MAIN Event Ticketing Act
The MAIN Event Ticketing Act (H.R. 2713) aims to curb automated “bot” purchases and strengthen protections around online ticket sales. Building on the Better Online Ticket Sales Act of 2016 (BOTSA), the bill expands prohibitions on using automated applications to bypass posted ticket-purchasing rules, and it imposes new duties on ticket issuers to enforce purchase limits and bolster site security. It requires issuers to implement safeguards, report circumvention incidents to the Federal Trade Commission (FTC), and coordinate with law enforcement. The bill also creates civil penalties for violations, grants the FTC enforcement authority to pursue actions in federal court, and establishes a consumer complaint portal. It directs ongoing cooperation with prosecutors and law enforcement and requires a congressional report on enforcement actions within a year of enactment. In plain terms, the bill seeks to make it harder for scalpers and others to buy large numbers of event tickets with bots, while mandating stronger security, reporting, and enforcement mechanisms to protect consumers and ensure fairer access to tickets.
Key Points
- 1Expanded prohibition on bots: Prohibits using or enabling applications that automatically purchase tickets in circumvention of posted online purchasing rules, including bypassing access controls and other security measures.
- 2Mandatory site policies and safeguards: Ticket issuers must enforce posted purchase limits, and establish and maintain reasonable security safeguards (administrative, technical, and physical) for their websites or services. They must account for issuer size, activity, data sensitivity, and foreseeable risks, and apply safeguards to third parties/service providers through contract, oversight, and ongoing updates.
- 3Incident reporting and consumer complaints: Issuers must report known circumvention incidents to the FTC. The FTC must create (or modify an existing) public portal within 180 days for consumers to report violations. Issuers must report incidents within a reasonable time, no later than 30 days after discovery, and the FTC may automate submissions and share reports with state attorneys general.
- 4Enforcement and penalties: The FTC can bring civil actions for violations, with penalties including not less than $10,000 per day of violation plus at least $1,000 per violation, and heightened penalties for intentional violations. The FTC has primary, exclusive authority to prosecute these actions.
- 5Law enforcement coordination and guidance: The bill requires coordination between the FTC and federal/state/local law enforcement (including the FBI and DOJ) on cyberattack information related to ticketing systems. It also requires the FTC to publish guidance to help issuers comply with the law within a year of enactment.
- 6Definitions and reporting to Congress: Adds a definition of “circumvention” and requires a congressional report within one year detailing enforcement actions and limitations in pursuing circumvention cases.