It’s a shame that we get more text messages from spammers than texts from friends and family, right?… wait, right?!
Ok, maybe it’s just us.
Either way, spam via SMS messages has been getting out of control over the last few years as more and more businesses see the computer in your pocket as easy access to potential customers. Some businesses use this power better than others. For example, there’s no other way I’d remember I have an upcoming dentist appointment after scheduling it 3 years ago (I mean one year… six months? You’re supposed to go every six months?!).
However, there are some major offenders in the space that shoot out cold SMS messages seemingly at random (looking at you, business loan spammers). And thanks to these mass spammers, legislators are now creating regulations to require all businesses to abide by a set of guidelines before texting anyone.
So due to some bad eggs, we all get to now deal with a new set of regulations to abide by. Thanks, Fake-Failed-Amazon-Delivery spammers.
The point is, SMS messages are starting to increase in sheer numbers and can range widely in terms of how spammy they are. That’s where The Campaign Registry (TCR) comes in.
Table of Contents
What is The Campaign Registry (TCR)?
TCR is an initiative that requires all businesses to register their brands, share associated phone numbers, and summarize how their outbound SMS messages are sent to customers, and – as of December 1, 2024 – TCR is mandatory.
That being said, full enforcement didn’t start until February of 2025, which is probably why we are getting so many inquiries about this topic lately.
This system was developed to combat spam and ensure that businesses using 10DLC (10-digit long code) numbers to send SMS messages are legitimate and have permission to do so.
TCR was created via a collaboration between major US mobile network operators, including AT&T, T-Mobile, and Verizon. It was a kind of self-regulatory measure after the Federal Communications Commission (FCC) came out with the Telephone Consumer Protection Act (TCPA).
Who needs to comply with TCR?
TCR is mandatory for any business using an application platform (Twilio, SlickText, TextMagic, Omnisend, etc.) to send messages to customers. Whether those messages are used for:
- Marketing
- Advertising
- Customer service
- Security (two-factor authentication)
Each of these is considered to be Application-to-Person (A2P) messages, so the sender will need to register with TCR.
How do businesses comply with TCR?
Fortunately, it’s a relatively straightforward registration process for most businesses sending A2P messages. While exact steps may vary depending on which mobile network operator (MNO) or communication service provider (CSP) a business uses, it usually requires providing information such as:
- Brand information (Business name, address, website, contact information, etc.)
- Federal business ID #
- Organization type (private, public, non-profit, or government)
- Your opt-in/opt-out process
- A summary of how you plan to use SMS, which may include:
- Campaign purposes
- Types of messages (appointment reminders, marketing, etc.)
- Examples of messages
- Privacy Policy with specific disclosures
Once you submit this information, it will be reviewed by your service provider for final approval.
How is TCR enforced?
Mobile carriers like Verizon, AT&T, and T-Mobile are currently using TCR to verify information before any messages are delivered. If a business tries to send a message from a 10DLC number that isn’t registered, it could face both fines and reputation damage.
Fines – Carriers can impose fines up to $10 per message sent by an unregistered 10DLC number.
Reputation damage – If a business isn’t registered with TCR, any messages it sends via SMS will be labelled as ‘spam’ – hurting the business’s reputation with both consumers and carriers.
TCR Requirements vs. Privacy Policy Requirements
So, there you have it! A nice, straightforward answer to what TCR is and how you can comply with it… Well, except for one more thing.
While we are fans of complying with laws designed to respect privacy and cut down on spam, we have noticed a few issues with certain MNO/CSPs require Privacy Policy changes that contradict Privacy Policy requirements set by privacy laws.
For example, we have seen where businesses are supposed to say (according to some MNO/CSPs) that they won’t be sharing phone numbers with third parties. However, sending an SMS message would mean you are sharing people’s numbers with the carrier – which would be defined as a third party by virtually all privacy laws.
If your carrier asks you to tweak your Privacy Policy, generators like Teramgeddon allow you to customize your policies. Since these Privacy Policy requirements are still somewhat new, we do recommend responding to certain MNO/CSP requirements that might seem contradictory to your current Privacy Policy.
A simple question like, “If I’m sharing phone numbers with you, (insert MNO/CSP), wouldn’t it be misleading to say in my Privacy Policy that I’m not sharing phone numbers?”
This might sound a little sarcastic, but certain MNOs and CSPs might not realize that most privacy laws consider them to be third parties when it comes to sharing data like phone numbers. This insight could help solve this discrepancy.
If you’re unsure about whether or not certain changes will cause your Privacy Policy to become non-compliant with certain privacy laws, we recommend reaching out to your privacy attorney for legal advice.
Conclusion
If you frequently use SMS messages for any reason for your business, you will want to register for TCR right away. If you have any additional questions, The Campaign Registry has a helpful resources page with video walkthroughs and FAQs.
Hopefully, you found this blog as helpful as SMS dental reminders without having to suffer through it too much, like a dental appointment.
