A screenshot of T-Mobile compliance fees went viral on social media with claims that the carrier would start fining consumers for text messages containing hate speech — the reality is narrower and more technical: the fees apply only to enterprise businesses sending A2P SMS through carrier API partners, not to any individual consumer’s personal messages.
Stories Covered
T-Mobile SHAFT Compliance Fees: What the Viral Screenshot Actually Means
Starting January 1, 2024, T-Mobile instituted a tiered compliance fee structure for businesses that send messages over its network through carrier API partners like bandwidth.com. The policy was published on bandwidth.com’s support documentation and an image of it circulated on social media — shared in part by accounts associated with investigative journalism circles — with framing suggesting T-Mobile was about to surveil and fine ordinary consumers for the content of their personal text messages. The screenshot highlighted a “Tier 3” penalty of $500 for violations involving SHAFT content (Sex, Hate, Alcohol, Firearms, and Tobacco). The framing triggered widespread concern about ISP content monitoring and Orwellian carrier overreach. The full picture is more specific: bandwidth.com is a carrier API platform used by developers and enterprise businesses to programmatically send SMS at scale — think two-factor authentication codes, appointment reminders, marketing messages, and business notifications. Companies like Google, Microsoft, Zoom, and Uber use platforms like this. The compliance fees are a B2B policy applied to Application-to-Person (A2P) messaging — business-to-consumer SMS sent through carrier infrastructure — not to person-to-person text messages between individual consumers.
The three-tier fee structure breaks down as follows. Tier 1 carries a $2,000 penalty for phishing, smishing, and social engineering — criminal uses of the carrier’s SMS infrastructure to steal credentials or money from recipients. Tier 2 carries a $1,000 penalty for illegal content including cannabis promotion and solicitation of illegal prescription medications. Tier 3 carries a $500 penalty for SHAFT-category content sent without the appropriate age-gating or opt-in verification — the concern being that businesses sending alcohol, tobacco, or firearms advertising via SMS need to verify recipient age before sending, rather than blasting marketing to anyone on the network including minors. Bandwidth.com updated its documentation after the viral screenshot to more explicitly clarify that these policies apply to enterprise API customers, not personal consumer accounts. The episode is a useful case study in how technical policy documents written for a B2B audience can be decontextualized when shared publicly: the fee structure reads alarming to someone unfamiliar with the distinction between A2P business messaging infrastructure and consumer SMS, and that framing gap is what drove the viral spread. The underlying concern — whether carrier content monitoring policies could eventually expand to cover individual consumer messages — is a legitimate long-term question about ISP power and privacy, even if this specific policy does not do that yet.
Leave a Reply