To improve online ticket sales and protect consumers, and for other purposes.
Sponsors
Legislative Progress
ReportedReported by Mr. Cruz, with an amendment
Mrs. Blackburn (for herself and Mr. Luján) introduced the following …
Summary
What This Bill Does
The MAIN Event Ticketing Act strengthens federal protections against automated "bot" software that bypasses online ticketing systems to mass-purchase event tickets. The bill requires all online ticket sellers to implement and maintain robust security systems to prevent bot circumvention, report any security breaches to the Federal Trade Commission within 30 days, and regularly update their defenses. It also authorizes significant civil penalties for violators and creates a public complaint portal for consumers to report ticketing fraud.
Who Benefits and How
Consumers benefit most directly through improved access to fairly-priced event tickets, as reduced bot activity should decrease artificial scarcity and the price inflation that drives tickets to secondary markets at marked-up prices. Artists, venues, and event organizers gain better control over ticket distribution to genuine fans, potentially improving attendance and fan relationships while capturing more revenue from primary sales rather than losing it to scalpers. State attorneys general receive enhanced enforcement tools through mandatory information-sharing with the FTC about ticket fraud incidents and consumer complaints. Cybersecurity firms and software vendors benefit from new business opportunities as ticket platforms must implement comprehensive security systems, conduct third-party audits, and maintain ongoing security assessments.
Who Bears the Burden and How
Online ticket platforms like Ticketmaster, AXS, and Eventbrite face significant new compliance costs: they must build and maintain access control systems, implement administrative and technical safeguards, oversee third-party service providers through contractual requirements and periodic assessments, file incident reports within 30 days of discovering circumvention, and continuously evaluate and upgrade their security measures in response to evolving threats. Third-party service providers to ticket platforms (such as payment processors, content delivery networks, and analytics providers) must meet new security standards and submit to periodic assessments. Bot operators and ticket scalpers face steep financial penalties - $10,000 per day that violations occur plus $1,000 per individual violation, with an additional $10,000 per violation for intentional violations - along with expanded FTC authority to bring direct civil actions in federal court.
Key Provisions
- Expands the definition of prohibited bot circumvention to include any automated application that bypasses access controls or security measures used by ticket websites to enforce purchasing limits
- Mandates that all online ticket sellers establish and maintain security systems, safeguards, and access controls to prevent bot circumvention, with requirements to regularly update these defenses based on changing technology and threats
- Requires ticket platforms to report circumvention incidents to the FTC within 30 days and creates a public FTC website for consumers to submit ticketing fraud complaints
- Establishes civil penalties of at least $10,000 per day for violations, plus $1,000 per individual violation, with enhanced penalties of $10,000 per violation for intentional violations
- Requires coordination between the FTC, FBI, Department of Justice, and state/local law enforcement to share information about cyberattacks on ticket platform security systems
Evidence Chain:
This summary is derived from the structured analysis below. See "Detailed Analysis" for per-title beneficiaries/burden bearers with clause-level evidence links.
Primary Purpose
This bill strengthens protections against automated bot software used to circumvent online ticket purchasing limits and requires ticket sellers to implement security measures and report circumvention incidents to the FTC.
Policy Domains
Legislative Strategy
"Strengthen the existing BOTS Act by: (1) expanding prohibited circumvention activities, (2) imposing affirmative security requirements on ticket sellers, (3) mandating incident reporting to FTC, (4) establishing civil penalties ($10,000/day + $1,000/violation), and (5) coordinating with law enforcement on cyberattacks"
Likely Beneficiaries
- Event attendees / consumers (protected from bot-driven price inflation)
- Legitimate ticket buyers (improved access to fairly-priced tickets)
- Primary ticket sellers like Ticketmaster who comply with security requirements (competitive advantage over non-compliant platforms)
- Artists and event organizers (more control over ticket distribution)
- State attorneys general (enhanced enforcement tools and information sharing)
Likely Burden Bearers
- Online ticket issuers / ticket platforms (compliance costs for security systems, reporting infrastructure, regular audits)
- Bot operators and ticket scalpers (new civil penalties and expanded enforcement)
- Secondary ticket markets / resale platforms (if they facilitate bot-driven purchases)
- Cybersecurity consulting firms (demand may increase but also scrutiny)
- Third-party service providers to ticket platforms (must meet security standards contractually)
Bill Structure & Actor Mappings
Who is "The Secretary" in each section?
- "the_commission"
- → Federal Trade Commission (FTC)
- "the_attorney_general"
- → United States Attorney General
- "state_attorneys_general"
- → State Attorneys General
Key Definitions
Terms defined in this bill
An attack, via cyberspace, targeting an enterprise's use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment or computing infrastructure; or destroying the integrity of data or stealing controlled information.
Primary ticket seller or box office authorized by event organizer (from original BOTS Act)
The act of avoiding, bypassing, removing, deactivating, or otherwise impairing an access control system, security measure, safeguard, or other technological control or measure described in section 2(b)(1).
A ticket issuer that owns or operates an Internet website or online service that, in the regular course of trade or business of the issuer, facilitates or executes the sale of event tickets to the general public.
We use a combination of our own taxonomy and classification in addition to large language models to assess meaning and potential beneficiaries. High confidence means strong textual evidence. Always verify with the original bill text.
Learn more about our methodology