ACCESS Act of 2025
- Bill Number
- S. 1634
- Origin Chamber
- Senate
- Congress
- 119th Congress, Session 1
- Policy Area
- Commerce
- Status
- Introduced
- Latest Action
- 2025-05-07: Read twice and referred to the Committee on Commerce, Science, and Transportation.
- Last Updated
- 2025-06-09T14:43:18Z
AI-Generated Summary
Purpose
The ACCESS Act of 2025 aims to boost competition among online communications services by making it easier for users to switch between platforms and for smaller services to connect with larger ones. It focuses on reducing barriers like data lock-in, where users find it hard to move their information or interactions to another service.
Key Provisions
- Definitions:
- A "large communications platform" is a service (like social media or messaging apps) with over 100 million monthly active users in the U.S. that makes money from collecting, processing, selling, or sharing user data (personal information linked to an individual, excluding anonymized data).
- Other terms include "communications provider" (companies offering consumer-facing online services), "competing communications provider" (rivals offering similar services), and "custodial third-party agent" (authorized helpers managing a user's account).
- Portability (Section 3): Large platform providers must create secure, accessible tools (like application programming interfaces, or APIs—software bridges for data exchange) to let users or their chosen competitors transfer user data in a standard, easy-to-use digital format. Competitors receiving data must keep it secure. This does not apply to free services that don't monetize user data.
- Interoperability (Section 4): Large providers must maintain APIs for seamless communication between their platform and competitors' services (e.g., allowing messages to flow between apps). Key duties include:
- Offering access on fair, reasonable, and non-discriminatory terms, with possible fees for heavy usage that are proportional to costs.
- Providing "functional equivalence" (same level of features for competitors as for their own services).
- Sharing clear documentation on APIs within 120 days of enactment, with advance notice of changes.
- Prohibiting changes that block or weaken competitors.
- Banning both large providers and competitors from using data from these connections for anything but security, privacy, or maintaining compatibility.
- Exemption for non-monetized services.
- Delegatability (Section 5): Users can appoint third-party agents to manage their accounts (e.g., handling posts or settings). Providers must allow this via accessible APIs on equal terms with users. Agents must register with the Federal Trade Commission (FTC), follow security rules, and avoid harming users or profiting from their data. The FTC sets verification rules, and providers can block unregistered or abusive agents. Agents can charge users fees.
- Implementation and Enforcement (Section 6):
- The FTC must issue rules within one year for privacy standards, authentication, agent registration, and complaints.
- The National Institute of Standards and Technology (NIST) develops model standards for common services like messaging and social networking within 180 days.
- The FTC assesses compliance, handles complaints from users/providers/agents, and enforces via existing FTC powers (treating violations as unfair/deceptive practices, with fines per affected user).
- Using open standards (from NIST) creates a presumption of fair access.
- Preempts conflicting state laws; effective once FTC rules are issued.
- Relation to Other Laws (Section 7): Does not override key federal privacy laws (e.g., Privacy Act, HIPAA, COPPA), ensuring compatibility with existing protections.
Significant Changes to Existing Law
This bill introduces mandatory requirements for large online platforms to enable data portability and interoperability, which are not explicitly required under current U.S. antitrust laws (like the Sherman Act) or privacy rules (like those from the FTC). It expands on voluntary industry practices and EU-inspired data rules (e.g., GDPR's portability right) by enforcing technical openness in the U.S., while tying enforcement to the FTC Act for broader reach, including over some nonprofits and telecom carriers.
Potential Impacts
- On Citizens: Users gain easier control over their data, simplifying switches to new services and potentially leading to more choices, innovation, and lower costs. It empowers third-party tools for account management without forcing users to stay locked in.
- On Government Agencies: The FTC gets expanded enforcement tools and responsibilities, including rulemaking and compliance checks, which could increase its workload and budget needs. NIST supports by creating technical guidelines.
- On Businesses: Large platforms (e.g., Facebook, X/Twitter) face new compliance costs for APIs and documentation but may benefit from clearer rules. Smaller competitors get better market access, fostering growth. Third-party agents emerge as a new service sector.
- On International Relations: Minimal direct impact, though it aligns U.S. policy with global trends toward open digital markets, potentially influencing trade talks on tech standards.
Main Stakeholders Affected
- Large Communications Platform Providers: Bear primary compliance burdens (e.g., Meta, Google, potentially Apple or Microsoft services).
- Competing Communications Providers: Benefit from access but must secure data (e.g., emerging apps or niche networks).
- Users: Core beneficiaries through easier portability and delegation.
- Custodial Third-Party Agents: New entities (e.g., privacy tools or account managers) that must register and adhere to rules.
- Federal Agencies: FTC (enforcement lead) and NIST (standards developer).
- Consumers and Innovators: Indirectly affected via increased competition in online services.
Notable Legal, Constitutional, or Political Implications
- Legal: Strengthens FTC authority over big tech without creating a new agency, using "unfair or deceptive" standards for violations (fines could be substantial, calculated per user). Preemption of state laws may limit local innovations but ensures national uniformity. Preserves existing privacy laws, avoiding conflicts.
- Constitutional: Could raise First Amendment concerns if API mandates are seen as compelling speech (e.g., sharing interface details), or Fifth Amendment issues over property in user data, though the bill emphasizes user-directed access to mitigate this. No direct challenges noted in the text.
- Political: Bipartisan support (introduced by Sens. Warner, Hawley, Blumenthal) signals cross-aisle concern over tech monopolies. It promotes competition without breaking up companies, potentially appealing to both pro-regulation Democrats and antitrust-focused Republicans, but may face industry lobbying over implementation costs and innovation risks.
This summary was generated by AI and may contain inaccuracies. Refer to the official source document for the authoritative text.
Sponsor
Cosponsors (2)
Sen. Hawley, Josh [R-MO], Sen. Blumenthal, Richard [D-CT]
Recent Actions
- 2025-05-07: Read twice and referred to the Committee on Commerce, Science, and Transportation.
- 2025-05-07: Introduced in Senate
Bill Versions
- Augmenting Compatibility and Competition by Enabling Service Switching Act of 2025 — issued 2025-05-07 — PDF (17 pages)