SMS Consent Essentials: Understanding Opt-In Requirements for 10DLC
To legally send SMS messages - especially through 10DLC (10-Digit Long Code) - businesses must collect proper, documented consent from consumers.
This article explains what consent forms are, why they are required, the different types of consent, and includes fully compliant examples with all mandatory elements.
What Is a Consent Form?
A Consent Form (in the context of SMS/10DLC messaging) is a document or digital record that proves a consumer has given explicit permission to receive text messages from a specific company.
It is a requirement under U.S. federal law (TCPA), carrier rules, and CTIA messaging guidelines.
What Must a Consent Include?
To comply with TCPA, CTIA, and U.S. carrier (10DLC) requirements, every SMS consent form must include the following essential components. These elements ensure that consent is explicit, verifiable, and legally valid.
1. Company or Brand Name.
The form must clearly identify the business that will be sending SMS messages. This ensures the consumer understands who they are granting permission to.
Important: Consent given to one brand cannot be transferred, reused, or shared with another brand - even if the brands belong to the same parent company. Each brand must collect its own opt-in directly from the consumer. Internal sharing of SMS subscriber lists or opt-in records between business units is prohibited.
2. Explicit Consent Statement.
The language must be direct, unambiguous, and acknowledge permission to receive SMS messages. Example: “I agree to receive SMS text messages from [Company Name]”.
3. Consumer’s Phone Number.
The specific phone number that is opting in must be provided by the consumer. This confirms exactly which number will receive communications.
4. Purpose and Types of Messages.
The consent must describe the categories of messages the consumer will receive, such as:
- promotional offers
- appointment reminders
- account alerts
- delivery or order updates
- and etc...
This ensures the consumer clearly understands what they are agreeing to.
5. Message Frequency Disclosure.
CTIA requires informing consumers about how often messages may be sent. Acceptable examples include:
- “Message frequency may vary”
- “Up to X messages per month”
6. Message and Data Rates Disclosure.
All campaigns must include the standard carrier-required notice: “Message and data rates may apply”.
This indicates that the consumer may incur SMS or data charges from their mobile provider.
7. Opt-Out and Help Instructions (STOP/HELP).
CTIA mandates that consumers must be informed how to stop or receive assistance. Required language:
- “Reply STOP to unsubscribe”.
- “Reply HELP for help”.
8. Signature or Timestamp (Proof of Opt-In).
Valid proof of consent varies by opt-in method:
- Paper Form: handwritten signature + date.
- Web Form: timestamp, IP address (recomended), and version of the form text shown at sign-up.
- SMS Opt-In: message logs and carrier records.
- Verbal Opt-In: call recordings or documented agent notes.
Types of Consent Forms
- Paper Form: A physical, signed document.
- Web Form / Online Opt-in: Checkbox on a website, landing page, signup page.
- SMS keyword Opt-In: “START”. The consumer must always send the first message. You cannot initiate the conversation with a marketing or promotional SMS unless the consumer has already provided consent through another channel.
- Verbal Opt-in: Consumer verbally agrees via a call or in person (must be recorded or logged).
What is a Paper Consent Form?
A Paper Form is a physical, handwritten consent form that a consumer fills out and signs to authorize a company to send them SMS messages.
Download the sample of paper consent form.
What is a Verbal Consent Form?
Verbal consent is a type of SMS opt-in in which a consumer verbally agrees—either in person or over the phone—to receive SMS text messages from a specific brand.
To be valid, verbal consent must include clear disclosure and explicit agreement. The company must also keep proof that the consent was properly obtained, along with documentation of how the consent was collected. In other words, every time a customer gives permission to receive SMS messages—following the verbal consent script—this information must be recorded by the agent and stored by the company.