Marketing text messages require prior express written consent under the TCPA — a signed, affirmative agreement that names your business and discloses that the person is agreeing to receive automated marketing texts. Informational texts require the lower tier, prior express consent. Every text sent without the right tier of consent is a separate statutory violation worth $500 to $1,500 to a plaintiff. The dollar amounts are the same as for voice calls, but texting concentrates the risk: a single broadcast can generate thousands of identical violations in one afternoon.
This article is informational, not legal advice. Consent questions specific to your lead flow belong with counsel. What follows is the operational view: what each consent tier requires, where the informational-versus-marketing line actually sits, what changed in the FCC’s revocation rules, and what your records need to look like when a demand letter arrives. For the broader send-day operational checklist — registration, opt-out mechanics, list hygiene — the companion piece is our SMS compliance checklist, and the voice-side equivalent is the TCPA compliance checklist.
Texts are calls, and consent has two tiers
The TCPA never says “text message,” but the FCC has long treated texts as calls under the statute, and courts have followed. Everything the TCPA says about autodialed calls to cell phones applies to texts sent through messaging platforms. That single interpretive move is why SMS is the most-litigated channel in TCPA practice: every message is individually logged, individually timestamped, and individually countable as a violation.
Consent comes in two tiers. Prior express consent covers informational messages — appointment reminders, delivery notifications, account alerts. Providing a phone number in a transaction generally establishes it, for messages closely related to the reason the number was provided. Prior express written consent covers anything that advertises or telemarkets. It requires a written agreement — electronic signatures count under E-SIGN — with a clear and conspicuous disclosure that the person agrees to receive automated marketing texts from your specific business, that consent is not a condition of purchase, and the phone number being authorized.
The most common failure is not the absence of consent — it is holding the wrong tier. A customer who gave you their number at checkout consented to order updates. They did not consent to your holiday promo blast. Sending marketing on informational consent is the classic pattern in text-message class actions.
Where informational ends and marketing begins
The line is purpose, not tone. A message is telemarketing if it encourages the purchase of property, goods, or services — even partially. Courts and the FCC look at the message’s function, and a dual-purpose message is treated as marketing. “Your appointment is confirmed for Tuesday at 2” is informational. “Your appointment is confirmed for Tuesday at 2 — reply SAVE for 20% off a detailing package” just became a marketing text, and the whole message now needs prior express written consent.
Operationally, that means segmenting your sends by consent tier, not just by list. Numbers that arrived through a checkout flow or an intake form live in the informational pool until a real written-consent event upgrades them. Numbers that came through a marketing opt-in form — with the disclosure language displayed and the agreement recorded — can receive promotions. The mechanics of running large sends against a properly segmented list are covered in our guide to sending mass text messages legally.
One more boundary worth knowing: telemarketing texts are also subject to Do Not Call rules. A number on the National DNC Registry cannot receive marketing texts without an existing-business-relationship exception or written consent, which makes DNC scrubbing part of the texting workflow, not just the calling workflow.
Quiet hours: the 8 a.m.–9 p.m. fight
The TCPA restricts telephone solicitations to 8 a.m.–9 p.m. local time at the recipient’s location — and because texts are calls, plaintiffs’ firms have applied that window to marketing texts. Starting in late 2024, a wave of class actions targeted brands for promotional texts sent outside the window even where the recipient had consented, with one Florida firm reportedly filing more than a hundred such suits. Industry groups have petitioned the FCC to confirm that the quiet-hours rule does not reach messages sent with prior consent, and courts have divided on the question; it remains unresolved. Until it is, treat the window as binding on every marketing send — the scheduling mechanics, including deriving time zones from area code data, are in the SMS compliance checklist.
The one-to-one consent rule: vacated, not forgotten
In late 2023 the FCC adopted the “one-to-one consent” rule, aimed at lead-generation sites that collected a single consent checkbox and sold it to dozens of “marketing partners.” The rule would have required consent to name each individual seller, one business at a time. It never took effect: the Eleventh Circuit vacated it in January 2025, on the eve of its effective date, and remanded to the FCC.
The practical reading is not “comparison-shopping leads are safe again.” The vacatur restored the prior baseline — prior express written consent naming the seller — and the underlying litigation pressure on shared and resold consent never went away. Plaintiffs still attack lead-gen consent on the traditional grounds: the disclosure did not clearly identify the sender, the “partners” list was a hyperlink nobody saw, or the consent was captured for a different business entirely. If your text traffic runs on purchased or aggregated leads, treat each consent record as something you will have to defend seller-by-seller, whatever the rule’s final form on remand. The dialer-side history of this rule is covered in our automated dialer software guide.
Revocation: the 2025 rules and the 2027 date
The FCC’s 2024 revocation order rewrote how opt-outs work, and most of it took effect on April 11, 2025. Three pieces matter for texting operations. First, consumers can revoke consent by any reasonable means — you cannot require your designated keyword or an exclusive channel. Second, the FCC standardized keywords that must always be honored as revocation: stop, quit, end, revoke, opt out, cancel, and unsubscribe. A keyword handler that only matches STOP is no longer defensible. Third, revocations must be processed within a reasonable time not to exceed ten business days — though carrier messaging policy expects STOP suppression to be effectively immediate, so ten days is a legal ceiling, not an engineering target.
The rules permit one clarification message when a revocation’s scope is genuinely ambiguous — for example, a customer who receives both fraud alerts and promotions texts “stop” to one of them. That message must ask, not market, and if the recipient does not reply, you must treat consent as revoked across the board.
The order’s broadest provision — that a revocation received on one message type automatically kills consent for all unrelated calls and texts from your business — has been delayed twice and is now scheduled to take effect January 31, 2027, per the FCC’s January 2026 extension order (DA 26-12). Our A2P 10DLC news tracker follows that timeline. The operational advice does not change with the date: build opt-out suppression business-wide now, and the 2027 effective date becomes a non-event.
Records that survive a demand letter
TCPA demand letters follow a template: our client received texts from your number, produce your evidence of consent or pay per message. What settles the matter in your favor is not a policy document — it is a per-number consent record you can pull in minutes.
For each number, that record should capture: the timestamp of the consent event; the exact disclosure language displayed, versioned so you can prove what the form said on that date; the capture context — page URL and form version for web opt-ins, keyword and confirmation exchange for text-to-join, the signed document for paper; the phone number as entered; and the scope — which message types the person agreed to receive. Pair that with your suppression log: every revocation, its channel, its timestamp, and when suppression took effect. The gap between “they texted stop” and “our system stopped” is measured in messages, and each one is a violation.
Retention should outlast your relationship with the number. TCPA’s federal statute of limitations is four years, so consent records purged at twelve months are records you will not have when the letter arrives about a text sent three years ago.
What the exposure actually looks like
Statutory damages are $500 per negligent violation and up to $1,500 per willful or knowing violation, per text, with no cap — the same structure our TCPA compliance checklist walks through for voice. Texting changes the arithmetic, not the statute. A weekly promotional message to a 5,000-number list where 200 numbers lack valid written consent is not one mistake; it is 200 violations per week, compounding until someone notices. And because every message is delivered with metadata intact, the plaintiff’s evidence is your own delivery log.
The defense that works is boring: right consent tier per segment, all seven revocation keywords honored, suppression that propagates immediately, and records that answer the demand letter without a forensics project. Operators who build that spine treat TCPA exposure as a controlled cost. Operators who bolt it on after the first letter pay for both.
Frequently asked questions
Do I need written consent to send marketing texts?
Yes. Any text that advertises or telemarkets — promotions, discounts, upsells, review solicitations tied to a sale — requires prior express written consent under the TCPA. The agreement must clearly disclose that the person is authorizing automated marketing texts from your specific business, state that consent is not a condition of purchase, and identify the phone number. Electronic signatures and checkbox flows qualify if the disclosure is clear and conspicuous. Purely informational texts (reminders, alerts, notifications) need only prior express consent, which providing a number in a transaction generally establishes. The operational setup around consent — registration, opt-out handling, list hygiene — is covered in the SMS compliance checklist.
Is a text message a call under the TCPA?
Yes. The statute predates SMS, but the FCC has treated text messages as calls under the TCPA for two decades, and courts have consistently agreed. Every restriction on autodialed calls to cell phones — consent tiers, revocation rights, statutory damages — applies to texts sent through messaging platforms. Texts are actually the higher-risk channel in practice, because each message is individually logged and countable: a single broadcast to a bad list creates thousands of separate $500-$1,500 violations at once, with the delivery evidence sitting in your own logs.
How long do I have to honor a text opt-out?
Under the FCC revocation rules that took effect April 11, 2025, revocation requests must be honored within a reasonable time not to exceed ten business days. Treat that as a legal ceiling, not a target — carrier messaging policy expects STOP suppression to be effectively immediate, and every message sent after a revocation is a potential violation. The order also standardized seven revocation keywords and allows revocation by any reasonable means — operational handling is in the SMS compliance checklist. Suppression mechanics for large lists are covered in the mass text messaging guide.
What happened to the one-to-one consent rule?
The FCC’s one-to-one consent rule — which would have required lead-generation consent to name each seller individually rather than a linked list of “marketing partners” — was vacated by the Eleventh Circuit in January 2025, just before its effective date, and remanded to the FCC. The pre-existing baseline still applies: prior express written consent that clearly identifies the business sending the texts. Shared and resold consent remains the most-attacked link in text-message litigation regardless of the rule’s status, so operators running on purchased leads should hold consent records they can defend seller-by-seller.
What consent records should I keep for text campaigns?
Per number: the timestamp of the consent event, the exact disclosure language displayed (versioned by date), the capture context — page URL and form version for web opt-ins, the keyword exchange for text-to-join, the signed document for paper — the number as entered, and the scope of message types authorized. Alongside that, keep a suppression log showing every revocation, its channel, and when suppression took effect. Retain records at least four years — the TCPA’s federal statute of limitations — so you can answer a demand letter about a text sent years ago without a forensics project.
Does the National DNC Registry apply to text messages?
Yes, for telemarketing texts. Because the FCC treats texts as calls, a marketing text to a number on the National Do Not Call Registry carries the same exposure as a marketing call to it, absent prior express written consent or an established business relationship. Informational texts are not DNC-restricted, but the informational-versus-marketing line is drawn by message purpose, and dual-purpose messages count as marketing. That makes registry and internal-list suppression part of the texting workflow — the DNC scrubbing guide covers cadence and list sources.
Consent is your side of the compliance line; delivery is ours. SIPNEX is an FCC-licensed carrier providing SMS and MMS messaging with A2P registration handled and automatic STOP processing on every campaign — call (833) 665-2220 to get your texting traffic on carrier-grade rails.
Keep reading.
The carrier built by operators, for operators.
FCC-licensed carrier with its own STIR/SHAKEN SP certificate. Operator-owned. SIP trunks built for operators who dial at volume.