Many Software-as-a-Service (“SaaS”) businesses have automatic renewal provisions in their contracts. There are obvious advantages to these provisions, such as reliable cash flow and avoiding the employee, managerial, administrative, and other costs associated with repeated contract renewal negotiations. However, SaaS businesses must be aware of State and federal automatic renewal statutes and their requirements.

The SaaS Lawyers here at Revision Legal recommend that SaaS companies keep abreast of changing laws with respect to automatic service contract renewals and be prepared for quick action if necessary. Further, SaaS businesses should take time to audit their contracts to determine if there are auto-renewal provisions in their contracts, how many, and of what type. If services are being provided to “consumers,” then be aware that the requirements of the auto-renewal statutes are applicable. Finally, SaaS businesses should evaluate whether auto-renewal provisions are necessary and/or optimal and under what circumstances.

Currently, the relevant legal issue is whether SaaS services are being provided to consumers or to businesses. About half of the States have enacted statutes that regulate automatic renewal provisions. Those statutes do not apply to business-to-business (“B2B”) contracts and services. Indeed, some States — such as Illinois — explicitly exclude business-to-business contracts. See 815 ILCS 601/20(c).

However, there is political pressure to expand the application of the protections to B2B circumstances. The argument is that small businesses are, in effect, “consumers” and, thus, deserve protection from unfair and deceptive auto-renewal business practices. But, as noted, some SaaS companies may be providing services to “consumers” — as defined by these statutes — in industries like video gaming and eSports. SaaS businesses must evaluate whether they are providing services to “consumers” and, if so, must ensure that they are in compliance with the statutes.

At the federal level, the relevant regulatory agency is the Federal Trade Commission (“FTC”). Of note in regard to auto-renewals is the FTC’s proposed changes to its Rule with respect to negative options. An auto-renewal provision is deemed a “negative option” in the sense that no action — a negative — is necessary for the contract to continue. The proposed updated Rule would explicitly apply to business-to-business contracts. As of late 2024, the proposed new Rule has not gone into effect.

Complying with auto-renewal laws may not be difficult

While the FTC’s proposed updated Rule and the State-level statutes are different and nuanced, there are some significant similarities. The general idea is that those affected by the auto-renewal provisions must give consent, be given clear disclosures, and be provided with “easy” methods of terminating the auto-renewals. So, under the New York and California regulations, the following is required at minimum:

• Conspicuous — and clear — disclosure/notice of the auto-renewal term
• A mechanism for specifically consenting to the auto-renewal terms
• An easy mechanism — as easy as the mechanism used for consenting — for canceling the auto-renewal

As noted, there are some variations in the statutes. For example, under the Vermont statute, two consents are required — one for the auto-renewal and a separate one for the terms of the auto-renewal. Further, many statutes require some form of Notice before the auto-renewal begins.

State Auto-Renewal Law Requirements: A Detailed Look

Beyond the general framework, the differences between state auto-renewal statutes matter enormously for SaaS compliance programs. California’s Automatic Renewal Law (Cal. Bus. & Prof. Code §§ 17600-17606) is the most comprehensive and has been used aggressively by both the California Attorney General and private plaintiffs. California requires not only conspicuous disclosure before purchase but also that the consumer’s affirmative consent be obtained specifically for the automatic renewal or continuous service offer. For offers with promotional trial periods, the law requires a clear explanation of the price that will be charged when the trial ends.

California also requires that the terms of the automatic renewal or continuous service offer be provided to the consumer in a manner that is capable of being retained by the consumer — meaning the offer must be in the body of an email confirmation, not just on a checkout webpage that the consumer may not see again. Businesses that fail to comply face not only regulatory enforcement but also private right of action, with unsuccessful auto-renewals deemed unconditional gifts that the consumer is not obligated to pay for.

New York amended its Automatic Renewal Law effective February 2024 (N.Y. Gen. Oblig. Law § 5-903). The revised law requires online cancellation mechanisms for any subscription that was entered into online. Easy cancellation means the consumer must be able to cancel using the same means used to subscribe — if a consumer subscribed online with one click, cancellation must be available online with a comparable number of clicks. Importantly, New York’s revised law now applies to B2B contracts for businesses with 250 or fewer employees.

The FTC’s Negative Option Marketing Rule

The FTC’s final updated Negative Option Marketing Rule (16 C.F.R. Part 425) took effect in January 2025. This federal rule imposes uniform disclosure, consent, and cancellation requirements on all negative option marketing, including auto-renewals, free-to-pay conversions, and pre-checked boxes. Importantly, unlike most state statutes, the FTC’s final rule explicitly applies to B2B contracts.

Under the FTC rule, disclosures must be made clearly and conspicuously immediately adjacent to the mechanism for accepting the negative option — not in a separate terms of service document or below the fold. The rule prohibits misrepresenting the material terms of a negative option offer and requires that the cancellation mechanism be simple. The FTC has defined simple through guidance that mirrors the New York requirement: as easy as enrollment.

The FTC has also made clear that it will treat violations of the Negative Option Marketing Rule as unfair or deceptive acts or practices under Section 5 of the FTC Act. Civil penalties for violations can reach $51,744 per violation. The FTC has brought enforcement actions against companies across many industries — from gyms to software providers — and fines and injunctive relief in those cases have been substantial.

Building a Compliant Auto-Renewal Program

SaaS companies that use auto-renewal provisions should build their compliance program around the following core elements:

• Pre-enrollment disclosures — place the key terms of the auto-renewal in direct proximity to the subscribe button; ensure the text meets the statutory clear and conspicuous standard in each state where you have consumers
• Affirmative consent — do not use pre-checked boxes; require the consumer to take a distinct affirmative action to agree to the auto-renewal terms; keep records of when and how consent was obtained
• Confirmation communications — send a confirmation email after enrollment that recaps the auto-renewal terms and explains how to cancel; most statutes require this
• Pre-renewal notice — for contracts with significant price increases or long terms, send advance notice before the renewal date; this is required in several states and strongly recommended as a best practice
• Simple cancellation — ensure online cancellation is available; test the cancellation flow to confirm it takes no more steps than enrollment
• Audit trail — maintain records of disclosures presented, consents obtained, and cancellation requests processed

Contact the SaaS Business Attorneys at Revision Legal

For more information, contact the experienced SaaS Business Lawyers at Revision Legal. You can contact us through the form on this page or call (855) 473-8474.