Skip to Content

Privacy & Data

Best Practices: Online Subscription Upselling

Today, CDT is releasing its final best practices guidance for online subscription upselling—the practice of offering add-on subscription services to consumers while they’re purchasing a separate product. This is an issue that CDT has worked on with industry and consumer advocates for the past couple of years, and we hope that the document we are releasing today will help set norms for how companies market to consumers online.

The Problem

We initially got involved with this issue in 2009, when the Senate Commerce Committee held high profile hearings on the practice of upselling, and state Attorneys General brought actions against a number of companies for aggressive practices.

There was concern, for example, that a consumer purchasing a book from an online vendor might see an offer for an unrelated “shoppers’club membership” from an unknown third party. The consumer might inadvertently click to purchase the subscription service, thinking instead that they were merely completing the checkout for the book. The consumer wouldn’t even be asked to provide payment information to the third party because the original vendor would send it to the upseller in exchange for a cut of the “sale.”

Later, after the consumer realized they had been charged for services they didn’t ask for or want, the subscription vendor might make it difficult to cancel the service or exchange refunds. It was evident that the industry needed clear guidelines around subscription upselling.

Working With Companies

CDT was asked by some companies—most prominently Intelius—to develop clear, strong, industry-wide principles for companies to follow in offering additional services in a fair and transparent way. We held many working group meetings with both industry and consumer advocate representatives over the course of a year to discuss what appropriate protections should be in place to make sure consumers weren’t confused when two unrelated offers were presented to them.

We released a set of draft principles for public comment at the end of 2010. The guidelines were divided into three sections:

  1. How to provide clear notice to consumers about different products;
  2. Prohibiting the transfer of consumer financial information to third-party vendors;
  3. Providing for redress rights for consumers who felt they had been unfairly charged.

Soon after the release of our document, Congress passed Senator Rockefeller’s Restore Online Shoppers’ Confidence Act, which enacted into law the second point we had recommended, the prohibition on financial data pass.

The Need for Best Practices

However, while the original version of the Rockefeller bill contained rules for how to disclose upselling offers to consumers, most of that language was dropped from the final version of the legislation that Congress adopted. Therefore, best practices are still needed and that is why we are issuing this document today.

We strongly believe that companies should look to the best practice recommendations we put forth on how to make sure that consumers clearly understand what they’re agreeing to online and how to treat customers after they’ve purchased subscription services. In addition, we believe that these guidelines will be useful to consumer protection agencies. Earlier this year, we submitted the interim version of this document to the Federal Trade Commission in connection with its review of the 10-year-old Dot Com Disclosures guidance on how to clearly and prominently make disclosures to consumers online.

We appreciate the leadership of Intelius in this effort to define best practices for responsible online marketing.

CDT has previously issued best practice guidance on a range of other issues such as the use of RFID tags, mobile application privacy, and digital signage. We will continue to engage with a broad range of stakeholders to develop innovative, consensus approaches to address emerging consumer privacy and protection issues online.