ACCESS Act of 2025
The ACCESS Act of 2025, introduced in the Senate by Mr. Warner (with Mr. Hawley and Mr. Blumenthal as co-sponsors), aims to promote competition and reduce consumer switching costs in online communications by requiring large platforms to open up two core capabilities: data portability and interoperability. Under the bill, large communications platform providers would have to offer third-party interfaces to transfer user data to a user or to a competing provider, and to maintain interoperable interfaces so that competing services can work with the large platform. The measure also creates a framework for custodial third-party agents—trusted intermediaries that users can authorize to manage their online interactions on a platform—while giving the FTC authority to regulate, enforce, and set standards through regulations and collaboration with standards bodies (notably the National Institute of Standards and Technology). The goal is to lower barriers to entry for competing services, empower consumers to switch providers more easily, and establish open standards to support interoperable online communications. The bill would be enforced by the FTC as an unfair or deceptive practice, with a framework for complaints, compliance assessments, and penalties. It includes exemptions for services that do not monetize user data, and it sets out a path toward open technical standards for popular classes of services (online messaging, multimedia sharing, and social networking). Implementation would occur through FTC regulations and agency rules within a defined timeframe, with a transition to effective date once implementing regulations are in place.
Key Points
- 1Portability of user data: Large platform providers must maintain third-party–accessible interfaces (including APIs) to enable secure transfer of user data to a user or to a competing provider in a structured, machine-readable format. Competing providers must securely handle any data they receive.
- 2Interoperability obligations: Large platform providers must maintain interoperable interfaces to allow technically compatible communication with users of competing providers. This includes nondiscrimination, reasonable thresholds and fees for access, advance notice of changes, and privacy/security standards. Providers may not materially undermine interoperability or charge excessive fees beyond cost, complexity, and risk.
- 3Functional equivalence and disclosure: Large platforms must offer functionally equivalent interfaces for interoperability and disclose complete documentation of access to the interoperability interface within 120 days of enactment. Documentation is limited to necessary interface details and not source code. Changes that undermine interoperability require advance notice.
- 4Custodial third-party agents: Users can delegate a custodial third-party agent to manage their interactions, content, and account settings on a platform. The FTC will set authentication rules to verify user requests, require registration of custodial agents, and provide a process to deregister or revoke access for agents that misuse access. Agents must protect user privacy, avoid conflicts of interest, and not use data for their own commercial benefit.
- 5Implementation, standards, and enforcement: The FTC must issue implementing regulations within about a year, establish authentication procedures, and work with the National Institute of Standards and Technology to publish model technical standards for popular classes of services (online messaging, multimedia sharing, social networking). The FTC will assess compliance, handle complaints, and enforce the Act as unfair or deceptive practices, with a presumption of fair, reasonable, and nondiscriminatory terms for open-standard interoperability. The Act preempts inconsistent state law and becomes effective when FTC regulations are issued.