Understanding regulatory requirements for text messaging isn’t a one country fits all approach. Every country has a unique set of regulations and processes that you need to follow. Which means you have to do a lot of detailed research that takes time and resources. And keep checking because requirements change quite often.
That’s why we’ve created this guide to Text Messaging Regulatory Compliance. It features the detailed insights you need concerning key legislation in North America and the European Union, where compliance is currently the most strict.
Key Questions for Text Messaging Regulatory Compliance
The following questions and answers concerning regulatory compliance provide an overview of regulatory compliance. For detailed insights, be sure to download your free guide.
What is regulatory compliance?
Each country has its own regulatory bodies for communications between businesses and their audiences. These regulations were originally designed for phone and emails. They have now expanded to include text messaging. Some countries have minimal regulations, while others have extremely strict laws with significant penalties.
Regulatory compliance means that you follow the regulations for a specific country concerning:
- Who you send messages to and how they give you permission to send to them,
- The type of content you send to them,
- How you use and protect their personal information,
- How your recipients can opt-out of your messaging, and
- How you track all of your communications with your audience members to provide an audit trail.
Which regulations do I have to follow?
That depends on which country you are sending messages. The regulatory body of the receiving country governs your text messages. If you’re sending to a prospect in the UK (or any European Union country), then GDPR governs your messages. If you’re sending to the US, then the TCPA legislation governs your messages. For Canada, it’s the CASL. And the list continues.
What are the differences between all these laws in different countries?
Compliance laws are designed to protect consumers from the growing levels of spam we all experience, as well as to protect personal data. They vary between countries. For example:
- The most recent EU legislation, the Global Data Protection Regulation (GDPR), applies the strictest levels of control to date, as well as significant financial penalties for non-compliance.
- The state of California recently passed the California Consumer Privacy Act (CCPA) which will go into effect in 2020. It mirrors, and in some ways expands on, the strict privacy requirements and controls of the GDPR. This state law is expected to supercede TCPA regulations in California.
- The Telecommunications Consumer Protection Act (TCPA) and Canadian Anti Spam Law (CASL), are the governing laws for the US and Canada respectively. They focus on preventing spam and protecting personal data as well. They are not as strict in some ways as GDPR, however they do require consent and opt-outs and limit how you may process and use personal data.
- Other countries have lower levels of regulatory compliance, although controls are increasing globally.
We recommend that you instrument your messaging processes to meet the stricter requirements of GDPR. We expect all countries to follow the path of the EU, increasing the controls over consent to communicate and the requirements for protecting personal data. It’s best to be prepared rather than having to re-architect your messaging processes in the future.
What’s your recommendation to meet text messaging compliance?
Again, that depends on where you are sending your messages. For best practices compliance at a general level, here’s what we recommend:
- Always receive consent before you message a prospect or customer. That consent can come from a web form, text opt-in or even a customer contract. Be sure you get consent for text messaging specifically. Consent for other channels does not cover messaging consent.
- Be sure you let your recipients know that they can always opt-out of your messaging by sending a keyword, like STOP.
- Log consent, as well as all communications with each recipient, in a protected and secure database, like your CRM. You may need to produce a record’s history as an audit trail if the recipient requests it.
- Only send your audience information that is relevant to the content they requested. Remember, consent is related to specific types of content, not just your channel of communications.
- If a recipient opts-out, honor that opt-out. Record it in your database and block all future messaging communications with that person.
Aside from these basics, use common sense when it comes to text messaging. Be thoughtful, don’t over communicate, don’t over promote and above all – don’t be a pest!
The Bottom Line
The above information is a small facet of what you need to know about text messaging compliance. The reality is that compliance involves a web of legislation that reaches from country to country. Which is why we recommend that you work with a messaging vendor who truly understands and supports the intricacies of text messaging regulatory compliance.
Get started right now. Just download your free guide below. You’ll be glad you did!