Global text messaging laws in 2025: What every business should know

Share

Text messaging has become a core part of how businesses reach customers, but every country enforces its own regulations on SMS marketing. The US (which has text messaging laws by state), the UK, Australia, and the EU Member States each enforce their own text messaging laws that outline how businesses must communicate responsibly. In every region, the core rules are similar: obtain express consent, identify the sender, and allow easy opt-outs.

Without these, sending mass text messages with promotional intent will treated as a spam practice, and businesses risk violating SMS marketing laws and being hit with costly penalties.

Understanding these can help you target your SMS marketing strategy accordingly for text messaging laws by state in different parts of the world. Let’s begin.

1. SMS marketing laws in the United States

In the US, the three organizations that deal with text regulations are:

• Cellular Telecommunications Industry Association (CTIA)
• Federal Communications Commission (FCC)
• Mobile Marketing Association (MMA)

While the CTIA and MMA are organizations that encourage best practices for text message marketing, the FCC is a fully-fledged government agency with legislative powers that has enacted several laws, including the Telephone Consumer Protection Act and CAN-SPAM, to regulate SMS marketing, SMS restrictions, and text message privacy laws.

The Telephone Consumer Protection Act (TCPA)

The Telephone Consumer Protection Act (TCPA), enforced by the FCC, remains a cornerstone of text messaging laws in the U.S., requiring prior express written consent before sending marketing texts, even if there’s an existing business relationship.

Consumers must receive “clear and conspicuous” disclosures and agree to texts sent to their specific phone number. Texts must identify the sender, include an opt-out mechanism, and generally be sent between 8 a.m. and 9 p.m. local time, unless a stricter state rule applies.

Violations can cost $500 to $1,500 per message, with private lawsuits available, though It is worth noting that tax-exempt nonprofit organizations are exempt from the TCPA’s opt-in and “do-not-call” requirements.

Recent TCPA updates in 2025:

CAN-SPAM Act

Another critical U.S. regulation that intersects with text messaging laws is the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, passed in 2003 and still in force in 2025. Unlike the TCPA, which directly governs SMS marketing, the CAN-SPAM Act primarily regulates commercial email messages. However, it also applies when businesses send email-to-SMS messages (when an email is delivered to a recipient’s mobile phone as a text message).

The CAN-SPAM Act is enforced by the Federal Trade Commission (FTC), with support from the FCC. It works alongside the TCPA to reduce spam, protect consumer privacy, and ensure transparency in mobile and digital marketing practices.

To ensure full CAN-SPAM compliance in 2025, businesses must:

• Clearly identify the message as an advertisement or promotional content
• Include the sender’s valid physical postal address in the message
• Provide a functional opt-out mechanism, such as an unsubscribe link or instructions, that works for at least 30 days after the message is sent
• Honor all opt-out requests within 10 business days
• Use accurate header information, subject lines, and sender identification so the recipient knows exactly who sent the message

US Text messaging laws by state

Being aware of text messaging laws by state is important for any business that uses SMS as a communication or marketing channel. At the federal level, the TCPA and the CAN-SPAM Act establish broad text messaging laws that apply nationwide, requiring prior written consent, clear opt-out instructions, and restrictions on when businesses can send messages. These federal statutes serve as the foundation for compliance and are designed to protect consumers from unwanted or unsolicited text messages.

However, many states have gone further by introducing their own laws for text message marketing. These state-specific rules, sometimes called “mini-TCPA” laws, can impose stricter requirements on quiet hours, increase financial penalties, and expand definitions of what qualifies as a marketing text. Other states rely primarily on federal law but still enforce consumer protection and telemarketing statutes that can apply to SMS.

The table below provides a comprehensive overview of text messaging laws by state, summarizing whether a state has its own SMS regulations, what businesses must do to stay compliant, and the penalties for sending unsolicited text messages. This resource is designed to help marketers, compliance officers, and business owners understand both the federal baseline and the state-level nuances of laws for text message marketing.

2. SMS marketing laws in Canada

In Canada, SMS for marketing requires to follow strict texting laws for business aimed at protecting personal information, securing consent, and giving consumers control over how they receive and manage messages.

Canada’s Anti-Spam Legislation (CASL)

The key framework is Canada’s Anti-Spam Legislation (CASL), which came into effect in July 2014 and remains one of the strictest anti-spam regimes in the world. CASL applies to all commercial electronic messages (CEMs), including SMS and MMS marketing.

Alongside CASL, the Personal Information Protection and Electronic Documents Act (PIPEDA) governs how businesses collect, use, and disclose personal information in commercial activities, ensuring SMS campaigns align with data protection standards. Additionally, the Canadian Short Code Compliance Policies apply to businesses using short code numbers, requiring express user consent, opt-out mechanisms, accurate sender identification, cost disclosures, and a prohibition on unlawful or deceptive content.

Together, these frameworks form a unified national approach to SMS compliance, making Canada one of the most regulated environments for text marketing.

Here are the essentials for 2025 compliance under CASL:

• Initial opt-in required: Businesses must obtain express consent before sending promotional text messages. Implied consent is allowed only in specific cases, such as existing customer relationships, but it expires after a set period.
• Sender identification: All text messages must clearly identify the business sending them.
• Clear opt-out methods: Every SMS must include a simple and accessible way for recipients to unsubscribe (reply STOP).
• Penalties for violations: Fines can reach up to $10 million per violation for businesses that send unsolicited messages or fail to comply with CASL’s transparency requirements.

So while Canada doesn’t have text messaging laws by state/province, the federal CASL law sets a unified national standard that all businesses must follow, no matter where in the country customers are located.

To explore this topic in more detail, we recommend reading our in-depth article on Canada SMS marketing.

3. SMS marketing laws in Australia

In 2025, compliance means treating SMS as a regulated channel: secure consent through an initial opt in, build trust with your audience, and integrate clear opt out methods into every campaign to ensure your marketing strategy is both effective and lawful.

Spam Act

Australia regulates SMS under the Spam Act, most recently updated in 2016, with additional requirements introduced through the Spam Regulations 2021, which came into effect on April 1, 2021. Together, these laws make sending unsolicited messages and sending unsolicited ads illegal. Businesses must obtain explicit permission through an initial opt in before they can treat text messages as a valid marketing channel.

Unlike the U.S. TCPA, an existing relationship with a customer may be enough to demonstrate consent under the Spam Act. However, any text that forms part of your marketing strategy must still clearly identify your business and include clear opt out methods so recipients can easily stop future communications.

Another distinction in Australia is that if you purchase a contact list from another organization, and those contacts have consented to receive messages from third parties, you can legally use that list for your own marketing. That said, if you are sending unsolicited ads without proper consent or failing to provide transparent opt-out instructions, you risk penalties from the Australian Communications and Media Authority (ACMA).

Since many businesses operate regionally, it’s helpful to see compliance obligations listed state by state. The table below shows how the national laws apply uniformly across all Australian states and territories, ensuring that marketers understand their responsibilities no matter where their customers are located.

Australia text messaging laws by state

If you’d like to explore this topic in more detail, including penalties for non-compliance and best practices for staying compliant, make sure you check out our article on Australia SMS marketing compliance for businesses.

4. SMS marketing laws in the UK

Businesses sending SMS in the UK must comply with texting laws designed to protect consumers from misuse of their personal data.

Privacy and Electronic Communications Regulations (PECR)

The UK’s Privacy and Electronic Communications Regulations (PECR) set the rules for sending marketing by “electronic mail”, which includes SMS. In most cases you need specific consent to text individuals, you must identify your organisation, and every message must include a working way to unsubscribe (eg, Text STOP). PECR operates alongside Data Protection Act 2018 (for lawful processing, transparency and accountability).

It’s also worth noting that the UK Sender ID Regulations, introduced in September 2023, initially banned three specific words – Alert, Info, and Verify – from being used as Sender IDs. As of October 31st, 2023, the prohibited list expanded to include 121 words in total, further tightening restrictions on how businesses can present themselves in SMS campaigns.

Similar to Australia, the UK allows a limited “soft opt-in” for existing customers: you can text them about your own similar products/services if you obtained their details during a sale/negotiation, gave a clear opt-out at collection, and include an opt-out in every message. The Information Commissioner’s Office (ICO) provides detailed guidance under Regulation 22(2).

The ICO notes its direct-marketing guidance is being updated following the Data (Use and Access) Act 2025. One change adds a soft-opt-in route for charities (for messages furthering charitable purposes) where strict conditions are met. At the same time, the ICO enforces PECR and can fine organisations for unlawful texts. Consumers can also forward scam/unwanted texts to 7726 (free) so networks can block senders.

UK Text messaging laws by state

While the United Kingdom does not have separate text messaging laws by state in the way the United States does, all four UK countries – England, Scotland, Wales, and Northern Ireland, are governed by the same national framework, as follows:

For extra details and compliance best practices, feel free to check out our full article on Texting in the UK.

5. Text message laws in the EU

The whole principle behind stricter privacy regulations for the EU involves ensuring customers benefit from improved business experiences and higher transparency regarding how their data is being used.

ePrivacy Directive

The ePrivacy Directive (2002/58/EC, amended 2009) remains the EU’s core law for electronic communications, covering text messages alongside email and telemarketing. The long-anticipated ePrivacy Regulation (intended to replace the Directive with a uniform EU law) was formally withdrawn in 2025, so the Directive remains in force until further reform.

• Consent first: Businesses must obtain explicit opt-in before sending commercial or promotional text messages.
• Soft opt-in: Some member states allow limited exceptions (similar to Australia’s and the UK’s “soft opt-in”), where previous customer relationships exist and unsubscribe options were provided at data collection.
• Transparency: Every SMS must identify the sender and provide a clear opt-out method.
• Unsolicited messages: Sending unsolicited messages without consent remains prohibited, with fines imposed at the member state level.

General Data Protection Regulation (GDPR)

The GDPR works alongside ePrivacy by regulating the use of personal data for marketing, including SMS. While ePrivacy specifies how to send messages, GDPR sets the standards for handling customer information. Under the European Data Protection Board’s 2025 guidance, GDPR record-keeping requirements have been simplified, but cross-border enforcement has been strengthened.

• Legal basis: For SMS marketing, the most appropriate basis is usually consent. Rarely, a legitimate interest argument may apply, but only if carefully documented and balanced against individuals’ rights.
• Consent standards: Consent must be freely given, specific, informed, and unambiguous (eg, a tick box at signup). Pre-ticked boxes or bundled consent are invalid.
• Transparency duties: Businesses must clearly explain how phone numbers will be used for SMS in privacy policies.
• Opt-out rights: Article 21 GDPR gives individuals the right to object to direct marketing at any time, which must be respected immediately.

Ensure SMS compliance with Textmagic

Text messaging laws are designed to protect consumers from unsolicited messages while ensuring businesses stay transparent and respectful. Non-compliance can lead to costly penalties and reputational harm, but with the right approach, your SMS marketing strategy can drive engagement and sales responsibly.

Start sending compliant text messages

Sign up for a free Textmagic trial today and send global SMS campaigns with confidence.

Free trial

With Textmagic, you can easily manage consent, include clear opt-out methods, and send messages that comply with global texting laws for business. Our platform makes it simple to run effective, compliant SMS campaigns that build trust and deliver results.

Key takeaways on text messaging laws

Wherever you run SMS campaigns, compliance with text messaging laws by state and national frameworks like PECR or the Spam Act is essential for trust and deliverability. Most require initial opt in and explicit permission before you treat text messages as part of your marketing strategy.

Key points to follow:

• Always identify your business in each SMS
• Provide clear opt out methods
• Check numbers against the do not call registry
• Respect local quiet hours
• Send only relevant promotions or timely appointment reminders

By documenting consent and honoring unsubscribes, you align with global texting laws while protecting consumer rights and keeping SMS a reliable marketing channel.

This article contains general information about main messaging laws and regulations and does not constitute legal advice. Please seek professional counsel for in-depth information regarding current text messaging laws and to avoid possible SMS legal complaints.