What is the TCPA and does it apply to SMS marketing?

The TCPA, Telephone Consumer Protection Act, is a US law governing marketing calls and texts, and yes, it applies to SMS marketing. It requires that you have proper consent before sending marketing texts, honor opt-outs, and follow rules about how and when you message. Because SMS reaches people directly on their phones, the rules are strict and the penalties for violations are significant, which is why SMS marketing has to be run with compliance built in from the start.

What consent do I need to send marketing texts?

Generally, prior express written consent for marketing SMS: the person must clearly agree to receive marketing texts, with disclosures about what they are signing up for, and you must keep records of that consent. A pre-checked box or burying consent in unrelated terms does not meet the standard. The consent has to be specific, clear, and documented. Getting consent right is the single most important part of SMS compliance, because sending without it is the core violation.

Do I have to let people opt out of SMS?

Yes, and you must honor it promptly. Recipients must be able to opt out easily, typically by replying with a keyword like STOP, and once they do, you must stop sending marketing messages. Honoring opt-outs reliably is a legal requirement, not a courtesy, and failing to do so is a common and costly violation. Your SMS platform should handle opt-outs automatically, but you remain responsible for ensuring it works.

What are the risks of non-compliant SMS marketing?

The TCPA carries statutory penalties per violation, and because that is per message, the totals can become very large quickly, and the law has driven significant class-action litigation. Beyond the legal exposure, non-compliant texting damages trust and your sender reputation. The combination of real financial penalties and reputational harm is why SMS, despite being a high-performing channel, must be run with consent, opt-out, and record-keeping handled properly from day one.

Playbook Compliance-safe marketing

TCPA and SMS marketing compliance

SMS is one of the most effective ecommerce channels and one of the most regulated. The TCPA governs consent and opt-out, and the penalties are real. Here is how to run SMS marketing compliantly.

January 26, 2027 7 min read

SMS is one of the highest-performing channels in ecommerce, messages get opened in seconds, and one of the most heavily regulated. TCPA SMS marketing compliance governs how you can text customers, and because it carries statutory penalties per message and has driven major class-action litigation, the downside of getting it wrong is severe. The good news: compliant SMS is entirely achievable with consent, opt-out, and records handled properly. Here is how.

Why SMS is so regulated

SMS reaches people directly on the device they carry everywhere, which makes it powerful and intrusive, and the law treats it accordingly. TCPA text messaging requires proper consent before marketing texts, mandates easy opt-out, and sets rules about messaging. Because violations carry statutory penalties per message, costs scale fast, and the channel has been a magnet for class actions. That risk profile is exactly why SMS has to be built compliant from the start, not retrofitted after.

SMS penalties are per message. That arithmetic turns a sloppy list into a catastrophic liability faster than almost anything else in marketing.

The three pillars of TCPA SMS marketing compliance

Get proper consent

Marketing SMS generally requires prior express written consent: the person clearly agrees to receive marketing texts, with disclosures about what they are signing up for, and you keep records. A pre-checked box or consent buried in unrelated terms does not qualify under the SMS consent rules. This is the heart of compliance, sending without proper consent is the core violation, so get the signup right.

Honor opt-outs promptly

Recipients must be able to opt out easily, typically by replying STOP, and once they do you must stop marketing to them. Honoring opt-outs reliably is a legal requirement; failing to is a common, costly mistake. Your platform should automate it, but you remain responsible for ensuring it actually works.

Keep records and follow the rules

Maintain records of consent, and follow the rules about how and when you message. Good record-keeping is what lets you demonstrate compliance if challenged, the documentation is part of the protection, not an afterthought.

Compliant SMS marketing

Treat the TCPA as governing all your marketing texts
Get prior express written consent, clear and specific
Never rely on pre-checked boxes or buried consent
Keep records of every consent
Make opt-out easy, typically reply STOP
Honor opt-outs promptly and verify your platform does
Get qualified legal guidance for your specific program

SMS compliance is compliance-marketing at its highest-stakes: a channel that performs brilliantly when run right and creates serious liability when run carelessly. The operators who win with SMS build consent, opt-out, and records in from day one, turning a legal minefield into a compliant, high-performing channel that customers actually welcome.

If you run or want to run SMS marketing and want to be sure your consent and opt-out practices are compliant, that review is exactly the kind of risk-reducing work a Growth Audit can help scope.