From Inbox to Archive: Public Record Laws and SMS Compliance in the USA

We are living in the era of data. So much data is generated by the day-to-day operations of our complex world that the majority of it will never actually be seen by the human eye. But what happens when a human eye does want to see a particular piece of information – one drop of water in the tsunami of data that washes over us on a daily basis? In short, if it comes from state or public entities, they are entitled to see it.  

Sunshine laws, or public record laws, are designed to ensure that the public can access the records of state and public organizations. Like an illuminating sunbeam, they are there to ensure that nothing can be hidden away in the dark and that transparency and accountability are built into government institutions. This is easy enough when it comes to annual reports, financial statements, and other large chunks of information, but compliance with this type of legislation becomes much more onerous when it comes to the smaller records such as SMS or other text messages. 

Silence is Golden: The Rise of Text Messaging

The majority of the global population prefers sending and receiving text messages to speaking on the phone. It is estimated that as many as 23 billion texts are sent worldwide on a daily basis, and while it may be hard to believe, only a small proportion of those are from teenagers. Public and private organizations now use SMS and text messages to communicate with consumers, clients, vendors, the public, and with colleagues and teammates. They are even used for entering into contracts. 

Text messages have become such a common way of doing business they are now recognized as legally binding and enforceable as well as part of public record. This means that businesses and other organizations which need to meet compliance requirements have to be able to keep track of, store, and access text message records. Text messages are the proverbial gift that keeps on giving.  

Let There Be Light: Public Record Laws in the USA

Public record laws are federal and state regulations requiring the disclosure of government activities and records to the public. They aim to ensure that certain undertakings are conducted openly and ethically and allow members of the public to view certain proceedings or to request access to records related to particular topics. They are designed to limit corruption in government institutions and increase public trust through transparency, while also ensuring compliance with any personal text message privacy laws.

The first piece of US sunshine legislation was created and enacted at a federal level. The Freedom of Information Act (FOIA) of 1967 gave the public the right to access records from any federal agency. Subsequently, each state has implemented its own public records laws which regulate the production, collection, and storage of records as well as how and when they must be shared. 

Sunshine Laws By State

While state laws do differ on some of the regulations related to public record access, there is general consensus that text messages do constitute a public record that the public is entitled to request access to. Some states, however, have specific laws or policies that address text messages and other electronic communications, including how to subpoena text messages. 

For example, Louisiana’s public records law, the Louisiana Public Records Act (LORA), includes all electronic records such as text messages to its application as does Alabama’s Alabama Open Records Act (AORA). The sunshine law in Colorado, the Colorado Open Records Act (CORA), applies to all state and local government records,  regardless of the format in which they are stored. Other states that specify the inclusion of text messages and electronic communications into the definition of a public record are New York, California, Texas, and Florida. 

Legal precedents are continuously affirming the recognition of text messages as part of the public record as well as clarifying regulations even further and answering the oft-asked question of “are text messages private?” A recent case in Ohio found that emails and text messages are considered public records, even if they appear on the private devices of public employees. The court also found that it is the government office’s responsibility to find, collect and store those records. This means that government agencies that do not have a system in place to manage text messages, regardless of whether it is a state or private phone, can be held responsible in court.

SMS Compliance Regulations

The regulatory landscape for SMS compliance in the US is governed by key federal and industry bodies, as well as a central piece of legislation. This law extends obligations related to text messages to all businesses, regardless of whether they are public or private. 

The Telephone Consumer Protection Act (TCPA) was enacted in 1991 and aims to protect consumers from receiving unwanted communications. The TCPA specifies that organizations must have explicit consent to send the public messages (known as an opt-in) and must ensure they have a way to unsubscribe or opt out if they want to. The TCPA also states that people who put themselves on a national Do Not Call (DNC) list cannot be contacted by any organization. It also requires businesses to keep an internal DNC list of people who have opted out of receiving messages from them.

There are three regulating bodies that oversee the implementation of this legislation and provide detailed guidelines for businesses: 

• The Federal Communications Commission (FCC) which enforces the TCPA.
• The Federal Trade Commission (FTC) which investigates businesses and scammers who use text messaging to swindle people. 
• The Cellular Telecommunications Industry Association (CTIA), a national trade group made up of the main players in the telecommunications industry. They are able to block businesses from sending text messages if they fail to comply with regulations.

Surfing the Wave: Best Practices for SMS Compliance

The regulating bodies have provided organizations with clear SMS compliance requirements. A checklist of the most important guidelines would include: 

• Customers must explicitly opt-in to receiving SMS communication in writing, and it has to be a separate opt-in from email marketing.
• When inviting people to opt-in, you must link to your Terms & Conditions and Privacy Policy.
• You must clearly state how customers can opt-out of communications, and those options must be free. 
• You must respect opt-out requests and maintain an internal DNC list. 
• You can’t send text messages during “quiet hours”, usually before 8:00 a.m. and after 21:00 p.m. at the local time of the recipient.
• You must include your brand or organization’s name on outgoing text messages.

Businesses can be fined between $500-$1,500 for each infraction depending on the circumstances and intentions behind the violation.  Each text message counts as one violation, so the penalties can become onerous very quickly. 

It’s Just Going To Keep Getting Bigger

There is no sign of text messaging easing up in the future. In fact, the number of platforms for sending mobile electronic communications is only proliferating, and it is becoming an increasingly mainstream way of doing business. 

This has implications for all organizations, whether they are public or private. It is one thing to comply with regulations for messaging campaigns, but it is a different playing field when trying to track individual messages from business and private phones. Compliance is only half the battle. Finding a way to access these communications quickly and efficiently in response to public, consumer, or regulator requests is critical. 

Choosing the right technology solutions to manage electronic communications is vital. LeapXpert maintains a complete record of all conversations between employees and customers to ensure that data privacy and governance standards are met. Our software allows businesses to set rules and requirements for messaging, raising alerts when conditions have been breached. Our dashboard makes full auditing and monitoring of all messages and conversations easy and quick.