In its first year under the Trump-Vance administration, the Federal Trade Commission (FTC) has aggressively enforced consumer protection and privacy laws and initiated new rulemakings. Although the new rulemaking activity is somewhat surprising in a Republican administration, the FTC has expressed its intent to conduct a more rigorous economic analysis of the effects of any new regulations. Based on the FTC’s activity over the past year, we have identified the issues below as top FTC priorities and provided takeaways for companies to help steer clear of regulatory scrutiny.

Minor Safety

Protecting minors online has emerged as a central FTC priority. The FTC convened an Age Verification Workshop in January 2026, where Chairman Ferguson emphasized the importance of COPPA in promoting families’ well-being. In February 2026, the agency issued a COPPA policy statement encouraging companies to consider the use of age verification technologies. The policy statement provides a safe harbor from COPPA enforcement for companies that are not primarily directed to children under 13 and collect personal information solely for the purpose of age verification. Separately, the agency has brought a number of enforcement actions under COPPA, including a complaint against Sendit for allegedly unlawfully collecting personal data from children and unfairly using fake messages to trick child and teen users into purchasing premium subscriptions, which is currently being litigated, and a settlement against Pornhub for failing to adequately address child sexual abuse material (CSAM). The Pornhub order imposes detailed obligations regarding content moderation, including requirements to prevent the dissemination of CSAM and to remove legacy content until consent can be verified. These actions reflect the FTC’s use of both COPPA and its broader Section 5 authority to address risks to minors, consistent with Ferguson’s statement that protecting children and teens online is a paramount priority.

The FTC is also focused on other practices related to minor safety. For example, the agency is conducting an industry study of AI companion chatbots, reflecting concerns about their potential impact on minors. In addition, this month, the FTC will begin enforcing the TAKE IT DOWN Act, which requires covered platforms to remove nonconsensual intimate images within 48 hours of receiving notice. Together, these actions signal heightened expectations that companies clearly disclose data practices, obtain verifiable parental consent where required, and implement appropriate content moderation and other safeguards to protect minors and children online.

Subscription Practices and Earnings Claims

During the Trump administration, the FTC has brought or settled nearly a dozen cases involving alleged negative option misconduct, including settlements in the range of $5 million to $150 million, signaling that this is one of the top priorities for the Commission on the consumer protection side. The FTC has alleged that these companies have violated the Restore Online Shoppers’ Confidence Act (ROSCA) by failing to clearly and conspicuously disclose the material terms of negative option transactions, get adequate consent before charging consumers, and/or provide simple mechanisms to stop recurring charges. For example, the Commission settled litigation against Amazon for $2.5 billion, requiring, among other things, clear and conspicuous disclosures about all material terms during the Prime enrollment process, such as cost, date and frequency of charges, whether the subscription auto-renews, and cancellation procedures. In addition, the FTC is currently in litigation with several companies over their subscription practices. All of this suggests that the current FTC is seeking even higher monetary relief for ROSCA violations than ever before. At the same time, the FTC is advancing a rulemaking regarding negative option marketing practices. On March 11, 2026, the FTC issued an Advance Notice of Proposed Rulemaking (ANPRM) seeking comment on whether to revise its Negative Option Rule to address modern subscription practices, including automatic renewals and cancellation barriers.

Another area where the FTC has intensified its efforts involves deceptive earnings claims. The agency has brought nearly half a dozen cases alleging earnings claims violations, including cases against Publishing.com and Stormy Wellington. In Publishing.com, the FTC challenged marketing that conveyed that consumers could generate substantial “passive income” from self-publishing, while in Wellington, the FTC focused on deceptive representations used to recruit participants into a multi-level marketing scheme that allegedly overstated typical income earned by participants. These actions underscore the FTC’s focus on ensuring that earnings claims are substantiated.

Pricing Transparency

In line with broader regulatory attention on data-driven pricing practices (e.g., Maryland’s newly enacted Protection From Predatory Pricing Act), the FTC’s focus on pricing transparency is growing. On April 14, 2026, the FTC initiated rulemaking by publishing an ANPRM to examine price transparency in online grocery and food delivery services, including whether consumers are adequately informed of total costs. On March 12, 2026, the FTC initiated rulemaking targeting unfair or deceptive rental housing fees, seeking comment on issues such as undisclosed charges, application fees, security deposits, and billing practices. These efforts build on the FTC’s 2025 Rule on Unfair or Deceptive Fees, which requires businesses in the live-event ticketing and short-term lodging industries to (1) clearly and conspicuously disclose the true total price, including all mandatory fees, in the advertised price; (2) display the total price more prominently than other pricing information; and (3) disclose the nature and amount of excluded allowable fees before consumers consent to pay (e.g., if a business excludes shipping and taxes from the advertised price, that must be disclosed before the consumer pays). Although this rule has only been in effect for a year, the FTC has already brought an enforcement action against Stubhub alleging violations of the rule. Taken together, these rulemakings and enforcement actions demonstrate intensifying scrutiny of price transparency across consumer markets.

Data Brokers and PADFAA

The FTC has also begun enforcing restrictions under the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA). PADFAA prohibits data brokers from selling, licensing, disclosing, or providing access to personally identifiable sensitive data about Americans to countries of concern (i.e., China, Russia, Iran, and North Korea) or entities controlled by those countries. In early 2026, the agency sent warning letters to 13 data brokers for potential non-compliance with PADFAA. These letters highlight increasing FTC scrutiny of data flows and national security risks associated with the data broker ecosystem.

Online Censorship

The FTC has signaled growing scrutiny of how platform and market practices influence what consumers see and access online. In February 2025, the FTC launched an inquiry into whether platforms deny or degrade access based on users’ speech or affiliations. In addition, its action involving major advertising companies focused on alleged coordination that influenced whether certain news and political content could be monetized and shown to consumers. These developments suggest the FTC is placing greater emphasis on platform practices and competitive dynamics that shape the flow of information to consumers.

Key Compliance Takeaways

Companies should expect sustained scrutiny and proactively assess risk across these areas. Here are some key takeaways:

  • If you allow teens on your site or service, consider age assurance technologies. Even if you don’t target children under 13, the FTC’s focus on teen safety (along with increased state regulator scrutiny on this topic) suggests that you may want to consider how you’re going to address any under-18 users on your platform.
  • Review consumer-facing disclosures. For subscription services with a negative option feature, clearly and conspicuously disclose all material terms during the enrollment process, including the total price, date and frequency of charges, auto-renewal terms, and cancellation procedures, and provide a simple cancellation process. For companies in the live-event ticketing or short-term lodging industries, make sure the advertised price includes all mandatory fees, display the total price more prominently than other pricing information, and disclose any fees that are excluded from the total price (e.g., shipping and taxes).
  • Determine whether you disclose personal information to entities located in countries of concern. If you sell, license, disclose, or otherwise provide access to personally identifiable sensitive data about Americans to China, Russia, Iran, or North Korea or entities controlled by them, assess whether your activities are covered by PADFAA and comply accordingly. Note that the DOJ Data Security Program (DSP), which similarly prohibits or restricts certain transfers of sensitive data to countries of concern, uses a much broader concept of “covered data transactions.” See our client alert for more information on the DOJ DSP.
  • Be transparent about content moderation practices. The Pornhub and advertiser actions, combined with the FTC’s inquiry into platform practices, suggest that the FTC is focused on transparency of content moderation practices.
  • Consider filing comments in FTC proceedings if you are affected. The comment period for the ANPRM on online grocery and food delivery pricing remains open until May 18, 2026, so there is still an opportunity to comment on that. Although the other comment periods for the ANPRMs described in this alert are over, ANPRMs are typically followed by NPRMs with a 60-day comment period. Wilson Sonsini can help you prepare and file a public comment.

Wilson Sonsini routinely advises clients on consumer protection issues and represents companies facing regulatory enforcement actions. For more information, please contact Maneesha MithalKelly SingletonAngela Guo, or another member of the firm’s Data, Privacy, and Cybersecurity practice.