Disclaimer

This information does not constitute legal advice. Technolutions provides it as a starting point for understanding text messaging compliance. We strongly encourage all Slate institutions to consult their own legal counsel to ensure that all text messages comply with applicable laws.

Why Text Messaging Requires Care

Text messaging is one of the fastest and most effective ways to reach students, alumni, and families. Because texts go directly to an individual’s phone, they are more strictly regulated than email. In the United States, the primary law governing text messaging is the Telephone Consumer Protection Act (TCPA, 47 U.S.C. § 227). The TCPA regulates telemarketing and other unsolicited communications to protect individual privacy. Key points include:

• Restrictions on auto-dialers, pre-recorded voice messages, text messages, and faxes for marketing purposes without prior consent.

• Individuals may pursue legal action for violations of $500 - $1,500 per violation.

• Spam text messages are defined as “an unsolicited advertisement transmitted to any person without that person’s prior express invitation or permission, in writing or otherwise.”

For institutions, even messages that appear mostly transactional in nature can be interpreted as marketing if they advertise, recruit, or encourage action. Courts and regulators assess the content and the purpose of the message not simply your perception of what the message content is.

Note

Not following these best practices and recommendations might result in legal action/consequences. We encourage you to comply with all of them to ensure the success of your text messaging efforts.

Best Practices: Obtaining Consent for Text Messaging

Obtaining valid consent is the foundation of any compliant text messaging program in higher education.

What Does Effective Consent Look Like in Higher Ed?

1. Explicit and Verifiable Consent

   1. Each recipient must provide direct consent to receive messages at their own phone number

   2. Consent must be explicit, specific to SMS and verifiable

   3. Consent for other modes of communication does not automatically extend to SMS or robocalling.

2. Clear, Unambiguous Language

   1. Forms that collect phone numbers and opt-in information should clearly describe what types of messages will be sent (e.g., event reminders, financial aid deadlines, campus safety alerts, giving alerts etc.)

   2. Forms should include expected message frequency (e.g., five texts per semester) and note that standard message and data rates may apply.

3. Individual Opt-In

   1. Each phone number must have its own opt-in process. Consent must be tied to each individual phone number collected.

   2. Blanket consent should be avoided. Each phone number collected must have their own opt-in checkbox.

4. Record Keeping & Auditability

   1. Utilize forms to collect and store opt-in information, creating a verifiable record of the date, time, and context in which consent was obtained. This is critical for demonstrating compliance if questions or complaints arise.

   2. Refrain from deleting form responses or running retention policies on Form Responses that store this opt-in information.

   3. Periodically allow and remind your recipients of their messaging preferences to reinforce transparency.

   4. Respect the decisions of your recipients.

5. Opt-Out and Preference Management

   1. Text messages should include clear opt-out options e.g., Reply STOP to unsubscribe.

   2. Opt-outs should be honored across all institutional messaging systems to ensure consistency. When a recipient opts-out of text messaging, they’re expecting to stop receiving all SMS messages from your institution, not just from your department or Slate database. As a recommendation, we recommend sharing opt-in/opt-out information as necessary with relevant campus offices to ensure that opt-ins/opt-outs are maintained across platforms.

Robocalling and TCPA Compliance

Robocalling, or the use of a pre-recorded or automated voice message is subject to some of the most restrictive provisions in the TCPA. It is important to understand that robocalls do fall under the same legal framework.

A robocall generally involves the following:

• The use of an automated system to dial numbers

• The delivery of a pre-recorded or artificial voice message.

Under the TCPA, these types of communications cannot be sent to a phone number without prior consent. As a best practice, if your institution uses robocalling, we encourage collecting consent for robocalling. Here is an example of an opt in for robocalling:

“By providing my phone number, I agree that Slate University may send me automated or prerecorded calls about important updates and events. Standard rates may apply. I can opt out at any time.”

Appropriate Calling and Texting Times

TCPA regulations establish boundaries for when organizations can contact individuals via phone or text. SMS and Voice messages should be restricted to the hours of 8:00AM and 9:00PM local time of the recipient. While the TCPA does not set explicit time restrictions on messages of an informational nature (e.g., Classes cancelled; College is closed due to weather etc.) it is recommended as a best practice to follow the same windows to avoid disrupting recipients and to minimize complaints.

This provision is especially important when using Deliver Precision Timing within Slate to send text messages at specific times. Your staff should ensure that recipients are not contacted outside of these hours. Currently if Slate does not have geographic information stored on their record, text messages are automatically sent at 12:00AM Eastern Time which for most of the United States falls within those quiet hours (Alaska and Hawaii are the only states where it would still be an acceptable time to send those messages).

⏰If you don’t have a Rank 1 Address for a record, avoid using Deliver Precision Timing in order to remain in compliance with permissible calling and texting hours

In addition to federal standards, many states impose tighter restrictions on when you can call or text recipients. The federal baseline under TCPA generally permits communications between 8:00AM and 9:00PM (local time of the recipient).

However, several states have narrowed that window or banned certain days entirely. We encourage organizations to exercise due diligence in verifying state laws before sending communications during fringe hours or on weekends. Below are examples of some state-specific restrictions:

• Alabama & Louisiana: Communications allowed between 8:00AM and 8:00PM, but no communications permitted on Sundays or legal holidays.

• Mississippi: Communications allowed per federal guidelines, but no communications permitted on Sundays.

• South Dakota: Communications permitted between 9:00AM and 9:00PM on Monday - Saturday, but no communications permitted on Sundays.

• Utah: Communications permitted between 8:00AM and 9:00PM, but no communications on Sundays or holidays.

In addition, individual state laws such as Texas Senate Bill (SB 140) introduces significant changes for organizations communicating with Texans. SB140 extends telemarketing to cover both SMS and MMS messages and strengthens consumer protections under the Texas Deceptive Trade Practices Act (DTPA). This creates a direct path for recipients to pursue legal actions against organizations that violate consent and compliance requirements, increasing the risk of lawsuits.

These variations make compliance challenging, especially when recipients move across state lines. For instance, a text message sent at 8:30PM Central Time would violate Mississippi state laws if sent to a recipient in Mississippi.

Navigating these variations presents a significant challenge for institutions using text messaging. Even when carefully following multiple state regulations, it is imperative to ensure that you are messaging individuals correctly based on location data rather than area codes. It is recommended to maintain an internal practice that follows federal guidelines and where necessary also follows local state compliance in order to remain fully compliant.

Determining Time Zones and Calling Times

When sending text messages or configuring robocalls, compliance with the TCPA demands precise attention to recipient location; not assumptions based on area codes. Relying solely on phone number area codes is generally not a compliant practice and exposes your organization to significant legal risk. While area codes may offer a geographic clue, they do not accurately reflect where a person currently resides. As individuals can frequently relocate across the country, a phone number's area code may no longer match the recipients actual time zone.

For example, someone with a 212 area code (traditionally Manhattan, New York City) might now live in San Francisco. Sending a message at 8:00AM Eastern would reach them at 5:00AM Pacific, a clear TCPA violation. To remain complaint, you must ensure that communications is based on verified recipient location data, rather than outdated or assumed geographic information.

Collecting actual residence information such as Permanent Address, Mailing Address, or even Seasonal Addresses, at the time or around the time, consent is obtained is important in order to comply with both federal and state regulations. This approach supports proper TCPA compliance and allows for alignment with state-specific quiet hours.

By having precise location information, institutions can maintain regulatory alignment and ensure that messages reach recipients in the right context, at the right time, without relying on assumptions.

Potential Monetary Fines

Understanding the risk and potential fines are essential for any institution that communicates via Slate Voice or SMS.

Under the TCPA, the penalties are structured per violation.

• $500 per call or text for a first-time violation

• Up to $1500 per call or text if the violation is deemed willful or knowing, where the sender knowingly ignored the rules or failed to obtain consent.

For institutions that send thousands of messages these fines can accumulate rapidly. For example, sending 1,000 SMS messages without proper consent could theoretically result in a $500,000 - $1,500,000 fine.

In order to mitigate risk, we recommend:

1. Obtaining written consent before sending any message or calling.

2. Ensure that text messages and forms clearly and easily allow for easy opt-outs

3. Maintain clear and detailed records of consent and opt-outs. In the event your institution uses multiple texting services, maintain consistency across these platforms.

4. Train all staff on TCPA compliance. Anyone involved in sending texts or calls must understand the regulations around consent, frequency, and content.

Notes

The TCPA applies to calls and text messages sent to US phone numbers regardless of where the sender is located. If your institution is located outside of the United States, the TCPA still applies when texting US phone numbers.

International Laws

Many countries have laws similar to the U.S. TCPA that regulate text messaging, robocalling and other automated communications. While specific rules vary by country, common themes include requiring clear consent before sending text messages, being transparent about who the message is from, providing recipients with easy methods to opt out, and maintaining accurate records of consent. Penalties for noncompliance can be significant and vary by country ranging from $500 - $1,500 per violation to upwards of millions of dollars per violation.

Since colleges and universities often communicate with international students, families and alumni, it is important to understand that messages sent across borders may fall under legal frameworks. Technolutions strongly encourages each institution to research any applicable laws that apply to their target recipient lists and consult with their own legal counsel to ensure compliance.