If your software or subscription business makes it easy to sign up but hard to cancel, 2026 is the year that becomes a legal liability — not just a customer-experience complaint.
Regulators have spent the last two years moving from warnings to lawsuits over what they call “dark patterns”: interface choices designed to trap users in subscriptions they no longer want. The new operating standard is symmetry — canceling has to be as easy as signing up. For SaaS, app, and subscription businesses across Arizona, California, and Texas, that shift changes how your sign-up flow, your terms of service, and your billing practices all need to be built.
This guide explains what the rule requires, how it differs across the three states Accord & Shield serves, what the penalties look like, and the practical steps to get compliant before it costs you. (If you also sell to enterprise customers, it pairs closely with our look at startup contract review for California tech companies.)
What “Click-to-Cancel” Actually Means
The principle is simple to state and surprisingly easy to violate: if a customer can subscribe in one click online, they must be able to cancel in roughly the same number of steps, through the same medium.
Patterns drawing enforcement attention include:
- One-click signup, phone-only cancellation. Subscribe instantly online, but call during business hours — and survive a retention script — to get out.
- Buried cancellation paths. The cancel option hidden several menus deep, or behind hard-to-find links.
- Forced friction. Multiple “are you sure?” screens, mandatory chat sessions, or support tickets that delay cancellation.
- Unclear renewal terms. Auto-renewing without clear, conspicuous disclosure of price, renewal date, and how to stop it.
- Negative-option traps. Free trials that silently convert to paid, or “save 50%” offers that quietly enroll the customer in ongoing charges.
The throughline is intent: design that frustrates the customer’s choice to leave is the target, regardless of how it’s dressed up.
The Federal Backdrop
Subscription practices have long been governed at the federal level by rules targeting negative-option marketing and unfair or deceptive practices — the framework the Federal Trade Commission uses to police auto-renewals, free-trial conversions, and cancellation friction nationwide. The FTC’s “click-to-cancel” rulemaking has had a contested history, so the exact federal requirement in force shifts over time.
What matters for founders is that the federal layer sits on top of state law, not instead of it. Even where a federal rule is in flux, the state automatic-renewal statutes below remain in force — which is why building to the strictest applicable standard is the durable strategy.
How the Three States Compare
Here is where Accord & Shield’s footprint maps directly onto the legal landscape — because the three states the firm serves sit at very different points on the spectrum.
California — the strict standard-setter
California has the country’s most developed and aggressively enforced automatic-renewal regime, anchored by its Automatic Renewal Law (Business & Professions Code §17600 and following). In practical terms, California requires that businesses:
- Present automatic-renewal terms clearly and conspicuously before the customer subscribes;
- Obtain the customer’s affirmative consent to the auto-renewal specifically;
- Provide an easy, online cancellation mechanism for subscriptions entered into online — the original “click-to-cancel” requirement that predates the federal push;
- Send renewal or trial-conversion notices within defined windows for certain offers.
California also gives consumers meaningful remedies, and enforcement has been active. Why this matters even if you are not in California: if your product has California customers — and most subscription businesses do — you are effectively building to California’s standard whether you intended to or not.
Texas — fast-growing market, rising expectations
Texas has become a magnet for software and subscription businesses relocating or expanding, which makes its consumer-subscription rules increasingly relevant. Texas regulates deceptive subscription and cancellation practices primarily through its Deceptive Trade Practices–Consumer Protection Act (DTPA), a broad and powerful consumer-protection tool.
- The DTPA can reach misleading subscription and cancellation practices, and is known for meaningful remedies — which raises the stakes for non-compliant flows.
- Even where Texas’s specific auto-renewal requirements are lighter than California’s, the DTPA backstop means deceptive or obstructive cancellation practices still carry real risk.
The practical takeaway: a Texas business should not assume the lighter statutory framework means lighter exposure.
Arizona — home base, and the consumer-fraud backstop
Arizona does not have California’s elaborate auto-renewal statute, but that does not make subscription practices a free-for-all. The Arizona Consumer Fraud Act broadly prohibits deceptive practices and can reach misleading subscription and cancellation conduct, and the Arizona Attorney General has authority to enforce against it.
- Most importantly, an Arizona business with out-of-state customers is still bound by those customers’ states’ laws — so California’s standard often governs an Arizona company’s nationwide flow.
The honest bottom line for a home-state Arizona founder: your Arizona address does not shield you from California’s rules, and your own state’s consumer-fraud law still reaches genuinely deceptive cancellation design.
Have a subscription flow you’re unsure about?
A short conversation can save a costly mistake. We offer a free 15-minute consultation for software and subscription businesses across Arizona, California, and Texas.
Book a Free Consultation →The Patchwork Problem — and the One Rule That Solves It
There is no single national rulebook that cleanly overrides everything else. Subscription businesses face a patchwork: a federal negative-option layer plus a growing set of state automatic-renewal laws, each with its own wrinkles on disclosure, consent, and reminder notices.
For a founder, the practical implication is counterintuitive but freeing: you generally comply by building to the strictest standard that applies to any meaningful slice of your customer base — in practice, usually California. It is rarely worth engineering different cancellation flows for different states. Build one flow that satisfies the toughest applicable rule, then keep it current as more states adopt their own versions.
This is also why “we copied a competitor’s terms” or “we used a template generator” is such a common source of risk. Those terms may not reflect the states your customers are actually in, and they rarely keep pace with how fast this area changes.
A Quick Anatomy of a “Dark Pattern”
Not every bit of friction is illegal, and not every retention offer is a dark pattern. The line falls where design stops informing the customer and starts obstructing them.
- Probably fine: A single “Are you sure? You’ll lose access on the 14th” screen with a clear “Yes, cancel” button.
- Risky: Three sequential screens, the “cancel” button greyed out for several seconds while “Keep my plan” is highlighted and pre-selected.
- Probably fine: A discount to stay, offered once, with cancellation still one click away.
- Risky: Requiring the customer to decline a series of escalating offers before “cancel” appears at all.
- Probably fine: “Call us to cancel” — if the customer also signed up by phone.
- Risky: “Call us to cancel” when signup happened in two clicks online.
The test is less about any single screen and more about the total experience: could an ordinary customer trying to leave do so without being worn down or tricked into staying?
What the Penalties Actually Look Like
The downside is no longer hypothetical. Exposure generally comes in three forms:
- Regulatory enforcement. Government actions can carry significant per-violation penalties, and because each affected transaction or customer can count as a violation, the numbers scale fast for a business with thousands of subscribers.
- Private lawsuits and class actions. Many automatic-renewal statutes — California’s in particular — support consumer claims, and a non-compliant flow across a large user base is exactly what attracts class actions.
- Refund and restitution exposure. Businesses can be ordered to refund charges collected through non-compliant flows, sometimes across the entire affected customer base.
The common thread: scale cuts against you. The growth that makes a subscription business valuable is what turns a small compliance gap into a large liability, because the same flawed flow touched every customer.
What Compliant Looks Like
You don’t need to make it trivial to cancel — you need to make it symmetrical and honest:
- Match the medium. Online signup means online cancellation — no phone-only escape hatch.
- Match the effort. Cancellation should take comparable steps to signup; ideally completable without contacting support.
- Disclose renewals clearly and conspicuously. Price, interval, and how to cancel — in plain language, before charging.
- Get real consent to auto-renewal. Affirmative agreement to recurring charges, separate from the rest of your terms, with a record the customer saw it.
- Send renewal and trial-conversion reminders where required. Especially for annual plans and free-to-paid conversions.
- Make your terms of service match your actual flow. A TOS that promises easy cancellation while the product does the opposite is the fastest route to liability.
- Keep records. Evidence of what each customer saw and agreed to — disclosures, consent, timestamps — is your best defense.
You’ve read what the rules require — now see where you stand.
Our interactive Subscription Cancellation Compliance Self-Audit walks you through the ten questions regulators and plaintiffs actually look at — in plain language — and shows you, item by item, where your sign-up and cancellation flow may have gaps.
Where the Real Risk Hides: Your Terms of Service
Most founders treat the sign-up button and the terms of service as separate projects. Regulators read them together. If your terms of service describe one cancellation process and your product delivers another, that gap is exactly what an enforcement action or class-action plaintiff points to.
Subscription compliance isn’t just a UX fix — it’s a contract-drafting issue. Your terms of service, auto-renewal disclosures, billing descriptors, and actual cancellation interface all have to tell the same story. It also tends to surface in two moments founders don’t expect: during due diligence when you raise money or sell, and when a payment processor reviews your account. Both check whether your practices match your documentation — and both can stall a deal or freeze revenue if they don’t.
Why Our California Background Shapes How We Advise Across All Three States
This is where Accord & Shield’s perspective is genuinely different. Our founder, attorney Nadine Deeb, served as in-house counsel at a SaaS technology company before founding the firm — sitting on the company side of the table in the environment where automatic-renewal and consumer-subscription law was first tested and toughened.
That matters because California’s rules are the model the rest of the country is following. Understanding where these requirements came from — and how California regulators actually read a sign-up and cancellation flow — is exactly what lets us advise an Arizona or Texas company building a single nationwide flow. You get counsel who understands the strictest standard and the home-state and Texas frameworks your business also lives under.
What Subscription Businesses Should Do Now
If you run a SaaS, app, membership, or recurring-revenue business in Arizona, California, or Texas, a short pre-emptive review is worth far more than it costs:
- Walk your own cancellation flow as a customer would, and time it against signup.
- Pull up your terms of service and check whether they describe what your product actually does.
- Confirm your auto-renewal disclosures are clear, conspicuous, and consented to.
- Map which states your customers are actually in — that determines which rules bind you.
- Check free-trial-to-paid conversions for clear advance disclosure.
- Make sure your billing descriptor and renewal cadence match what the customer agreed to.
Most exposure comes from small, fixable gaps — a phone-only cancellation, a vague renewal clause, a terms-of-service section that no longer matches the product. Inexpensive to correct now; expensive to defend later.
Frequently Asked Questions
I’m based in Arizona or Texas but have customers everywhere. Does California’s law apply to me?
Often, yes. Subscription rules generally follow the customer’s location, so California subscribers can pull your business under California’s standard. Most companies comply by building one flow to the strictest applicable rule.
We let people cancel by emailing support. Is that enough?
It depends on how they signed up. If signup is self-service and online, requiring an email — then routing customers through retention — may not meet the symmetry expectation, especially under California’s rules. Self-service cancellation that mirrors self-service signup is safer.
Are retention offers and “are you sure?” screens illegal now?
Not inherently. A single honest confirmation or one-time discount is generally fine. Risk comes from stacking friction — multiple forced screens, hidden buttons, or making customers decline several offers before cancellation appears.
What about free trials that convert to paid?
These get particular scrutiny. The conversion is a charge the customer must clearly understand and agree to, ideally with a reminder before the first charge. Silent conversions are a frequent source of complaints.
Is fixing this expensive?
Usually far less than the alternative. Most of the work is aligning your terms of service, disclosures, and cancellation interface so they tell a consistent story — a focused review, not a rebuild. The expensive path is waiting for a complaint, an enforcement letter, or a stalled financing.
Have a Subscription or Cancellation Flow to Review?
Whether it’s your terms of service, an auto-renewal disclosure, or your cancellation interface, a focused review protects the company you’re building. We’re licensed across Arizona, California, and Texas.
Book a Free Consultation Call (623) 239-2682