Digital contracts and subscriptions have significantly increased, with the subscription economy tripling since 2017, according to the European Commission’s Digital Fairness Act Fitness Check. However, the Fitness Check points out that the number of issues with digital subscriptions, such as difficult cancellations, automatic renewals without reminders, and unclear subscription terms, have also increased. The Commission proposes to tackle these issues in its proposed Digital Fairness Act (“DFA”), which recently entered its consultation phase (see our blog post here).

This post briefly highlights certain issues with digital subscriptions identified in the Fitness Check, outlines how these issues are currently regulated in the EU, and considers the Fitness Check’s proposals to address these issues. It is the fourth post in our series on the upcoming DFA – previous posts covered influencer marketing, AI chatbots in consumer interactions, and personalised advertising and pricing.

Issue 1: Cancellation difficulties

What is the issue? 69% of consumers consulted as part of the Fitness Check experienced some kind of technical difficulty in cancelling their online contracts. These difficulties took various forms – including deliberate avoidance of cancellations, and websites/apps designed to introduce friction into the cancellation process.

How is it currently regulated in the EU? The EU Consumer Rights Directive (“CRD”) gives consumers a 14-day right of withdrawal—or “cooling-off period”—during which they can cancel online subscription contracts without providing any justification. This period starts when the subscription contract commences, even if it includes a free trial period. Consumers who exercise this right without having used the service may not be charged. If they have used the service, any fees paid should be proportionate to the extent to which they used the service. The CRD requires providers to give clear, unambiguous information on this withdrawal right and the procedure for exercising the right, as well as to acknowledge withdrawal requests promptly. Importantly, the CRD also includes exemptions to the withdrawal right, for example, for digital content subscriptions where the consumer waives their right to withdraw before entering into the contract—common in streaming, gaming, and other digital content services. While the CRD grants only one withdrawal opportunity at the start of the contract—even where a free trial is included—it requires providers to give precise, unambiguous information about contract duration, renewal and termination to consumers upfront.

Additionally, making it unreasonably difficult for consumers to cancel an online subscription may be a prohibited unfair practice under the EU Unfair Commercial Practices Directive (“UCPD”). While the UCPD does not explicitly ban all cancellation barriers, it broadly prohibits misleading and aggressive practices. These include “dark patterns” such as misleading free trials, “confirmshaming” (repeated emotional prompts that unjustifiably pressure consumers to reconsider their choice), and convoluted cancellation processes that hinder consumers’ ability to unsubscribe easily. UCPD guidance emphasises that cancelling should be as easy as subscribing. Separately, the EU Digital Services Act prohibits online platforms, including marketplaces, from using deceptive designs that make cancelling a service more cumbersome than subscribing to it.

In the absence of harmonised EU rules, member states have their own cancellation requirements. For example, Germany mandates a clearly visible, easy-to-use online cancellation button accessible without an account, that enables cancellation within a few clicks. In France and the Netherlands, consumers must be able to cancel their subscriptions using the same channels they used to subscribe.

How might the DFA seek to regulate it? Based on stakeholder feedback from the Fitness Check, the DFA could require clear technical means for cancellation (such as cancellation buttons) in addition to the 14-day right of withdrawal, as well as mandatory confirmations of contract termination. Fitness Check respondents also raised the possibility of an EU-wide rule requiring that online contracts be created and terminated through equivalent means – the DFA could be a vehicle for such a rule.

Issue 2: Automatic renewals

What is the issue? 62% of consumers consulted as part of the Fitness Check experiencedauto-renewals of inactive subscriptions without receiving reminders. The failure to remind consumers of auto-renewals led to 44% of consumers consulted extending their subscription beyond the initial period despite intending to cancel it. 40% of consumers were drawn into “loyalty traps” – situations where, after having initially subscribed for a discounted promotional price, they subsequently experienced high price increases.

How is it currently regulated in the EU? The CRD requires subscription providers to inform consumers whether the contract is automatically renewable and the terms under which it is renewed (e.g., the renewal time periods and the costs per renewal period). Some member states go beyond this in their national laws – for example, in most cases, German law only allows automatic renewal based on a provision in the provider’s general terms and conditions if the contract is renewed for an indefinite period and the consumer is given a notice period of not more than one month within which to cancel.

How might the DFA seek to regulate it? The DFA could draw on suggestions in the Fitness Check to require subscription providers to turn auto-renewals off by default (i.e., only enable auto-renewals where consumers opt-in) and provide reminders prior to auto-renewals.

Issue 3: Free trials

What is the issue? According to the Fitness Check, free trials often convert into paid subscriptions without clear and explicit consumer consent, and consumers are frequently required to provide their payment information upfront. 29% of consumers consulted often had their free trial converted into a paid subscription without realising it. 90% of respondents to the public consultation were required to provide payment details before accessing a free trial.

How is it currently regulated in the EU? Under the CRD, contracts must clearly explain that a payment obligation will follow the free trial period unless the consumer cancels before the trial ends. The Court of Justice of the EU confirmed this in case C‑565/22, stating that traders must clearly inform consumers about when their payment obligations take effect.

How might the DFA seek to regulate it? The DFA could require express consumer consent to convert a free trial into a paid subscription, and enhanced pre-contractual transparency including regarding the total costs and the ongoing nature of the contract. The DFA might also restrict or prohibit providers from obtaining payment details upfront for free trials.

*       *       *

Covington & Burling regularly advises companies on all aspects of EU consumer protection law, as well as intersections with privacy, cybersecurity, and product safety laws. We are happy to assist you with participating in public consultations and more generally with any inquiries related to compliance with EU consumer protection law.

Tags: automatic renewals, cancellation, Digital Fairness Act, Digital Subscriptions, European Commission, Fitness Check, free trials
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Anna Sophia Oberschelp de Meneses Anna Sophia Oberschelp de Meneses

Anna Sophia Oberschelp de Meneses is special counsel in the Data Privacy and Cybersecurity Practice Group.

Anna is a qualified Portuguese lawyer, but is both a native Portuguese and German speaker.

Anna advises companies on European data protection law and helps clients coordinate…

Anna Sophia Oberschelp de Meneses is special counsel in the Data Privacy and Cybersecurity Practice Group.

Anna is a qualified Portuguese lawyer, but is both a native Portuguese and German speaker.

Anna advises companies on European data protection law and helps clients coordinate international data protection law projects.

She has obtained a certificate for “corporate data protection officer” by the German Association for Data Protection and Data Security (“Gesellschaft für Datenschutz und Datensicherheit e.V.”). She is also Certified Information Privacy Professional Europe (CIPPE/EU) by the International Association of Privacy Professionals (IAPP).

Anna also advises companies in the field of EU consumer law and has been closely tracking the developments in this area.

Her extensive language skills allow her to monitor developments and help clients tackle EU Data Privacy, Cybersecurity and Consumer Law issues in various EU and ROW jurisdictions.

Read more about Anna Sophia Oberschelp de MenesesEmailAnna Sophia's Linkedin Profile
Show more Show less
Photo of Jane Pinho Jane Pinho

Jane Pinho co-chairs Covington’s Entertainment and Media Industry Group and is a partner in the Technology and Communications practice and the International Business Reorganization practice. She has advised international streaming services on their content acquisition strategies, on new product launches and global expansions…

Jane Pinho co-chairs Covington’s Entertainment and Media Industry Group and is a partner in the Technology and Communications practice and the International Business Reorganization practice. She has advised international streaming services on their content acquisition strategies, on new product launches and global expansions, and on media regulation and licensing for the past decade.

Jane works with media industry leaders with global operations, including streaming services, video games and interactive entertainment companies, and social media platforms. She has particular experience advising in relation to the creation, acquisition, and distribution of digital content in the UK and Europe, in relation to the multi-territory launch, expansion, monetization and marketing of digital media products and services and in relation to compliance with the UK’s broadcasting, on-demand, video-sharing platform and online safety regimes, representing clients facing regulatory scrutiny. She also has experience advising media and technology companies on UK and EU consumer protection law, including on an investigation by the EU Commission and the Consumer Protection Co-operation Network.

Jane is also a key figure in Covington’s International Business Reorganization practice. She has managed global post-acquisition business reorganizations, pre-sale and pre-spin business separations and tax reorganizations for companies with substantial global footprints for more than a decade.

Read more about Jane PinhoEmail
Show more Show less
Photo of Dan Cooper Dan Cooper

Daniel Cooper is co-chair of Covington’s Data Privacy and Cyber Security Practice, and advises clients on information technology regulatory and policy issues, particularly data protection, consumer protection, AI, and data security matters. He has over 20 years of experience in the field, representing…

Daniel Cooper is co-chair of Covington’s Data Privacy and Cyber Security Practice, and advises clients on information technology regulatory and policy issues, particularly data protection, consumer protection, AI, and data security matters. He has over 20 years of experience in the field, representing clients in regulatory proceedings before privacy authorities in Europe and counseling them on their global compliance and government affairs strategies. Dan regularly lectures on the topic, and was instrumental in drafting the privacy standards applied in professional sport.

According to Chambers UK, his “level of expertise is second to none, but it’s also equally paired with a keen understanding of our business and direction.” It was noted that “he is very good at calibrating and helping to gauge risk.”

Dan is qualified to practice law in the United States, the United Kingdom, Ireland and Belgium. He has also been appointed to the advisory and expert boards of privacy NGOs and agencies, such as the IAPP’s European Advisory Board, Privacy International and the European security agency, ENISA.

Read more about Dan CooperEmail
Show more Show less
Photo of Moritz Hüsch Moritz Hüsch

Moritz Hüsch is partner in Covington’s Frankfurt office and co-chair of Covington’s Technology Industry Group as well as the Artificial Intelligence (AI) and Internet of Things (IoT) Practice Groups. His practice focuses on complex technology- and data-driven licensing deals and cooperations, outsourcing, commercial…

Moritz Hüsch is partner in Covington’s Frankfurt office and co-chair of Covington’s Technology Industry Group as well as the Artificial Intelligence (AI) and Internet of Things (IoT) Practice Groups. His practice focuses on complex technology- and data-driven licensing deals and cooperations, outsourcing, commercial contracts, e-commerce, m-commerce, as well as privacy and cybersecurity.

Moritz is regularly advising on issues and contracts with respect to IoT, AV, big data, digital health, and cloud-related subject matters. In addition, he regularly advises on all IP/IT-related questions in connection with M&A transactions. A particular focus of Moritz’s practice is on advising companies in the pharmaceutical, life sciences and healthcare sectors, where he regularly advises on complex licensing, data protection and IT law issues.

Moritz is regularly listed as one of the best lawyers in the areas of IP, IT, and data protection, among others, by Chambers, Legal 500, Best Lawyers in cooperation with Handelsblatt, and Wirtschaftswoche.

Read more about Moritz HüschEmail
Show more Show less
Matsumoto Ryoko

Ryoko Matsumoto is a global visiting lawyer who attended Kyoto University, Kyoto University Law School, and Stanford Law School.

Email
Photo of Edwin Djabatey Edwin Djabatey

Edwin Djabatey is an associate in the London office. He advises on regulatory and compliance issues within, and at the intersection of, the firm’s financial services, technology, media, trade controls and white collar practices.

Reflecting an increasing trend in regulators looking beyond industry…

Edwin Djabatey is an associate in the London office. He advises on regulatory and compliance issues within, and at the intersection of, the firm’s financial services, technology, media, trade controls and white collar practices.

Reflecting an increasing trend in regulators looking beyond industry remits, Edwin acts on multi-disciplinary and cross-sectoral regulatory compliance matters. For example, he has advised global technology companies on operational resilience requirements imposed by financial services regulators.

Edwin has assisted clients on compliance matters and internal investigations – for instance, in the white collar context, concerning issues such as bribery, corruption, anti-money laundering, and fraud, and in the financial services context, concerning culture, conduct, and whistleblowing. He provides clients in the pharmaceutical, technology and energy industries with UK and EU sanctions and export controls advice. He also has experience advising clients in the technology and media industries on regulatory matters.

Read more about Edwin DjabateyEmail
Show more Show less