Richard Newman
Effective July 31, 2025, the Minnesota Consumer Data Privacy Act governs the manner by which the personal data of Minnesota residents is handled.
Who Does the Minnesota Consumer Data Privacy Act Apply To?
The MCDPA applies to entities doing business in Minnesota or produce products or services that are targeted to residents of Minnesota, and that satisfy one or more of the following threshold:
- Dduring a calendar year, controls or processes personal data of 100,000 consumers or more, excluding personal data controlled or processed solely for the purpose of completing a payment transaction; or
- derives over 25 percent of gross revenue from the sale of personal data and processes or controls personal data of 25,000 consumers or more.
What is a “Controller” and What are a Controller’s Obligations?
A “Controller” means the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data.
The MCDPA obligates controllers to provide consumers with a clear and accessible privacy notice that sets forth the categories of personal data being processed and the purposes for that the data will be processed for. The privacy notice must also set forth the categories of personal data sold or shared with third-parties, identify the third-parties, explain how consumers may exercise their privacy rights, set forth the controller’s contact information, and describe the controller’s personal data retention policy. Notably, controllers are expressly restricted to the collection of personal data that is “adequate,
On June 16, 2025 the Federal Trade Commission announced that U.K.-based payment processor, Paddle.com Market Limited, and its subsidiary, Paddle.com, Inc., will pay $5 million and be permanently banned from processing payments for tech-support telemarketers. The foregoing is in settlemetn of a Federal Trade Commission action alleging that Paddle abused the U.S. credit-card system and enabled deceptive foreign operators to access it, costing consumers millions of dollars.
According to the complaint, the FTC alleged that Paddle and its subsidiary processed payments for deceptive tech-support schemes that targeted U.S. consumers including older adults.
“Paddle provided foreign-based tech-support schemes with access to the U.S. payment system, allowing these companies to harm consumers,” said FTC lawyer Christopher Mufarrige, Director of the FTC’s Bureau of Consumer Protection. “The FTC will hold accountable payment companies that knowingly facilitate payments for scammers or look the other way when faced with red flags about their clients’ conduct.”
The complaint charges that: (i) Paddle allegedly opened merchant accounts claiming to be a “merchant of record” or software “reseller,” then allegedly used these accounts to process card payments on behalf of numerous, unrelated third-party merchants; (ii) Paddle allegedly enabled overseas schemes to access the credit card system and collect payments from U.S. consumers, and to allegedly evade detection by merchant banks and card networks; (iii) Paddle allegedly facilitated schemes, like Restoro-Reimage, that allegedly used fake virus alerts and pop-up messages to impersonate familiar brands,
On May 6, 2025, New York Attorney General Letitia James announced that the agency secured more than $3.2 million from eight Nissan dealerships in New York City, the Hudson Valley and on Long Island – Action Nissan, Bay Ridge Nissan, Legend Nissan, Garden City Nissan, Huntington Nissan, Rockaway Nissan, Smithtown Nissan, and Teddy Nissan – for allegedly overcharging more than 1,700 New Yorkers that purportedly wanted to purchase their leased vehicles at the end of their lease term.
An investigation by the Office of the Attorney General allegedly found that these dealerships added junk fees or falsified the price of leased vehicles that customers wanted to buy when their lease ended, purportedly forcing them to pay higher costs.
Attorney General James has now stopped deceptive practices at 15 Nissan dealerships and recovered more than $1 million in penalties and $4.5 million in restitution for more than 2,800 New Yorkers, according to the announcement.
“Buying a car is a major financial decision, and no one should have to worry about dealers using illegal junk fees to drive up the price,” said Attorney General James. Attorney General James also stated that “[t]hese car dealers misled their customers with bogus fees and other costs to cheat them out of their hard-earned money. My office’s investigation will put money back in the pockets of defrauded New Yorkers and require these dealers to steer clear of violating our laws and deceiving consumers,” according to Attorney General James.
On May 19, 2025, President Donald Trump signed into law the Take It Down Act (S.146). The federal legislation criminalizes the publication of non-consensual intimate imagery and AI-generated pornography. It comes following approximately forty states already enacting legislation targeting online abuse.
What are the Take It Down Act’s Requirements?
The federal Take It Down Act creates civil and criminal penalties for knowingly publishing or threatening to share non-consensual intimate imagery and computer-generated intimate images that depict real, identifiable individuals. If the victim is an adult, violators face up to two years in prison. If a minor, up to three years.
Social media platforms, online forums, hosting services and other tech companies that facilitate user-generated content are required to remove covered content within forty-eight hours of request and implement reasonable measures to ensure that the unlawful content cannot be posted again.
Consent to create an image will not be a defense.
Exempt from prosecution are good faith disclosures or those made for lawful purposes, such as legal proceedings, reporting unlawful conduct, law enforcement investigations and medical treatment.
What Online Platforms are Covered Under the Take It Down Act?
Covered Platforms include any website, online service, application, or mobile app that that serves the public and either: (i) provides a forum for user-generated content (e.g., videos, images, messages, games, or audio), or (ii) in the ordinary course of business, regularly publishes, curates,
In March 2025, Office of the Attorney General for the State of New York introduced the Fostering Affordability and Integrity Through Reasonable (“FAIR”) Business Practices Act in the State Senate and State Assembly. The proposed legislation is intended to revise Article 22-A of New York’s General Business Law.
The FAIR Act is designed to expand and strengthen consumer and small business protections, in part, by amending New York’s General Business Law §349 to also cover “unfair” and “abusive” practices, rather than just “deceptive” practices. Many other states have already enacted UDAP statutes. The bill may foreshadow what is to come from numerous state consumer protection enforcers as federal consumer protection enforcement is being rolled back and policy under the current administration remains uncertain.
As drafted, the program bill would provide the New York Attorney General and private plaintiffs the ability to seek enhanced civil penalties and restitution in amounts significantly more than available statutory damages pursuant to New York General Business Law Section 349. The FAIR Act would significantly increase statutory damages available under GBL §349 from $50 to $1,000, and permit recovery of actual and punitive damages. Penalties for unfair, deceptive or abusive practices could potentially include penalties of up to $5,000, per violation. Knowing or willful violations could result in penalties totaling the greater of $15,000 or three times the amount of restitution, per violation. Prevailing plaintiffs in private actions would also be permitted to recover attorneys’ fees and costs.
In New England Country Foods, LLC v. VanLaw Food Products, Inc., the California Supreme Court recently held that California Civil Code section 1668 prohibits contractual limitation of liability clauses that limit liability for harm caused by intentional misconduct.
In pertinent part, Section 1668 provides:
“All contracts which have for their object, directly or indirectly, to exempt anyone from responsibility for his own fraud, or willful injury to the person or property of another, or violation of law, whether willful or negligent, are against the policy of the law.”
Manufacturer VanLaw was sued by a barbecue sauce company that it provided manufacturing services on behalf of, for for allegedly trying to copy its barbecue sauce and sell it to Trader Joe’s. New England Country Foods’ claims sounded both in contract and tort. In response, VanLaw argued that a contract between the parties limited damages for injuries caused by intentional actions and were therefore against public policy.
In response, the plaintiff asserted that the contractual limitation of liability provision was not enforceable pursuant to California Civil Code Section 1668 because it it permitted the defendant to engaged in intentional tortious conduct with impunity.
The applicable limitation on damages clause stated, in pertinent part:
“In no event will either party be liable for any loss of profits, loss of business, interruption of business, or for any indirect,
On May 9, 2025, the Federal Trade Commission voted to defer the compliance deadline for the amended Negative Option Rule (“Click-to-Cancel”) Rule by sixty (60) days. The amended Rule expands the scope of the prior version to cover any goods or services involving a negative option, automatic renewal plan, free trials and subscriptions. Additionally, it imposes restrictions that in some instances are more onerous that various state automatice renewal laws.
Of note, the recent amendments to the Negative Option Rule (f/k/a “Click-to-Cancel”), which went into effect on January 19, 2025, provide that misrepresenting any material facts while offering any good or service with a negative-option feature is an unfair or deceptive act or practice in violation of Section 5 of the FTC Act. This applies regardless of whether the misrepresentation is related to the negative option feature, or not. This feature of the amended Negative Option Rule already became effective in January 2025. It, as well as other features of the amended Rule, are presently the subject of judicial challenge.
The rest of the amended Rule pertaining to disclosures, consent and cancellation of negative option features were to become effective May 15, 2025. However, the FTC has now deferred enforcement of these provisions through July 2025. Starting then, in the absence of judicial intervention, covered businesses will be required to be in full compliance with the amended Negative Option Rule. .
“But the Commission’s decision to defer enforcement necessarily acknowledged that compliance entailed some level of difficulty,”
As contemplated by FTC defense lawyer in December 2024, the Federal Trade Commission’s operations during the first two months under the second Trump Administration have been chaotic. Unsurprisingly, the policy focus appears to be de-regulation and an enforcement focus on bread-and-butter fraud and deception (for example and without limitation, bogus business opportunity offers, unsubstantiated earnings claims and unlaw debt collection), privacy, telemarketing, big technology moderation and the protection of competition in labor markets.
Last week, President Trump fired the remaining two Democratic commissioners. Both have stated that they believe their termination is unlawful and may challenge the dismissals judicially. Two Republican commissioners remain to make regulatory, investigation and enforcement-related decisions.
The Federal Trade Commission has traditionally been considered an independent agency. However, President Trump recent issued an Executive Order seeking to vest control of various federal agencies and financial regulator within his control, including the FTC. In doing so, the Trump administration seemingly seeks to exert some degree of control over the strategic priorities of the agencies and regulators.
Historically, an FTC commissioner may only be removed by the President for “inefficiency, neglect of duty or malfeasance in office.” In fact, in Humphrey’s Executor v. United States (1935), the Supreme Court ruled that FTC commissioners cannot be removed over policy differences.
Importantly, however, in Selia Law v. CFPB (2019), the Supreme Court held that restricting removal of the Consumer Financial Protection Bureau director to “for cause” only is unconstitutional.
On February 18, 2025, the Federal Trade Commission announced that Chairman Andrew N. Ferguson appointed David Shaw as Principal Deputy Director and Kelse Moen as Deputy Director of the agency’s Bureau of Competition, and Douglas C. Geho as Deputy Director of the Bureau of Consumer Protection.
Shaw is an experienced antitrust lawyer with expertise in high-stakes litigation and contentious merger review. During the first Trump Administration, Shaw served in the Department of Justice’s Antitrust Division in a variety of roles, from the front lines as a trial attorney to the front office as acting chief of staff. As a trial attorney, Shaw served on multiple trial teams, including the first litigated vertical merger challenge in forty years.
While serving in DOJ’s front office, he held a leadership role in the Big Tech investigations and successfully coordinated a bipartisan coalition of state attorneys general joining the DOJ complaint in the Google search monopolization case.
In addition to his government service, Shaw was a partner in the antitrust practice of a large international law firm.
Moen is an experienced antitrust attorney, with a career in both government service and private practice. Most recently, he served as senior counsel to the U.S. Senate Judiciary Committee for Senator Lindsey Graham, where he focused on antitrust, technology, and intellectual property issues, a position that he held until his appointment to the FTC.
Before joining the Judiciary Committee staff, Moen spent nearly a decade practicing antitrust law at major international law firms,
The use of subscriptions models in the digital advertising marketplace has become ubiquitous. So have legal regulatory investigation and enforcement of such ecommerce practices.
It is paramount for those that utilize such models consult with an eCommerce attorney to be informed of the legal implications of subscription-based services, including automatic renewals, trial offers and continuity plans.
Federal ARL Legal Regulations
At the federal level, the Federal Trade Commission enforces, without limitation, the Restore Online Shoppers’ Confidence Act (“ROSCA”). ROSCA compliance is an FTC investigation and enforcement priority. To date, the FTC has initiated approximately 50 ROSCA actions. The largest ROSCA settlement to date is $2.5 billion.
ROSCA prohibits any post-transaction third party seller (a seller who markets goods or services online through an initial merchant after a consumer has initiated a transaction with that merchant) from charging any financial account in an Internet transaction unless it has disclosed clearly all material terms of the transaction and obtained the consumer’s express informed consent to the charge.
“Clear and conspicuous” disclosures are the centerpiece of ROSCA. “All material terms” must be adequately disclosed prior to obtaining the consumer’s billing information. Additionally, a consumer’s expressed informed consent my be obtained prior to charging the consumer’s credit card, debit card, bank account or other financial account for products or services through such transaction. And, a “simple mechanism” for a consumer to stop recurring charges must be provided.
ROSCA violations are aggressively enforced by the FTC or state attorneys general as unfair and deceptive acts and practices.
Topics
Archives
About This Blog and Hinch Newman’s Advertising + Marketing Practice
Hinch Newman LLP’s advertising and marketing practice includes two decades successfully resolving some of the highest-profile Federal Trade Commission (FTC) and state attorneys general digital advertising and telemarketing investigations and enforcement actions. As FTC attorneys, the firm possesses superior compliance knowledge and deep legal advocacy experience in the areas of advertising, marketing, lead generation, promotions, e-commerce, privacy and intellectual property law. It has also been selected to author the Consumer Protection Section of the prestigious American Lawyer Media International Federal Trade Commission: Law, Practice and Procedure Treatise, a comprehensive resource for developments of concern to advertisers, marketers and legal professionals that practice before the Commission. Through these advertising and marketing law updates, Hinch Newman LLP provides commentary, news and analysis on issues and trends concerning developments of interest to digital marketers, including FTC and state attorneys general advertising compliance, civil investigative demands (CIDs), and administrative/ judicial process.