> But an administrative law judge later found that the rule's impact surpassed the threshold, observing that compliance costs would exceed $100 million "unless each business used fewer than twenty-three hours of professional services at the lowest end of the spectrum of estimated hourly rates," the 8th Circuit ruling said. Despite the administrative law judge's finding, the FTC did not conduct a preliminary regulatory analysis and instead "proceeded to issue only the final regulatory analysis alongside the final Rule," the judges' panel said.
It says it in the article
1. Not pegged at inflation, so the threshold is continually moving downward. 2. All it takes is a couple of bad actor companies to blow out the threshold. If you take the companies at their word, then you will never get under this threshold. Why trust them?
There are good reasons for it working this way, BTW. The needs of a company with hundreds or thousands of people are different than the needs of hobbyists and early-stage startups.
1. A user experience designer analyzes the user flow and decides where to put the cancellation button. They make decision about style, layout, and wording. This isn’t a ton of work, but something so critical to the company’s business and retention numbers will probably involve a lot of review, discussion, and bike shedding. This could easily take 24 people-hours of work on its own.
2. Somebody programs the front-end change. They probably have to put it behind a feature flag so it’s not visible until the back end is ready.
3. Somebody programs the back-end. They think about security, authentication, authorization, CSRF. That’s probably handled, but again, this is a critical feature and deserves extra care.
4. Somebody programs the interface to the company’s internal systems. They’re usually kind of a pain to work with. Billing, marketing, support, customer success. Something probably sends an email to the user. Maybe there’s a follow up flow to try to get them back with a special offer a month later. Etc.
5. The change is tested. Preferably with automated tests, but a feature like this has tendrils into systems throughout the company, and a lot of moving parts, so manual testing is also important. If it goes wrong, it’s a big deal, involving the potential for chargebacks and lawsuits, both of which are expensive at scale.
Throughout all this, you’re dealing with legacy code, because billing is one of the oldest systems the company has, and the one with the most risk of change, so the code is nasty and doesn’t follow current conventions. Every change is painful and tedious.
It’s alien to you that this could take more than 24 hours? At any company of size, I have trouble imagining it taking less.
> Despite the administrative law judge's finding, the FTC did not conduct a preliminary regulatory analysis and instead "proceeded to issue only the final regulatory analysis alongside the final Rule,"
ANY software change in a non-hobby business goes through a change process.
One as significant as an entirely new account cancelation flow requires extensive planning, design and testing.
What if you have equipment like a set top box? What if a shipping label needs to be mailed out? What if there are state-by-state regulations that must be complied with? What if you have to issue prorated returns of prepaid subscription fees? What if different accounts have different cancelation terms because of bulk pricing? And a million other things that you have to think about, design for and test.
Of course you can solve all this. But it's certainly not "BS" that it'll take more than 24 hours.
The FTC knew this. They cheated their process to ram through a rule. But you like the rule they tried to cheat to implement, so it's ok then, I guess.
A more extreme example would be the US Clean Air Act and how the EPA extended the rules to regulate carbon dioxide emissions. Obviously going to cost a lot of money, but a necessary change to dodge climate disaster. That rule had to wait for Congress to pass the Inflation Reduction Act to become legal. Hopefully this minor consumer protection rule will be supported by Congress as well.
I don't know that the backend is necessarily needed. If the button only opened a support ticket/sent an email then the rest can be done by the employees who already processed cancellations on the phone. They just don't need to be on the phone with the customer to do it.
> All it takes is a couple of bad actor companies…
Keep in mind that this threshold is not about bad actors at all. It’s about the impact to the legitimate companies that are not defrauding people at all. The FTC estimated that there were over a hundred thousand companies that would be effected by these new rules, and possibly that there were 5× that. As the judge noted, the implementation cost of these new rules would have to be less than $1000 _per company_ in order for it to be below the threshold. That’s two days of an average engineer’s salary, or even less if they’re getting paid well instead of just average. And since the rules involve more than just adding a button to your webpage the work involved would need to be done by more than just an engineer.
And hitting that threshold is no bad thing, since it just means that the FTC has to allow an extra public comment period with the specific purpose of coming up with alternative rules. If any of those alternative rules would be effective but cheaper to implement then the FTC is supposed to drop their own rules and adopt the alternative rules instead. That keeps the cost down for the legitimate companies while still allowing the FTC to go after the illegitimate ones that aren’t going to bother following the rules anyway.