In response to the boom in SMS marketing and A2P messaging, legislators across the globe have enacted new legislation and updated old laws and regulations to protect consumers from fraudulent SMS abusers. Maintaining compliance with these regulations is imperative for businesses as violating them can carry substantial penalties and fines.
We’ve developed this quick overview to help you be aware of what regulations to follow and the potential consequences of being out of compliance.
What regulations should I know about?
Though each country will have its own set of consumer data protection laws, following the most strict set of regulations will keep you compliant in most countries.
This set of regulations applies to the personal data of all EU citizens. GDPR regulations are the most strict as they treat nearly everything, including IP addresses, as personal consumer data. GDPR Compliance Guide
These regulations apply to the United States and do not cover as much as the GDPR, however, fines can still pile up quickly as each message sent out of compliance is considered an individual violation. CTIA SMS Messaging Guidelines
Enforced in Canada, these regulations are the least strict as they don’t apply to certain government organizations. Though they may be the least comprehensive, penalties can still be quite severe. PIPEDA Compliance Guide
What if I get this wrong?
As consumers around the world have become more protective of their personal data, they have also become more likely to report issues of abuse. Regardless of the intentional or unintentional violation of the regulations, data protection authorities have proven they will issue fines to the offending organizations.
- TCPA fines range from $500 to $1500 per violation.
- In 2017, Dish Network was fined $280 million for TCPA violations
- GDPR fines can be as high as 4% of a company's global annual revenue or up to €20 million
- Google was fined €50 million for GDPR violations in France.
What steps can I take right now?
Having the correct SMS compliance policies, procedures and systems in place will help prevent data protection violations and reduce fines from unintentional violations. Take these actions as a first step to avoid penalties and fines for being out of compliance.
- Establish standardized policies for SMS compliance, based on GDPR, TCPA and PIPEDA principles, and CTIA messaging guidelines.
- Use automated data validation and consent forms to keep your databases compliant.
- Integrate your SMS messaging with an SMS API to centralize your SMS sending and avoid sending text messages through a non-compliant channel.
- Report and correct data protection violations immediately to protect your business from maximum fines. It takes time for consumer complaints to be processed and reviewed. So, you can’t assume the issue hasn’t been reported just because you haven’t received any official notice about it.
To learn more about SMS regulations and best practices, download the Telnyx State of SMS: 2020 eBook today.
Share on Social