10DLC Rules and Regulations You Need to Follow in the US
Consumer communications preferences have shifted heavily to texting, far outmatching traditional preferences for phone, email, and instant messaging. With an open rate of 98%, texting carries innumerable benefits for modern digital marketers. As a result, businesses are developing more consistent and efficient texting procedures to catch their customer base where their attention is. One leading method to do so is 10-digit long codes (or 10DLC).
If your business is considering adopting 10DLC in its marketing plan, it’s essential to familiarize your employees with 10DLC rules. They will directly impact your ability to make efficient use of this new medium of B2C communication – and you must align your policies with the 10DLC regulations for consumer consent, rate limits, and best industry practices.
When Do 10DLC Rules Apply?
10DLC is a way of facilitating application-to-person (A2P) texts with traditional long-code phone numbers. Before, telecom companies blocked such use of long-code numbers, having created Common Short Codes for the purpose instead. Until 10DLCs, regulators only allowed short codes to be used with software-controlled texting (e.g., 2FA and automated account notifications).
Now, 10DLC enables A2P texting with traditional 10-digit numbers, which are more affordable than short codes and potentially have higher message throughput rate limits. While SMS Short Codes allow mass texting at a rate of about 100 Messages Per Second (MPS), 10DLC regulations provide different rates for different Use Cases. They also base rate limits on a “Trust Score” – a rating based on reputation, brand recognition, and compliance with your stated Use Case.
Use Cases also determine the allowable message rate according to the exact use of your 10DLC. After a 10DLC registration, your company’s “Declared Use Case” is the primary non-marketing purpose for a 10DLC, such as 2FA, Account Notifications, and Customer Care.
There are also “Special Use Cases” for the following categories (listed from lowest to highest MPS):
- Proxy, aka “Conversational”
- Agents, Franchises, and local branches
- Charities and registered Nonprofits
- Emergency Services
- Social Engagement
The goal of 10DLC is to allow businesses to communicate with their customers on a consensual basis through software-controlled procedures while simultaneously blocking as much potential spam or abuse as possible. To this end, there is an extensive list of 10DLC rules and regulations businesses must follow when using 10DLC numbers. Most simply, if your company uses A2P technology with long codes in the US, 10DLC legal regulations apply – in fact, business texts through P2P long codes have become a finable offense.
The 10DLC regulations are based on Cellular Telecommunications Industry Association (CTIA) guidelines, outlined in its Messaging Principles and Best Practices (MPBP) PDF. The document presents “voluntary best practices developed by CTIA’s member companies” and covers standard P2P texting regulations.
The MPBP states that for P2P messaging “operating in a manner inconsistent with typical Consumer operation,” the CTIA may subject messages to filtering or “threat mitigation efforts.” To be sure you are operating within allowable limits, businesses are advised to assume that all text messaging to consumers constitutes A2P.
Essentially, for any B2C texting at all – whether truly A2P or not – it’s essential to obtain each text recipient’s consent first. Like MPS rates, the threshold of consent depends on the Use Case, as follows:
- Telemarketing requires prior written consent that is clear, conspicuous, unambiguous, and specific regarding what the subscriber is signing up for.
- Informational messages – such as basic information related to services or products the subscriber has already signed up for – only require express consent. An example would be when a cell phone number is provided on a college enrollment application, in which case, giving the phone number itself is considered consent to receive information related to the admissions process.
- Emergencies do not require consent – but abuse of this function could easily result in severe adverse legal action.
Content & Timing
The limits on informational messages are that the contents must be directly related to the service or product signed up for. In the above example, subscribers signed up for admissions-related updates – but this consent does not apply to unrelated promotions from the college. The messages must be specific to the admissions process or, at its broadest, the particular degree the recipient has enrolled in. Schools should also send messages between 8 am and 9 pm.
Beyond the exhaustive specifics of the CTIA’s consent guidelines (linked previously), the overarching goal is to cause businesses to think critically before sending any text. Essentially, the more well-calculated your message is in content and timing, the better it will be received – and that’s good for both business and legalities.
In the MPBP, it advises:
“Message Senders should use reasonable efforts to prevent and combat unwanted or unlawful messaging traffic, including spam and unlawful spoofing… [They] should take affirmative steps and employ tools to monitor and prevent Unwanted Messages and content.”
Further, every Use Case requires that the business provide a straightforward opt-out procedure, honoring all requests within 72 hours. 10DLC regulations encourage companies to keep an ongoing log of subscribers who have opted out to ensure error-free texting in the future. MPBP guidelines also require that messaging provide a clear and prominent link to your terms and conditions.
This is much easier to accomplish through an advanced and user-friendly enterprise-grade texting platform, enabling automatic integration of SMS data with other business apps and creating more seamless experiences for your employees and customers.
Guidelines or Laws?
The CTIA guidelines are voluntary, while the laws you must direct your legal team’s attention to are based on the Telephone Consumer Protection Act (TCPA). Written in 1991, the TCPA does not cover texting by name, but the case law has held that text messages fall under the same laws as phone calls. While the CTIA’s guidelines were written with the TCPA in mind, if there is any discrepancy between the two, the TCPA carries more enforceability.
However, the 10DLC application process creates a contractual relationship between you and the regulatory agencies, meaning the CTIA’s regulations are likely to be upheld by the courts as fully enforceable on their own as a condition of the contract. Regardless, the penalties and fines in the CTIA were closely aligned with the TCPA penalties.
Penalties for Violating 10DLC Regulations
In the TCPA regulations, penalties are often given per occurrence – meaning any mistake made by your A2P software could easily result in fast-accumulating fines if you aren’t careful. The penalties range from $500 per text message to $1,500 for violations found to be willful. In addition to individual fines, you could also be subjected to class-action lawsuits and lawsuits against your business by federal/state entities. If anything goes wrong, a high MPS could become a curse, so it’s imperative not to cut corners on your A2P platform and thoroughly master its use.
How Recent Case Law Affects 10DLC Rules
Beyond any written regulation, statute, or even legislative act, the exact definition of a law is essentially what the highest court determines the law means. The Supreme Court ruling on the 2021 Facebook case had specific ramifications on how the TCPA can be applied in the future and how regulators can use it.
At issue was the limit and extent to which “autodialers” can be used – or, more fundamentally, what even constitutes an autodialer. The term relates to the origins of the TCPA, which was essentially a response to growing public concern over the original spam: automated telephone sales calls. This unsolicited use of people’s phone numbers prompted efforts to make it harder for companies to abuse the national telephone system.
Most recently, the Supreme Court held that the definition of an autodialer was a device that can store or produce a telephone number with a random or sequential generator, regardless of human input. If a system lacks that capacity, it is no longer considered an autodialer, even if it lacks human input. This stops all courts from labeling A2P technology as autodialers, making it easier for businesses to apply A2P technology to their marketing and communication efforts – so long as they heed the stringent consent laws.
Managing Your A2P System as Accurately as Possible
Considering how quickly A2P texting errors could accumulate into thousands of dollars in fines, any business serious about leveraging a 10DLC should ensure they follow the relevant laws. To do so, it’s essential that they also have the most effective SMS texting applications in place – preferably those designed to integrate directly with the company’s broader data-management systems seamlessly.
10DLC rules are much easier to follow with TrueDialog’s industry-leading text-management platform. Designed fully with the needs of 10DLC users in mind, TrueDialog has been helping businesses provide superior customer support and marketing solutions for over a decade. If you’re interested to see how 10DLC can vastly increase your business’s capabilities, contact TrueDialog for a free trial today.