TCPA Consent Requirements

The Telephone Consumer Protection Act (TCPA) requires "prior express written consent" for all commercial text messages. This consent must be obtained through a clear, unambiguous process that meets specific legal criteria.

📝
Written Form
Electronic signature or clear written agreement (checkboxes, digital forms)
👆
Affirmative Action
Customer must actively consent - no pre-checked boxes or automatic enrollment
📋
Clear Disclosure
Types of messages, frequency expectations, and opt-out instructions
🎯
Purpose Specific
Separate consent for marketing vs. transactional messages
🚫
Not Conditioned
Consent cannot be required for purchase or service access
📱
Opt-Out Method
Clear instructions for stopping messages (Reply STOP)

Compliant Consent Examples

✅ Good Example - Marketing Consent
☐ Yes, I agree to receive promotional text messages from [Business Name] about special offers, new products, and marketing updates. I understand I may receive up to 4 messages per week. Message and data rates may apply. I can opt out at any time by replying STOP. For help, reply HELP. By checking this box, I provide my express written consent under the Telephone Consumer Protection Act. Privacy Policy: [Link] | Terms: [Link]
❌ Bad Example - Vague Consent
☑ Send me updates and special offers (Pre-checked box, no frequency disclosure, no TCPA language, no opt-out instructions)
✅ Good Example - Transactional Consent
☐ Send me order confirmations, shipping updates, and customer service messages via text message. I understand these are transactional messages related to my purchase. Message and data rates may apply. Reply STOP to opt out of order notifications. For help, reply HELP. Privacy Policy: [Link]

Consent Documentation & Audit Trail

Maintaining detailed consent records is critical for TCPA compliance and legal defense. Records must be preserved for the full statute of limitations period (4 years minimum).

Required Consent Record Elements
Each consent record must include the following data points
Data Element Description Legal Purpose Retention
Timestamp Date/time of consent with timezone Proves when consent was obtained 4+ years
IP Address Internet protocol address of user Verification of consent source 4+ years
Phone Number Mobile number provided for messaging Identifies consent recipient 4+ years
Consent Language Exact text presented to customer Proves clarity of disclosure 4+ years
User Response Checkbox state, button click, keyword reply Evidence of affirmative action 4+ years
Source Page URL where consent was captured Context for consent process 4+ years
Device Info Browser, device type, user agent Technical verification details 4+ years
🔍 Consent Audit Checklist
  • All consent records include complete timestamp data
  • IP addresses logged for all web-based consent captures
  • Exact consent language preserved in database
  • User actions clearly documented (checkbox, button click)
  • Opt-out requests logged with timestamp and method
  • Database backup and retention procedures in place
  • Regular consent data integrity audits performed
  • Export procedures ready for legal discovery requests

Opt-Out Management

TCPA requires businesses to honor opt-out requests immediately and maintain suppression lists indefinitely. Failure to process opt-outs is a common source of violations.

Opt-Out Requirements

Immediate Processing
Honor STOP requests within next message send (ideally real-time)
🔄
Multiple Methods
Accept STOP, UNSUBSCRIBE, CANCEL, END, QUIT keywords
Confirmation Message
Send confirmation that opt-out was processed successfully
🚫
Permanent Suppression
Maintain opt-out status indefinitely across all campaigns

Interactive Consent Form Generator

Generate TCPA-Compliant Consent Language

Ready-Made Consent Templates

Download industry-specific consent forms and integration code

E-commerce Template Healthcare Template Financial Services Template General Business Template