Compliance Glossary

Key terms and concepts in consumer protection compliance

A

Analysis Layer

ComplyGuard uses a two-layer analysis system. Layer 1 (Rule Engine) checks for structural patterns like missing policy pages, keyword absence, and known risky configurations. Layer 2 (AI Analysis, paid tiers) uses Claude AI to read your actual page content in context and identify nuanced issues that pattern matching alone would miss.

Attorney General (AG) Enforcement

The power of a state's Attorney General to investigate and take legal action against businesses that violate consumer protection laws. AG enforcement actions can result in injunctions, civil penalties, consumer restitution, and consent decrees. AGs often target practices that affect large numbers of consumers.

Automatic Renewal / Negative Option

A subscription practice where a consumer is automatically charged for a renewal unless they take affirmative action to cancel. Many states (especially California under ARL) require clear disclosure of automatic renewal terms, affirmative consent before enrollment, and easy cancellation mechanisms. The FTC's "Click-to-Cancel" rule also addresses this at the federal level.

C

CalOPPA

The California Online Privacy Protection Act (Cal. Bus. & Prof. Code § 22575). One of the broadest online privacy laws in the U.S. — it applies to any commercial website or online service that collects personal information from California residents, with no revenue or data-volume threshold. This makes it effectively universal for any e-commerce site. CalOPPA requires a conspicuously posted privacy policy describing what information is collected, how it is shared, and how users can review or request changes.

CCPA/CPRA

The California Consumer Privacy Act (2018) and its amendment, the California Privacy Rights Act (2020), codified at Cal. Civ. Code §§ 1798.100–1798.199. These laws give California consumers the right to know what personal data is collected, request its deletion, opt out of its sale, and not be discriminated against for exercising these rights. Unlike CalOPPA, the CCPA/CPRA has threshold requirements: it applies to businesses with annual revenue over $25 million, that handle data of 100,000+ consumers, or that derive 50%+ of revenue from selling personal data.

Class Action

A lawsuit filed by one or more individuals on behalf of a larger group ("class") who were similarly affected by the same business practice. In consumer protection, class actions can arise when a company's deceptive practice affects thousands of customers. Some states restrict class actions under their CPA.

Click-to-Cancel

An FTC rule (amendments to 16 C.F.R. Part 425) requiring that businesses make it as easy to cancel a subscription or recurring charge as it was to sign up. If a consumer enrolled online, they must be able to cancel online — without being required to call, chat, or navigate retention offers. The rule also requires clear pre-purchase disclosure of material terms and express informed consent before charging.

Compliance Score

A ComplyGuard metric (0–100) that reflects how well your website's publicly visible content and business practices align with the consumer protection laws in your selected operating states. The score is based on rule-engine and AI analysis of your crawled pages and questionnaire responses. It is an informational tool, not a legal certification.

CPA

Consumer Protection Act. The general name for state-level consumer protection statutes. Each state's CPA defines prohibited practices (deceptive pricing, false advertising, etc.) and the remedies available to consumers, which may include actual damages, statutory damages, attorney fees, and sometimes treble damages.

D

Dark Pattern

A user interface design choice that manipulates or deceives consumers into making unintended decisions — such as signing up for recurring charges, sharing personal data, or making it difficult to cancel a subscription. Examples include pre-checked consent boxes, confusing double negatives, hidden cancellation flows, and "confirm-shaming" (e.g., "No thanks, I don't want to save money"). The FTC and multiple states increasingly treat dark patterns as deceptive practices under UDAP and subscription laws.

Drip Pricing

A pricing strategy where mandatory fees are disclosed incrementally during the checkout process rather than included in the advertised price. Examples include processing fees, handling charges, and service fees added at checkout. The FTC and many states consider undisclosed drip pricing a deceptive practice.

E

Express Warranty

A specific promise or guarantee made by the seller about a product's quality, features, or performance. Express warranties can be created by written statements, descriptions, samples, or models. Once made, they are legally binding and cannot be disclaimed.

F

FTC Act

The Federal Trade Commission Act (15 U.S.C. § 45) prohibits "unfair or deceptive acts or practices in or affecting commerce" at the federal level. The FTC enforces this act and issues regulations that apply to all businesses operating in the United States. State UDAP laws are often modeled on the FTC Act.

I

Implied Warranty

A legally imposed warranty that exists automatically when goods are sold, even if the seller makes no explicit warranty promises. The most common is the implied warranty of merchantability — a guarantee that goods are fit for ordinary use. Under the UCC and the Magnuson-Moss Act, sellers cannot easily disclaim implied warranties, especially in consumer transactions.

M

Magnuson-Moss Warranty Act

A federal law (15 U.S.C. §§ 2301–2312) that governs consumer product warranties. It requires that written warranties be clearly disclosed, prohibits "tying" (requiring consumers to use specific service providers), and limits the ability of sellers to disclaim implied warranties when offering express warranties. Violations can result in consumer lawsuits and FTC enforcement.

P

Pre-Suit Notice

A requirement in some state CPAs that consumers must notify the business of the alleged violation and give them a chance to cure (fix) it before filing a lawsuit. Pre-suit notice requirements can significantly reduce litigation risk because many claims are resolved during the cure period.

Private Right of Action

A legal provision that allows individual consumers (not just the government) to file lawsuits against businesses that violate consumer protection laws. States with a private right of action tend to generate more litigation risk for businesses. Not all states provide this right — some limit enforcement to the Attorney General's office.

R

Restocking Fee

A charge deducted from a consumer's refund when they return a product. Several states regulate restocking fees: some require that the fee be clearly disclosed before purchase, some cap the percentage (commonly 10–20%), and some prohibit them entirely for certain product types. Failure to disclose a restocking fee before the transaction can trigger UDAP violations or give consumers the right to a full refund regardless of the seller's policy.

ROSCA

The Restore Online Shoppers' Confidence Act (15 U.S.C. §§ 8401–8405). A federal law that prohibits charging consumers for goods or services through negative option features unless the seller clearly discloses material terms, obtains informed consent, and provides simple cancellation mechanisms.

S

Statute of Limitations

The maximum time period after an event within which legal proceedings may be initiated. For consumer protection claims, this varies by state — typically 1 to 6 years from the date of the violation or discovery of the harm. After the statute of limitations expires, claims are generally barred.

Strike-Through Pricing

A pricing display technique where the original or "regular" price is shown with a line through it next to a lower sale price (e.g., ~~$99.99~~ $49.99). Many states regulate this practice, requiring that the reference price be genuine — typically the actual price at which the item was offered for sale for a meaningful period. Inflating the reference price to make the discount appear larger is a common UDAP violation.

T

Treble Damages

A legal remedy where the court awards three times the actual damages suffered by the consumer. Many state consumer protection statutes authorize treble damages for willful or knowing violations. For example, if a deceptive practice caused $1,000 in harm, treble damages would award $3,000. This makes even small violations expensive.

U

UDAP

Unfair or Deceptive Acts or Practices. A legal framework used by state attorneys general and the FTC to prohibit businesses from engaging in conduct that is unfair, deceptive, or abusive to consumers. Every U.S. state has its own UDAP statute, sometimes called a "little FTC Act."