Sponsors
The bill aims to protect consumers and honest sellers by stopping automated circumvention and scalping and centralizing enforcement, but it increases legal risk and uncertainty for small sellers and may chill legitimate security research, interoperability, and accessibility work.
Consumers and legitimate online retailers gain fairer access to limited-quantity goods (e.g., concert tickets, limited releases) because the bill prohibits automated circumvention and scalping techniques that deplete inventory and inflate resale prices.
Consumers and state governments get a clearer federal enforcement pathway because the FTC is given centralized authority to pursue circumvention cases, which can increase consistency of enforcement and remedies across states.
Security researchers, defensive vendors, and tech workers retain ability to perform legitimate security research and develop defensive tools due to explicit exemptions for bona fide research and investigative uses.
Security researchers, penetration testers, and developers may face a chilling effect because vague or narrow exemptions and broad anti-circumvention language could create legal uncertainty about permissible research and interoperability activities.
Small online sellers and resellers face increased compliance costs, civil liability, and enforcement risk (including for unknowingly selling diverted goods), raising the cost and legal exposure of low-margin sellers.
Expanded state enforcement authority (parens patriae) and overlapping federal remedies could lead to parallel litigation, uneven enforcement, and higher legal costs for defendants and businesses operating across states.
Based on analysis of 2 sections of legislative text.
Makes it illegal to bypass online controls that enforce purchase limits or manage inventory and to sell items obtained that way, with FTC and state enforcement.
Introduced December 17, 2025 by Paul Tonko · Last progress December 17, 2025
Makes it unlawful to bypass technological controls on websites or online services that enforce posted purchasing limits or manage inventory, and bars selling products obtained by that bypass when the seller participated in or knew (or should have known) about the circumvention. The bill creates exceptions for systems used to investigate or enforce the law and for bona fide security research that advances computer security. Enforcement is handled by the Federal Trade Commission by treating violations as unfair or deceptive acts or practices under the FTC Act, with the FTC given its usual enforcement powers and penalties; States are also given parens patriae authority to bring actions under specified notice, intervention, and procedural rules.