SMS Consent: Why E-Commerce Brands Must Be Super Careful About Who They Text

In May 2014, Sprint got fined $7.5M for "mistakenly" sending text messages to customers who had already opted out.

Now it's easy to dismiss that as a "big corporation problem", but did you know that even small e-comm brands can face far bigger fines for lesser offenses?

Sprint's offense was texting customers who had specifically opted out of SMS. However, according to the USA’s Telephone Consumer Protection Act, 1991, simply texting customers who have not specifically given express consent for SMS marketing makes you liable for a fine of $500 to $1500 for each unsolicited text.

Understand that by express consent, I don't mean simply getting them to give you their phone number. Unlike email marketing, SMS marketing requires them to fully understand what you'll be texting them about and actively indicate that they're fine with it.

For example, adding a legal disclosure to your SMS sign-up form is the most popular means of getting valid express consent in the US.

As for the UK, there are numerous laws on SMS consent (GDPR, DPA, etc.) but generally, in addition to reading the disclosure, customers must also tick a checkbox to indicate they understand what they’ve read.

Note that the consent must be freely given. It can’t be a prerequisite for ordering your products, and you can’t pre-check the checkbox (if you use one).

Finally, just so you understand how huge this is; let's say you have an SMS list of 5,000 contacts who gave you their numbers at checkout, but didn't tick a checkbox or give you express consent through any other valid means.

Even if you text them just once and get slapped with the minimum fine of $500, 5000 contacts x $500 is $2.5M. If you get the maximum fine of $1500, that's $7.5M. And again, that's if you text them only once.

Moral of the story: Not having airtight SMS consent can easily cripple an e-comm brand.