SMS Laws, Regulations, & Abuse Prevention

SMS is one of the most direct ways to reach your users and customers. Therefore, regulations must exist that prevent brands from abusing or over-using this relationship, and fines for violations could cost thousands of dollars. In this article, you’ll be provided with some resources and practical guidance that will allow you to work within the bounds of regulations and laws while still communicating effectively and strategically with your customers.


Here are some links you might need to consult as you build up your SMS campaign:

Considerations for Compliance

Data and Privacy

A customer’s privacy is key to a meaningful and respectful relationship. Respecting a customer’s privacy and information is just another opportunity to create a bond between them and your brand. Sometimes, using marketing tools can put data and privacy last.

Luckily for you, Braze follows the guidelines of many security regulations, including GDPR.

The CTIA recommends that you maintain and conspicuously display a clear and easy-to-understand privacy policy.

Opt-in, help, and opt-out options are an absolute must when creating SMS campaigns.

The TCPA (Telephone Consumer Protection Act) mandates that a business must receive “express written consent” in order to send customers messages - you can do this in a multitude of ways, including web or mobile. You must be clear with the customer about how you intend to use SMS to communicate with them.

Remember to comply with the National Do Not Call Registry.

Braze uses Subscription Groups to manage groups of users based on their level of consent.

Spam and Cadence

Similar to email, your users or customer can experience inbox burnout. But this is only one reason not to relentlessly message your customers. You should look specifically at Section 5 of the FTC Act to ensure compliance (in the U.S.).

Some spam considerations are built into SMS capabilities in general (long and short code sending limits), as well as Braze’s own rate limits. However, you should still take the compliance laws into consideration when planning your campaigns.


This can be a tricky one, but when in doubt, avoid topics that involve violence, sex, drugs, tobacco, or other paraphernalia. Be wise when sending messages regarding these topics - you may still be charged for messages that are blocked by various carriers.

The CTIA (a trade association representing the wireless communications industry in the United States) recommends that you follow SHAFT Compliance, which defines the following topics as generally “illegal” when messaging in the United States:

  • Sex
  • Hate
  • Alcohol
  • Firearms
  • Tobacco

You can read more about the CTIA’s Messaging Principles and Best Practices for 2019 here.


Please ensure you comply with the TCPA (Telephone Consumer Protection Act), which dictates that you shouldn’t send messages during late hours (see the regulation’s contents for exact hours). However, you shouldn’t send messages that late anyway - don’t you want high engagement?


Most of these best practices apply to guidelines set forth in the United States of America. If you are reaching customers outside of U.S. regions, please research best practices and laws in those areas. It is always best practice to act in a way that adheres to the most stringent regulations, which are usually applied in the United States, Canada, and countries part of the European Union.

Better to be safe than sorry!

New Stuff!