Ad Law Insights - Legal and Regulatory Updates
Latest FTC and state attorneys general compliance, investigation and enforcement developments of concern to advertisers and marketers
On July 29, 2025 the Massachusetts Attorney General released updated business guidance on the new “junk fee” rules. Business must comply by September 2, 2025. The updated guidance and webinar is designed to helpbusinesses operating in Massachusetts comply with the regulations. Beginning September 2, 2025 these regulations become enforceable and businesses must come into compliance.
What is the Massachusetts AG’s “Junk Fee” Rule Designed to Do?
Promulgated earlier in 2025, the Massachusetts Office of the Attorney General’s “junk fee” regulations help consumers understand the total cost of a product or service upfront, avoid unnecessary charges and easily cancel unwanted costs that may be optional, waivable, or unwanted, including costs related to trial and subscription offers. Additionally, by increasing price transparency and helping consumers to more easily compare prices while shopping, the regulations level the playing field for businesses.
“Junk fees” are hidden, surprise, or unnecessary costs that increase the total price of a product beyond the advertised price. B usinesses often do not disclose such fees, only disclose them at the end of a transaction, or disclose them after consumers have provided their personal billing information. Similarly, some businesses have engaged in practices related to trial offers, subscriptions, and automatic and recurring charges to conceal the total cost and nature of a product or service, while making it difficult for consumers to cancel or opt-out of such features.
The AGO’s regulations make clear that hidden “junk fees” and related practices violate the Massachusetts Consumer Protection Act.
Effective July 31, 2025, the Minnesota Consumer Data Privacy Act governs the manner by which the personal data of Minnesota residents is handled.
Who Does the Minnesota Consumer Data Privacy Act Apply To?
The MCDPA applies to entities doing business in Minnesota or produce products or services that are targeted to residents of Minnesota, and that satisfy one or more of the following threshold:
- Dduring a calendar year, controls or processes personal data of 100,000 consumers or more, excluding personal data controlled or processed solely for the purpose of completing a payment transaction; or
- derives over 25 percent of gross revenue from the sale of personal data and processes or controls personal data of 25,000 consumers or more.
What is a “Controller” and What are a Controller’s Obligations?
A “Controller” means the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data.
The MCDPA obligates controllers to provide consumers with a clear and accessible privacy notice that sets forth the categories of personal data being processed and the purposes for that the data will be processed for. The privacy notice must also set forth the categories of personal data sold or shared with third-parties, identify the third-parties, explain how consumers may exercise their privacy rights, set forth the controller’s contact information, and describe the controller’s personal data retention policy. Notably, controllers are expressly restricted to the collection of personal data that is “adequate,
On June 16, 2025 the Federal Trade Commission announced that U.K.-based payment processor, Paddle.com Market Limited, and its subsidiary, Paddle.com, Inc., will pay $5 million and be permanently banned from processing payments for tech-support telemarketers. The foregoing is in settlemetn of a Federal Trade Commission action alleging that Paddle abused the U.S. credit-card system and enabled deceptive foreign operators to access it, costing consumers millions of dollars.
According to the complaint, the FTC alleged that Paddle and its subsidiary processed payments for deceptive tech-support schemes that targeted U.S. consumers including older adults.
“Paddle provided foreign-based tech-support schemes with access to the U.S. payment system, allowing these companies to harm consumers,” said FTC lawyer Christopher Mufarrige, Director of the FTC’s Bureau of Consumer Protection. “The FTC will hold accountable payment companies that knowingly facilitate payments for scammers or look the other way when faced with red flags about their clients’ conduct.”
The complaint charges that: (i) Paddle allegedly opened merchant accounts claiming to be a “merchant of record” or software “reseller,” then allegedly used these accounts to process card payments on behalf of numerous, unrelated third-party merchants; (ii) Paddle allegedly enabled overseas schemes to access the credit card system and collect payments from U.S. consumers, and to allegedly evade detection by merchant banks and card networks; (iii) Paddle allegedly facilitated schemes, like Restoro-Reimage, that allegedly used fake virus alerts and pop-up messages to impersonate familiar brands,
On May 6, 2025, New York Attorney General Letitia James announced that the agency secured more than $3.2 million from eight Nissan dealerships in New York City, the Hudson Valley and on Long Island – Action Nissan, Bay Ridge Nissan, Legend Nissan, Garden City Nissan, Huntington Nissan, Rockaway Nissan, Smithtown Nissan, and Teddy Nissan – for allegedly overcharging more than 1,700 New Yorkers that purportedly wanted to purchase their leased vehicles at the end of their lease term.
An investigation by the Office of the Attorney General allegedly found that these dealerships added junk fees or falsified the price of leased vehicles that customers wanted to buy when their lease ended, purportedly forcing them to pay higher costs.
Attorney General James has now stopped deceptive practices at 15 Nissan dealerships and recovered more than $1 million in penalties and $4.5 million in restitution for more than 2,800 New Yorkers, according to the announcement.
“Buying a car is a major financial decision, and no one should have to worry about dealers using illegal junk fees to drive up the price,” said Attorney General James. Attorney General James also stated that “[t]hese car dealers misled their customers with bogus fees and other costs to cheat them out of their hard-earned money. My office’s investigation will put money back in the pockets of defrauded New Yorkers and require these dealers to steer clear of violating our laws and deceiving consumers,” according to Attorney General James.
On May 19, 2025, President Donald Trump signed into law the Take It Down Act (S.146). The federal legislation criminalizes the publication of non-consensual intimate imagery and AI-generated pornography. It comes following approximately forty states already enacting legislation targeting online abuse.
What are the Take It Down Act’s Requirements?
The federal Take It Down Act creates civil and criminal penalties for knowingly publishing or threatening to share non-consensual intimate imagery and computer-generated intimate images that depict real, identifiable individuals. If the victim is an adult, violators face up to two years in prison. If a minor, up to three years.
Social media platforms, online forums, hosting services and other tech companies that facilitate user-generated content are required to remove covered content within forty-eight hours of request and implement reasonable measures to ensure that the unlawful content cannot be posted again.
Consent to create an image will not be a defense.
Exempt from prosecution are good faith disclosures or those made for lawful purposes, such as legal proceedings, reporting unlawful conduct, law enforcement investigations and medical treatment.
What Online Platforms are Covered Under the Take It Down Act?
Covered Platforms include any website, online service, application, or mobile app that that serves the public and either: (i) provides a forum for user-generated content (e.g., videos, images, messages, games, or audio), or (ii) in the ordinary course of business, regularly publishes, curates,
Topics
Archives
About This Blog and Hinch Newman’s Advertising + Marketing Practice
Hinch Newman LLP’s advertising and marketing practice includes successfully resolving some of the highest-profile Federal Trade Commission (FTC) and state attorneys general digital advertising and telemarketing investigations and enforcement actions. The firm possesses superior knowledge and deep legal experience in the areas of advertising, marketing, lead generation, promotions, e-commerce, privacy and intellectual property law. Through these advertising and marketing law updates, Hinch Newman provides commentary, news and analysis on issues and trends concerning developments of interest to digital marketers, including FTC and state attorneys general advertising compliance, civil investigative demands (CIDs), and administrative/judicial process. This blog is sponsored by Hinch Newman LLP.