Businesses looking to send SMS messages in the US must adhere to specific regulations and guidelines.

The following explanation is comprehensive, as businesses often approach us wanting to send texts that may not be approved.

Our response to such enquiries has three aspects:

If a case can be made on your behalf to legally send texts, we’ll make it. We’re willing to proceed with edge use cases where we think there’s a reasonable likelihood of success.
We operate within the US regulatory framework and where relevant our Know Your Customer (KYC) checks help us ensure our customers are legitimate. Fines for unlawful SMS in the US can be as high as $2,000 per text message, so we treat this very seriously.
An increasing trend (in 2024) involves algorithms used by aggregators or networks to identify spam, potentially flagging campaigns as suspicious. Their exact criteria are not known but increasingly AI driven. The SMS bounces in this case.

For legitimate intended uses, it's still important to complete the application form fully and accurately with the best intention for it to reflect the spirit of the actual messages expected. Our forms contain examples that should be carefully considered and amended to use.

Examples of problems that cost our customers both time and money in getting campaigns approved or in getting campaign SMS delivered are:

Not having clear, explicit opt-in check boxes that are for SMS separate to email.
Failing to display the required terms and conditions on the Call to Action (CTA) page.
Not making necessary changes to privacy policies.
Applying for a use case or with example messages and then sending different message types – these will almost certainly not get delivered.
Not providing as many different SMS examples as possible if there is a likelihood of sending different use cases.
Using a public URL shortener like bit.ly, or even using an internal or our Dotdigital shortener but then resolving it through a public shortener.
Not testing a campaign before sending to at least each of the main three networks; AT&T, T-Mobile, and Sprint.

SHAFT-C

The Cellular Telecommunications and Internet Association (CTIA) in the US provides guidelines for handling SMS content related to sex, hate, alcohol, firearms, tobacco and cannabis, collectively known as SHAFT-C.

Hate speech is never permitted, however, other SHAFT-C categories may sometimes be acceptable if businesses meet certain conditions and receive network approval.

Cannabis and CBD oil are legal in many states but illegal at a federal level. Since it’s not possible to know the location of a mobile at the moment it receives a message, it’s therefore not possible to send any of these messages by SMS. This includes kratom or drug paraphernalia. It applies to any SMS linked to these sites, including 2FA and pure delivery of parcel SMS.

Tobacco, vape, and e-cigarettes, although legal, are prohibited for all SMS messages, regardless of age restriction.

Other prohibited and disallowed content

In addition to SHAFT restrictions, there is other content disallowed by the carriers, for example:

Spam
Fraudulent or misleading messages
Depictions or endorsements of violence
Inappropriate content
Profanity or hate speech.

Special use cases that are not permitted or that require extra authorisation from T-Mobile or AT&T:

High-risk financial services, such as cryptocurrency, payday loans, or loans from non-direct lenders.
Debt forgiveness programmes, including credit repair, loan, consolidation, or debt relief.
A debt collection business that has direct consent from their end-users is acceptable
Endorsing or linking SMS messages to illegal substances like cannabis or illegal prescriptions.
Work and investment opportunities, including work-from-home programs, pyramid schemes, multi-level marketing, or job alerts provided by third parties.
Lead generation, deceptive marketing, or affiliate marketing that involves sharing collected information with third parties.
SMS for Work from home and make $$$ or investment schemes.
Gambling, including sweepstakes and contests.
Free-to-end-user programmes.
Some limited adult content.
Prescription drugs.
Charitable donations.
Emergency notifications.
M2M messages.
Abandoned cart reminders.

Full list of currently restricted content:

Carrier	Prohibited content
All Tier 1 carriers	SHAFT Sex, hate, alcohol, firearms or tobacco. SPAM, phishing, fraudulent or misleading messages. Gambling. Promotion of anything which is not federally legal. Shared short codes or long codes. Competing products and services to the carriers. Affiliate marketing programmes or content providers. Sharing subscriber information with third parties. Lead gen programmes or content providers. Marketing products or services that the content provider does not offer themselves or sell directly.
AT&T	Credit repair. Deceptive marketing. Work from home, secret shopper programmes. Distribution of malware or app downloads from non-secure locations. Loan, debt consolidation, debt relief, and student loan from indirect lenders, including loan advertisements. Abusive messaging. Messaging content that deceives or threatens consumers.
Verizon	Collections or past due messages. Programmes that group the subscriber’s opt-in consent with another action or form of consent. For example, `By completing this purchase you agree to receive SMS messages`.
T-Mobile	High-risk financial services Payday loans. Short term-high interest loans. Auto loans by a third party. Mortgage loans by a third party. Student loans. Debt collection. Debt forgiveness Debt consolidation. Debt reduction. Credit repair programmes. Illegal substances Cannabis Illegal prescriptions Work and investment opportunities Work from home programmes. Job alerts from third party recruiting firms. Risk investment opportunities. Other Gambling. Any other illegal content. Lead generation, including the sharing of collected information with third parties. Campaign types that are not in compliance with the recommendations of, or are prohibited by, the CTIA Short Code Monitoring Handbook, v1.7 or later. Campaign types that are not in compliance with the recommendations of, or are prohibited by, the CTIA Messaging Principles and Best Practices, 2019 version.

Recommendations related to prohibited content

Apply for a dedicated short code or 10DLC:
We have more guidance and experience with finding a way to get approval for edge cases and SHAFT-related content than on toll-free.
Required consent and disclosure practice that is even more relevant in these cases:
- Obtain express written consent from recipients before sending SMS messages.
- Provide clear and conspicuous disclosure of the consent agreement.
- Offer a regular opt-out mechanism for recipients.
Implement age gating.

Age gating

For industries involving age-sensitive content, registration for SMS campaigns must be placed behind an age gate that requires users to enter their full date of birth.

Examples that Dotdigital have assisted with include alcohol and firearms accessories (never firearms themselves).

To comply:

Verify the recipient's age before providing access to age-sensitive content or promotional materials. Recipients must actually enter their date of birth, not just select Yes to confirm.
Verification using ID such as a passport is not required.
Maintain a database of verified recipients.
Avoid using sensitive keywords in initial messages: don’t include words related to your business vertical in the initial SMS campaigns until the age gate has been entered and the legal age has been confirmed.

Abandoned cart reminders

Abandoned cart reminders are highly attractive messages with the potential to recover revenue. There are some restrictions to be aware of to ensure you are compliant when sending these messages:

The call-to-action must clearly state the campaign includes an abandoned cart reminder.
The recipient must double opt-in to receive these - first on the website and then through a reply to an SMS they receive.
Each opt-in must clearly state that the program includes abandoned cart reminders.
No more than one reminder text can be sent for each abandoned cart, and this must be sent within 48 hours of the abandonment.
The SMS must not result in the ecommerce site completing the sale or collecting payment.

Further details are available from Dotdigital on request.

Non-content restrictions

Shortened URLs

A brands shortened URL or the Dotdigital URL (dd2.io) are always accepted, but anonymous shortened URLs like bit.ly are highly likely to cause message failures. Public shorteners certainly fail on toll-free and we strongly recommend not using them with 10DLC or short codes either.

Unsupported URLs

This list may not be exhaustive.

bc.vc	is.gd	t.co
bit.do	lc.chat	t.ly
bit.ly	lc.cx	tiny.cc
bitly.com	ow.ly	tiny.url
bitly.ws	rb.gy	tinyurl.com
budurl.com	s2r.co	v.gd
clicky.me	shrtco.de	vurl.com
cutt.ly	slkt.io
goo.gl	soo.gd

Quiet hours

The quiet hours for SMS marketing are between 9pm and 8am.

The USA has up to 3 hours time zone difference within it, so if you do not know the location of your customers, marketing should be complete by 6pm EST and not start before 11am EST.

Compliance in Canada

The SMS industry in Canada is subject to very similar restrictions on the type of programmes as in the USA.

If there are potential borderline use case campaigns you would like to launch in Canada but not the USA, contact us to find out more.

Canadian short codes are ordered through https://www.txt.ca/en/ but we normally take care of this for you.

Canadian (Wireless) Telecommunications Association

The CTA (previously CWTA) is the governing body for all text messaging programmes to protect consumers from unwanted messages. They lay out several specific different requirements for Canada short codes.

All age gated content into Canada must be blocked unless, even with proper age-gating, a special carrier exemption is obtained.

Allowed age gated content in Canada includes:

pocket knives
lighters
non-alcoholic beverages.