From one-click checkouts to autofilled payment fields, the modern payment experience is built on convenience. Consumers have come to expect that apps, websites, and even their mobile devices will seamlessly store and deploy their payment credentials with minimal friction. But beneath this ease lies a growing legal tension, particularly in subscriptions and automatic renewals programs, where sales and marketing laws require clear disclosures before obtaining the consumer’s billing information.
Link to ROSCA Compliance and Subscription Disclosure Timing ROSCA Compliance and Subscription Disclosure Timing
The Federal Trade Commission’s (FTC) lawsuit against Uber Technologies illustrates how this tension plays out in practice. The case focuses on Uber’s “Uber One” subscription program and how subscription enrollment is embedded within an app ecosystem where users have already stored payment credentials for one-off transactions. Under the Restore Online Shoppers’ Confidence Act (ROSCA), material subscription terms must be disclosed before obtaining consumers’ billing information.
In denying Uber’s motion to dismiss, the U.S. District Court for the Northern District of California rejected Uber’s argument that ROSCA’s requirements were satisfied because consumers could use autofilled billing information already on file. Instead, the court signaled that the sequencing matters: disclosures must come before the use of billing information, not alongside or after it.
Link to How the FTC Uber Lawsuit Shapes Compliance How the FTC Uber Lawsuit Shapes Compliance
The decision builds on prior cases emphasizing that ROSCA is not just about whether disclosures exist, but when and how they are presented. The court pointed to allegations that Uber displayed subscription terms on the same screen that authorized charges to a preexisting payment method and suggested that this “simultaneous” presentation may be insufficient unless companies take additional measures to strengthen disclosures and consent.
The decision does not go so far as to prohibit the use of stored payment credentials in subscription enrollments. But it reinforces the narrow and important point that timing is critical. The Uber case follows a similar ruling in the Western District of Washington, where the court held that presenting disclosures at the same time as obtaining consent to use stored payment information was insufficient under ROSCA.
Drawing on that precedent, the Uber court emphasized that showing subscription terms on the same screen that authorizes charges to a preexisting payment method may not meet the statute’s requirements. At the same time, the court suggested a possible path forward, noting that the analysis “might be different” if consumers were given a clear opportunity to affirmatively opt in to using stored payment credentials after reviewing the required disclosures.
Link to Designing Lower-Risk Subscription Enrollment Flows Designing Lower-Risk Subscription Enrollment Flows
- Provide Disclosures Early and Before the Payment Is Selected. It is increasingly risky to present material terms while a pre-selected or default payment method is being used
- Affirmative Choice Matters. A separate step that asks consumers to confirm or select their payment method after reviewing disclosures might reduce risk. The issue seems to turn on whether consumers are given a meaningful opportunity to review disclosures before those credentials are used
- Context Matters. Courts are paying attention to the broader user experience, particularly where subscription offers are embedded in flows designed for one-time transactions
These steps can reduce risk but considering courts’ extreme scrutiny and hypertextual reading of the law, any use of stored payment information to enroll someone in a subscription presents risk. And companies should be prepared to apply these requirements to upsells and reactivations
Learn more by checking out a recent webinar presented by Venable’s Autorenewal Solutions Team (VAST).
Link to The Bottom Line The Bottom Line
The decision makes clear that convenience features cannot override ROSCA’s sequencing requirements. The use of stored payment credentials remains permissible, but only if the enrollment flow ensures that consumers see—and have a real opportunity to act on—material terms before those credentials are used.
As enforcement and private litigation continue to focus on subscription practices, companies should review their sign-up flows with particular attention to timing, not just disclosure content.
For more insights into advertising law, bookmark the All About Advertising Law blog and subscribe to our monthly newsletter. To learn more about Venable’s Advertising Law services, click here. And download the newly released 14th edition of Venable’s Advertising Law Tool Kit, which helps marketing teams navigate their organization’s legal risk.