SMS Compliance: TCPA, Quiet Hours, and Best Practices

Sending business text messages in the US means following TCPA (Telephone Consumer Protection Act) rules, carrier policies, and industry best practices. Non-compliance leads to carrier filtering, number suspension, and potential legal liability.

TCPA Requirements for SMS

The TCPA applies to all commercial text messages sent to US phone numbers. Key requirements:

1. Consent before sending

• Transactional messages (order confirmations, appointment reminders): Require express consent — the customer gave you their number for this purpose.
• Marketing messages (promotions, offers): Require express written consent — the customer explicitly agreed to receive marketing texts (e.g., checked a box on a form).

2. Identification

Every message must identify who is sending it. Include your business name in the message body.

3. Opt-out mechanism

Every message (or at minimum, the first message in a thread and periodic reminders) must include opt-out instructions. Standard: "Reply STOP to unsubscribe."

4. Honoring opt-outs

Process opt-outs within 10 business days (carriers enforce instantly). JustCall handles this automatically.

5. Record keeping

Maintain records of consent for each contact. If challenged, you must prove the contact opted in. Store consent records for at least 5 years.

Quiet Hours

Do not send marketing messages outside these windows:

JustCall tip: Use scheduling in Bulk SMS to send messages only during permitted hours. JustCall does not automatically enforce quiet hours — you are responsible for scheduling messages appropriately.

Transactional messages (appointment reminders, OTP codes) are generally exempt from quiet hour restrictions, but sending a 3 AM appointment reminder is still a bad customer experience.

A2P Messaging Rules

All business SMS in the US is classified as A2P (Application-to-Person) messaging. Carrier rules for A2P:

1. 10DLC registration required for local numbers. See 10DLC Registration Guide.
2. Toll-free verification required for toll-free numbers.
3. Content restrictions — carriers block certain content categories regardless of consent (cannabis, firearms sales, adult content, high-risk financial services).
4. Throughput limits — based on your 10DLC trust score and campaign type.
5. No shared short codes — each business must register its own messaging identity.

Carrier-Specific Filtering

Each major US carrier filters differently:

Avoiding carrier filtering

• Complete 10DLC registration before sending at scale.
• Avoid URL shorteners — use your own branded domain for links.
• Don't send identical messages to large lists — personalize with the recipient's name or details.
• Avoid ALL CAPS, excessive punctuation (!!!), and spam trigger words (FREE, WINNER, ACT NOW, LIMITED TIME).
• Keep opt-out rates below 2%. High opt-out rates signal unwanted messaging.

Consent Best Practices

Do

• Collect consent at the point of interaction (checkout form, booking page, in-person signup).
• Use clear, specific language: "I agree to receive appointment reminders via text from [Business Name]."
• Keep the consent checkbox unchecked by default.
• Send a confirmation message after opt-in: "Welcome! You'll receive appointment reminders from [Business]. Reply STOP to opt out."
• Log consent with timestamp, source, and IP address (for web forms).

Don't

• Buy contact lists and text them.
• Add consent language buried in Terms of Service that nobody reads.
• Pre-check consent boxes.
• Text contacts who gave you their number for a different purpose (e.g., calling only).
• Share or sell opt-in lists between businesses.

Penalties for Non-Compliance

Related Articles

• SMS Opt-In and Opt-Out: How Consent Works
• 10DLC Registration: What It Is and Why You Need It
• Why SMS Messages Fail to Deliver
• Toll-Free Verification Rejection Reasons