CAN-SPAM Wireless Rules: MSCMs, Express Prior Authorization and the Wireless Domain Registry
The FCC's CAN-SPAM wireless rules require express prior authorization (opt-in) for each mobile service commercial message (MSCM) sent to wireless devices using an internet domain, with no third-party sending. The Wireless Domain Registry identifies which domains are wireless.
The FCC's CAN-SPAM rules cover Mobile service commercial message (MSCM)s - commercial email sent directly to a wireless device via an address referencing an internet domain. The rules cover SMS-technology messages but not phone-to-phone messages. The FCC defers to FTC definitions of 'commercial' and 'transactional.'
Senders must obtain Express prior authorization for each MSCM. It must be affirmative (not a negative option), free to give or revoke, and specific to the identified sender. Senders may not send MSCMs on behalf of third parties - each entity must obtain its own authorizations.
- Disclosures must state the subscriber is agreeing to receive MSCMs from a specific identified sender, may be charged by their wireless provider, and may revoke at any time
- There is no grandfathering of pre-existing authorizations
- Revocation must be possible by the same means used to authorize
- MSCMs must include a clearly displayed return email or internet-based opt-out mechanism
- The CAN-SPAM 10-business-day grace period after revocation still applies
The FCC maintains a Wireless Domain Registry of wireless domain names. Senders are responsible for obtaining the list and ensuring proper authorization before messaging those domains; carriers must report new or modified wireless domains within 30 days before issuing them.