent before messaging.
      • Solicitation messaging requires proof of written consent. Evidence may include electronic opt-ins via mobile keyword and online sign-up pages. Written consent may be evidenced by paper sign-up forms explicitly describing SMS messaging content.
      • Non-solicitation messages (e.g., internal communications, emergency alerts) require documented written or verbal consent
  1. Messages may be sent only from 8:00 a.m. to 9:00 p.m., recipient’s time.
  1. You should make sure your message frequency matches your disclosures.
  1. You must only send message content that matches what the subscriber initially opted in to receive.
      • For example: If a subscriber texted your support line for product help, you cannot send them marketing material as well.
  1. Messaging programs must allow opt-outs by any reasonable means, and senders may not restrict opt-out methods.
      • Avochato has built-in mechanisms in place to adhere to these standards. If one of your contacts texts in STOP, STOPALL, UNSUBSCRIBE, CANCEL, END, and QUIT, they will no longer be able to receive messages from your number. If this was done by mistake, they will need to text in START to opt-in.
  1. Failure to adhere to the guidelines of the TCPA can be costly. Every TCPA violation is subject to a fine of up to $1,500 per message sent per recipient.

The Cellular Telecommunications Industry Association (CTIA) is a trade organization for U.S.-based wireless carriers (i.e. Sprint, T-Mobile, Verizon, and AT&T) that creates guidelines for SMS marketers. Unlike with the TCPA, consumers can’t sue brands when they violate CTIA guidelines.

Read the complete CTIA handbook here.

Below are the four principles from the handbook that provide the baseline for all requirements.

  • Display clear calls-to-action. All programs must display a clear call-to-action. Customers must be made aware of what exactly they are signing up to receive.
  • Offer clear opt-in mechanisms. Customers must consent clearly to opt into all recurring-messages programs. Requiring a customer to enter a mobile phone number does not constitute a compliant opt-in. Instead, customers must understand they will receive messages and consent to receive them.
  • Send opt-in confirmation messages. A confirmation message must be sent to customers always. For recurring-messages programs, confirmation messages must include clear opt-out instructions.
  • Acknowledge opt-out requests. Shortcode service providers must acknowledge and act on all opt-out requests. Monitoring procedures confirm successful opt-out.
Did this answer your question?