What is TCPA and does it apply to my business?

TCPA (Telephone Consumer Protection Act) applies to any business sending automated text messages to US consumers. If you're using any platform or tool to send SMS at scale, you're subject to TCPA regardless of your business size.

What is A2P 10DLC registration?

A2P 10DLC is a carrier registration system that verifies your business and messaging use case before you send commercial SMS at scale. Without it, messages are more likely to get filtered or blocked. Myna handles this registration as part of the platform setup.

Can I text my old leads?

It depends on how those leads were collected and whether they opted in to receive SMS communications from your business specifically. Leads from your own opt-in forms are generally fine. Purchased lists or old contacts without documented SMS consent are a compliance risk.

What happens if I don't comply with TCPA?

Fines start at $500 per message and go up to $1,500 for intentional violations. A campaign that texts 1,000 non-consenting contacts could trigger $500,000 in fines. Beyond fines, carriers can block your number entirely.

Does Myna handle SMS compliance?

Myna guides you through A2P 10DLC registration and provides optional consent forms and opt-out detection. Compliance with TCPA is ultimately the business owner's responsibility, but the platform is built to make doing it right straightforward.

Is SMS Text Blasting Illegal? What Contractors Need to Know Before Hitting Send

Q: Is SMS text blasting illegal?

It depends on how it's done. Sending bulk SMS messages to people who haven't opted in is illegal under TCPA and can result in fines of $500 to $1,500 per message. Done properly — with opt-in consent, proper registration, and opt-out handling — SMS outreach is legal and effective.

The short answer is: it depends on how you do it.

SMS blasting — sending the same message to a large list of contacts all at once — is not automatically illegal. But doing it without proper consent, registration, and opt-out handling absolutely is. And the penalties are not small.

Here’s what you actually need to know.

What the law says

In the US, commercial SMS is governed by the Telephone Consumer Protection Act (TCPA). It applies to any business sending automated text messages to consumers — including small contractors, service businesses, and anyone using a platform to send messages at scale.

The core rule is simple: you need consent before you text someone for marketing purposes.

What that means practically:

You need written opt-in consent before sending promotional messages
You must honor opt-out requests — and since April 2025, that includes opt-outs made through any reasonable method, not just replying “STOP”
You can only send messages between 8am and 9pm in the recipient’s time zone
You must include your business name and opt-out instructions in your messages

Penalties start at $500 per message and go up to $1,500 for intentional violations — per message, not per campaign. A campaign that reaches 1,000 people without proper consent could cost $500,000 in fines. If violations are deemed intentional, that triples.

That’s not theoretical. Designer Shoe Warehouse faced a $4.42 million lawsuit in March 2025 for sending unwanted marketing texts to consumers.

Canada operates under CASL (Canada’s Anti-Spam Legislation), which has similar consent requirements for SMS.

The difference between blasting and conversational AI texting

Here’s where most contractors get confused. There’s a meaningful difference between:

SMS blasting — a one-way broadcast. One message, sent to everyone on a list, no real response handling. This is where most compliance problems start, because the mechanics push businesses toward cutting corners on consent.

Conversational AI texting — two-way engagement. The message goes out, the lead responds, a real conversation starts. This is what Myna does.

Database reactivation campaigns — reaching back out to leads who already interacted with your business — fall closer to the second category. But they still require that those leads opted in to receive SMS communications from you specifically, and that the leads are reasonably recent. Contacts that are 60 to 90 days old are generally safer territory than contacts from two years ago with no recent activity.

If you have a list of old leads and you’re not sure whether they opted in for SMS, the honest answer is: don’t assume they did.

What A2P 10DLC registration actually is

Even if your consent is perfect, your messages can still get blocked.

Carriers — AT&T, Verizon, T-Mobile — run their own filtering systems on top of TCPA. You can be TCPA-compliant but still have your messages blocked by carriers if your 10DLC campaign registration doesn’t meet their standards.

A2P 10DLC (Application-to-Person, 10-Digit Long Code) is the registration system carriers use to verify that a business is legitimate and that its messaging use case is what it claims to be. Registering your brand and campaign type tells carriers your messages are coming from a real business with a real purpose — not a spam operation.

Most DIY SMS setups skip this step entirely. The result is predictable: messages get filtered, deliverability tanks, and the campaign quietly fails without the business ever knowing why.

Myna walks you through A2P registration as part of setup. It’s one of the reasons campaigns run through the platform actually reach people.

What about leads who didn’t explicitly opt in for SMS?

This is the real gray area most contractors are sitting in.

If someone filled out a form on your website, called your office, or was referred to you — that’s a relationship. But a preexisting business relationship is not the same as express written consent to receive marketing texts.

The safe approach is to wrap an opt-in into your first outreach message. Something like: “Hey, this is [Agent Name] from [Business]. I’m reaching out about your recent inquiry — is it okay if I send you a few updates over text?”

That message creates the consent record going forward. It also filters your list naturally — people who respond are engaged, people who don’t can be moved to email or other channels.

Myna includes an optional consent form and supports an opt-in wrap in the first campaign message. If someone responds with any variation of a stop request — not just “STOP” — the platform detects it and removes them immediately.

What happens if your list isn’t clean

If you’re working with a contact list where SMS consent wasn’t explicitly captured, you have a few options:

Run the campaign through a compliant opt-in flow first. Smaller list, higher quality, no legal exposure.

Switch to a different channel. Email doesn’t carry the same consent requirements as SMS. For older lists or contacts where SMS consent is unclear, email is a lower-risk starting point. Myna supports email and social outreach for exactly this reason.

Don’t buy lists. Purchased contact lists almost never come with the kind of consent documentation that holds up under TCPA. The cost of the list is nothing compared to the potential exposure.

The practical takeaway for contractors

SMS outreach works. The numbers on response rates and lead conversion are real. But “it works” and “do it any way you want” are not the same thing.

The businesses that get the best results from SMS — and stay out of legal trouble — are the ones that treat compliance as part of the setup, not an afterthought. Get your A2P registration done. Use consent forms. Honor opt-outs immediately. Keep records of when and how consent was collected.

None of that is complicated. Most of it is handled by the platform if you’re using the right one.

The businesses that get burned are the ones that see a high-volume SMS strategy, skip the compliance infrastructure to move faster, and end up with blocked numbers or worse.

Don’t be that business.

Want to run SMS campaigns that actually reach people and stay compliant?

Start free at myna.cx — A2P registration and opt-out detection are built in.

You might also want to read: Can You Use AI to Send Text Messages?