Skip to main content


Does your cannabis company use text message marketing to build customer relationships through a loyalty program? That common practice could bankrupt your company.

It is a shock to many that text message marketing can expose you to staggering damages claims for failing to comply with a federal law called the Telephone Consumer Protection Act (TCPA) and similar state laws like Washington’s Commercial Electronic Mail Act (CEMA). There is currently an onslaught of plaintiffs’ attorneys bringing class-action lawsuits against cannabis companies that fail to comply with the specific text-marketing requirements of the TCPA. These lawsuits have raked in millions in damages and settlements in 2020 and will continue to do so in 2021.

Many cannabis companies that receive a TCPA complaint initially believe that these are nuisance or “troll” lawsuits. Unfortunately, damages can range from $500 to $1500 per text or call made in violation of the law. If you think about how many marketing texts you send out per day, and how many people you text, damages could be enough to put your company out of business.

An ongoing and highly problematic issue is that many text marketing partners promote their platforms and campaigns as TCPA compliant when they are not, and these marketing partners often bury language in their contracts that puts all TCPA compliance liability on you as the company owner. It is important to recognize that it is not enough for a customer simply to tell you that you can send them marketing text messages. A lack of knowledge about TCPA requirements will not shield a business owner from liability for violating the law.

Don’t be the next cannabis company to get hit with a crushing lawsuit. Now is the time to take a hard look at your text-marketing campaigns and to bring them into compliance.

What does the TCPA require?
The TCPA has specific consent and disclosure requirements for all marketing phone calls and text messages that are made using an automatic  dialing system (ATDS) and all prerecorded calls. Below are several misconceptions regarding TCPA compliance along with guidance to help companies avoid liability.

Common Misconceptions
My company doesn’t use an ATDS because our platform requires human intervention to load the phone numbers for dialing, to craft and upload the message content, and to schedule the transmission of the text.

Your text marketing campaign almost certainly uses an ATDS unless someone from your company is hand dialing each text individually from their phone. ATDS is broadly defined under the TCPA as “equipment which has the capacity (A) to store or produce telephone numbers to be called, using a random or sequential number generator; and (B) to dial such numbers.” The Supreme Court is reviewing this issue, but the federal Ninth Circuit court, which includes Washington, Oregon, and California, currently says an ATDS includes equipment that merely has the capacity to store numbers to be called, whether or not those numbers are generated by a random or sequential number generator.

My company properly obtains consent because customers are always verbally asked if we have permission to text them prior to us sending any messages.

Verbal consent is not enough under the TCPA. If you use an ATDS, you must have “prior express written consent” of the customer before you can call or text them for promotional or marketing purposes. “Prior express written consent” requires a signature (which may be electronic) along with specific disclosures and customer acknowledgements. Companies must maintain records of the consents obtained, which will help in defending against TCPA lawsuits.

My company uses a third-party text marketing platform so that we can avoid having to deal with TCPA compliance.

You, not your third-party marketing service provider, are liable for TCPA compliance by law. This includes if they erroneously text a customer on your behalf (with some rare exceptions). Also, the terms of your marketing partner’s agreement with you likely says that you bear the burden of compliance with all applicable laws, even if their marketing materials suggest differently. Third parties providing these services may present their platforms as low risk, but with TCPA claims on the rise, that is not the case.

My company has confirmed that we properly obtain consent under the TCPA, thus we have no exposure to liability.

Obtaining the proper consent from customers is only one piece of TCPA compliance. Companies must also implement internal processes required by the TCPA. These obligations include maintaining an internal “do not call” list, only contacting customers during legally permitted hours, and providing customers the ability to opt out “in any reasonable manner, using a reasonable method,” among other mandates. Additionally, there is currently no way for a company to screen itself from liability for inadvertently contacting numbers that have been reassigned. This unavoidable risk is an ongoing concern, and the Federal Communications Commission is in the process of creating a reassigned number database to assist companies in avoiding this liability by providing a safe harbor for those scrubbing their contact lists against the new database.

My company has verified that our text marketing campaign is TCPA compliant, and we intend to continue to use this method of marketing.

The federal TCPA is not the only law putting companies at risk, as many states have implemented sister statutes to provide residents with the same, and sometimes more, protection from marketing tactics. For instance, Washington’s CEMA prohibits certain unsolicited text messages to Washington State residents. Importantly, a party can violate CEMA even without using an ATDS. Violations of CEMA are violations of Washington State’s Consumer Protection Act, which can expose companies to liability for attorney’s fees in addition to $500 in damages per text message sent without proper consent.

Companies should pay close attention to both state and federal laws if they intend to move forward with a text message marketing campaign. There are many nuances when complying with these laws, and the consequences for failing to get it right the first time can be dire.

If you have questions regarding your company’s current text messaging practices or have been sued for violating the TCPA, CEMA, or similar statutes, please reach out to our team.

  Edit this post