5 Common Questions About SMS Marketing Compliance
Electronic marketing is a tricky thing. There are rules and regulations you need to follow, and it can all seem pretty intimidating at first. Thankfully, the rules laid out in the UK Privacy and Electronic Communications Regulation (PECR) are fairly simple to follow once you understand them, their implications, and for lack of a better word, mushy parts. To help you get started, I’ve gathered five of the most commonly asked questions about SMS marketing and the regulations and summed them up here.
1. Do I need to use an opt-in?
The short and long answer to this one is: Yes. But there are two types of opt-ins. There are “hard” opt-ins and “soft” opt-ins. A soft opt-in is when you already have personal information (like a name and mobile number) of current or previous customers. A lead that never became a customer but contacted you to “negotiate” services or a purchase can also be a soft opt-in. You can potentially send all these types of people messages without specific prior consent.
However, there are some conditions. The SMS marketing messages you send have to be related to the original purchase or service provided or discussed. You can’t send a message promoting a discounted trip to Bali if they bought a computer from you. But you might be able to send a message about discounts on a new hard drive upgrade.
Notice the “might” in that last sentence. Another condition you must meet to use a soft opt-in is that the person must have had the option of opting out of all marketing when you originally collected their data. This option to opt-out could take different forms, but it must have been clearly offered if you want to use their information for marketing in the future.
This is one of the mushy parts of the regulation, even though the conditions are spelled out clearly. For example, there is no hard definition of what “related” means exactly. Maybe you bought your computer in Bali and the trip offer is related. Also what constitutes a “negotiation” or discussion of a sale is also rather vague. Since these parts aren’t always clear we recommend using a hard opt-in.
A hard opt-in is when you specifically request permission to send SMS marketing messages. This can be done by an opt-in on your website, or a print advert with instructions on how to sign up. As long as it is something someone deliberately does and you are clear in what you’ll do with the information then you’ll be compliant with the PECR. In this case either someone signed up to your list or they didn’t. Not mushy at all.
One other important note is that the soft opt-in rule only applies to commercial marketing. Other types of organisations such as charities or political parties are not allowed to use the soft method at all.
Also, no information obtained from a third party can be used for marketing without a direct consent. So if you purchase a list from another entity, you cannot use the soft opt-in method for those contacts. You cannot send messages at all unless they specifically give you, the sender, explicit permission. This is different than other forms of marketing where sharing the data with third parties is commonplace. Don’t do it when using electronic marketing, especially SMS messaging.
2. Do I really need opt-out instructions in every message?
The answer depends on whether or not you have a soft opt-in list or a hard list. The PECR requires that any message sent to a soft contact must include opt-out instructions in every message. It is very clear about that!
Hard opt-ins though, need to be given a clear, “simple” way to opt out. This means you can’t require them to send you a note in writing. You can’t require them to jump through any hoops that are designed to make it difficult to get off a list.
While not required, the PECR recommends marketers use the same method as the soft list, which is to provide a method of opting out in every message. This is what we recommend too, as it is the easiest for both you and the person on your list. And though you don’t want people to unsubscribe, if they do, you’re better off making sure they stay off your list than risk a spam complaint. But more on that in question 5.
3. Is there a limit on the number of messages I can send?
There aren’t any specific limits set in the regulations. But you need to remember what it is you’re doing. SMS marketing isn’t like email. It is much closer to telephone marketing since it contacts the person is a very personal way on their mobile. Everyone knows that getting called multiple times a day by a marketer would be annoying and likely to cause a complaint being filed.
That same common sense applies to SMS marketing. So while you can send ten messages to someone every day, you really don’t want to (unless it really does fit your business and customers – read on). Instead, do some research to see how many messages your customers are willing to accept. You can run a survey of existing customers, use a survey someone else did in the same industry, or as a last resort use trial and error.
Whatever you decide on, let the customers know what to expect. If you run a restaurant, will you send your lunch specials out to them once a day, five days a week? Or will you run a weekly discount for the most loyal customers by sending one message a week? Whatever it is, tell the people on your list so they know what they will get when they sign up.
If you start getting massive opt-outs, chances are you’re sending too many!
4. Can I ask my list to forward the list to others?
One way some businesses try and get around some of the opt-in rules is to ask their list to forward offers on to other people – who then get added to the original list. But this is specifically called out as a violation of the PECR.
This practice is sometimes called viral marketing. It’s kind of like referral marketing on steroids. You tell two friends, then they tell two friends, and on and on. Suddenly you have thousands more getting your messages than you have on your list.
Now, anyone can forward your message and there’s nothing you can do about it. But a forwarded message alone isn’t where the violation comes in. The PECR specifies that the forwarding needs to have been “instigated” by you in order to be a violation. So avoid phrases or requests that ask people to share the messages because by doing so you’re instigating the action.
5. What happens if I violate the rules - accidentally of course?
The Information Commissioner’s Office (ICO) is responsible for investigating violations. If they received enough complaints, or other information, they will investigate your company. What happens after that depends on what they found.
For example, let’s say somehow you didn’t screen messages against the list of people who’ve opted out and sent them all messages. If this happened one time and it was due to a computer or procedural error, they might issue you a warning that you need to improve your message processing. They might come back and inspect to see whether you did or not.
If you continue to have violations they will take more action each time, potentially leading up to huge fines. But those are usually reserved for the worst – and arguably deliberate – violations of the regulations.
It’s scary, but a single violation isn’t likely to cause much harm in the long term. Just be prepared to fix whatever went wrong.
Learning more about SMS marketing
The questions and answers above aren’t meant to replace a thorough understanding of the full set of requirements. The ICO website has a great walkthrough of the regulations aimed at helping business people stay compliant.
You should also know that these rules apply to the UK. If you’re planning to send marketing messages to another country, then be sure to check on the local rules there too.
You’d think a large, multinational company would have all the resources and planning it needed to run an SMS marketing campaign. But that isn’t always the case apparently. Find out the big mistake this one company made and how you can avoid doing the same thing in this blog.
In last week’s blog I covered how the Trump campaign sent unsolicited SMS messages to voters. This week I’m stuck on the same topic, but from a totally different angle: what we can learn from that failure. Because honestly, their biggest issue might not be violating the law. It might be the people they have writing their SMS messages. It’s time to dissect the message that spawned the law suit, and learn what we can from it.
ICO, the Information Commissioner's Office, has recently imposed a huge fine on direct marketing company Help Direct UK for sending illegal SMS messages.
The regulations about SMS marketing are quite clear. But sometimes people, and companies, can make mistakes. Find out what happened to a company that reacted poorly to the ICO’s request for information, and how it made their situation so much worse.
When you start using SMS marketing, one of the first decisions you need to make is whether or not you’ll need to get replies. If you do, then you’ll need to decide between shortcodes and a virtual mobile number (VMN, also called longcode). If you don’t, then that’s alright too.
Over the last month or so I've signed up for quite a lot of webinars. I'm always trying to learn more about technology, marketing, best practices – you get the idea. So I've been excited to see many organisations offering SMS reminders for webinars. But there is one experience I had with an SMS reminder for a webinar that I simply had to share.