The Prohibit Auto Insurance Discrimination Act (PAID Act) makes it unlawful for private passenger automobile insurers and their affiliates to consider a specified list of demographic and income-proxy factors—including education level, occupation, employment status, home ownership, ZIP Code or census tract, credit and consumer reports, and prior insurer or purchases—when determining eligibility or calculating premiums. The bill also requires periodic submissions to the Federal Trade Commission (FTC) showing that underwriting, marketing, rating, claims handling and fraud models do not disparately impact protected groups, and it removes trade-secret protection for underwriting rules and rate filings.
The bill creates overlapping enforcement paths: the FTC enforces the statute as an unfair or deceptive practice (with a minimum civil penalty of $2,500 per violation), consumers get private causes of action for negligent or willful violations (including actual and punitive damages and attorneys’ fees), and states may sue as parens patriae. The Act takes effect one year after enactment and contains a ‘‘reasonable procedures’’ defense for entities that can show they maintained compliance systems at the time of an alleged violation.
At a Glance
What It Does
The bill forbids use of twelve enumerated factors and proxies—ranging from gender and credit-based insurance scores to ZIP Code and prior insurer—in underwriting, rating, eligibility, discounting, cancellations, and other actions that affect a consumer’s premium. It mandates FTC-directed reporting on algorithms and models and makes all underwriting rules and rate filings public.
Who It Affects
Nationwide private passenger automobile insurers and their affiliates, data vendors supplying consumer or credit-based insurance scores, actuaries and modelers who build pricing algorithms, and the FTC and state insurance and consumer protection authorities tasked with oversight and enforcement.
Why It Matters
This is a direct, federal curtailment of several common inputs in auto pricing models and requires both transparency and disparate-impact review of algorithmic processes—shifting the compliance burden onto insurers, exposing models to public view, and creating new private- and public-enforcement risks.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
The PAID Act draws a bright line around a dozen specific factors insurers commonly use as income proxies. Under the bill insurers and their affiliates may not ‘take into consideration’ gender, education level, occupation, employment status, home ownership, ZIP Code (or adjacent ZIPs), census tract, marital status, credit score or credit-based insurance score, consumer reports, previous insurer, or prior purchases when determining eligibility or calculating a driver’s rate.
The statutory language is expansive: any use of those factors that prevents a consumer from obtaining the lowest available rate from the insurer or its affiliates, or that blocks discounts, causes denials, cancellations, nonrenewals, or other premium impacts, is a violation.
Operationally, the law forces two principal changes. First, insurers must stop feeding the listed proxies into underwriting and pricing decisions that affect premiums or eligibility.
Second, insurers must document and report to the FTC: within one year after enactment and every two years thereafter they must submit information the FTC requires to show their marketing, underwriting, rating, claims handling, fraud investigation practices and any algorithms or models used do not disparately impact protected classes. In addition, the Act removes trade-secret protection for underwriting rules and rate filings—those documents must be open for public inspection.Enforcement is tripartite.
The FTC treats a violation as an unfair or deceptive act under the FTC Act and may seek administrative remedies; the bill establishes a civil penalty floor of $2,500 per violation for FTC enforcement. Consumers get a private right to sue: negligent violations expose insurers to actual damages and fees, while willful violations permit actual and punitive damages plus attorneys’ fees.
States may bring parens patriae suits and must provide notice to the FTC; the FTC can intervene. The bill sets a limitations window: plaintiffs must sue within the earlier of two years from discovery or five years from the violation.For practical compliance the Act offers a ‘reasonable procedures’ safe harbor: a person is not liable if they show by a preponderance that they maintained reasonable procedures to assure compliance at the time of the alleged violation.
The Act also preserves state insurance regulation except where a state law conflicts with the Act, in which case the federal statute controls to the extent of the inconsistency. Definitions in the bill clarify ‘‘affiliate,’’ ‘‘consumer report,’’ ‘‘credit-based insurance score,’’ and the class of ‘‘private passenger automobile’’ vehicles covered.
The law becomes effective one year after enactment, giving firms a finite implementation window.
The Five Things You Need to Know
The statute lists 12 prohibited factors—explicitly including ZIP Code, census tract, credit score or credit-based insurance score, prior insurer, and prior purchase of insurance—and treats any use that prevents a consumer from getting the insurer’s ‘lowest rate’ as a violation.
Insurers must submit information to the FTC starting one year after enactment and then every two years to demonstrate that models and business practices do not disparately impact protected classes (race, color, national origin, religion, sex, sexual orientation, disability, gender identity/expression).
All underwriting rules and rate filings must be publicly available and cannot be shielded as proprietary trade secrets, exposing pricing criteria and model inputs to competitors, regulators, and the public.
The FTC enforces the Act as an unfair or deceptive practice and may impose civil penalties of at least $2,500 per violation; consumers may also sue for negligent or willful violations and recover actual damages (plus punitive damages for willful violations) and attorneys’ fees.
The Act becomes effective one year after enactment and includes a defense where a defendant shows it maintained reasonable procedures to assure compliance at the time of the alleged violation.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Short title (PAID Act)
A single line establishing the Act’s short title. Practically this matters only for citation and cross-references in regulations and litigation; it does not change substance or interpretation.
Findings
Congress records industry practices it views as using income proxies and notes that these proxies can lead to higher rates for lower-income drivers. The findings themselves carry no legal effect, but they signal legislative intent—important for courts when construing ambiguous provisions and for regulators drafting implementing rules or guidance.
Flat prohibition on specified factors and proxies
The heart of the bill: subsection (a) forbids insurers and affiliates from considering the factors listed in subsection (b) for eligibility or rate calculations. The enumerated list is specific and broad—covering demographic variables (gender, marital status), socioeconomic proxies (education, occupation, home ownership, employment status), geographic identifiers (ZIP Code, census tract), financial markers (credit score, credit-based insurance score, consumer reports), and relationship-history variables (previous insurer, prior purchase). Compliance requires removing these variables from underwriting and pricing pipelines or ensuring they have no influence on decisions that affect price or coverage.
FTC reporting and public disclosure of underwriting/rate filings
Insurers must provide the FTC with information—including models, algorithms, and descriptions of marketing, underwriting, rating, claims handling, and fraud investigations—within one year and biennially thereafter to show no disparate impact on protected groups. Separately, the Act requires that underwriting rules and rate filings be open for public inspection and not treated as trade secrets, forcing firms to choose between transparency and protecting proprietary techniques. These requirements will shape model documentation, vendor contracts, and information-security practices.
Compliance defenses and rules of construction
The Act creates a procedural defense: a person who maintained reasonable procedures to assure compliance is not liable. The rules of construction expand the definition of violation to any consideration of the prohibited factors that prevents a consumer from obtaining the insurer’s lowest available rate or otherwise affects discounts, eligibility, cancellation, nonrenewal, or coverage terms. That expansive framing raises the bar for compliance programs and creates litigation risk over what constitutes the ‘lowest rate’ or a prohibited ‘consideration.’
Enforcement: FTC, civil penalties, private and state actions
The FTC enforces the statute as if it were an unfair or deceptive act under the FTC Act and can obtain administrative relief; the bill sets a minimum civil penalty of $2,500 per violation. Consumers can sue for negligent violations (actual damages and fees) and willful violations (actual and punitive damages plus fees), with fee-shifting for prevailing plaintiffs. States can sue on behalf of residents (parens patriae), must notify the FTC, and the FTC may intervene. The bill also specifies statutes of limitation (2 years from discovery or 5 years from occurrence).
Preemption floor, definitions, and effective date
Section 5 preserves state insurance regulation except where state law conflicts with this Act, in which case the federal provision controls. Section 6 supplies working definitions for affiliate, consumer report, credit scores, employment and home-ownership status, and what constitutes a private passenger automobile—definitions that shape the law’s scope. Section 7 sets the Act’s effective date at one year after enactment, creating a limited lead time for implementation.
This bill is one of many.
Codify tracks hundreds of bills on Finance across all five countries.
Explore Finance in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Lower-income drivers and residents of high-poverty ZIPs or census tracts — by barring use of ZIP Code, census tract, credit scores and related proxies, the Act reduces mechanisms that have been shown to correlate with higher premiums for these groups.
- Consumers concerned about algorithmic disparate impact — the FTC reporting requirement and public disclosure of underwriting rules provide regulators, advocates, and researchers tools to audit and challenge discriminatory practices.
- Smaller or specialized insurers that price directly on driving behavior or telematics — by removing certain socio-economic proxies, the law levels competition toward firms that use direct-risk measures rather than correlated third-party data.
Who Bears the Cost
- Large incumbent insurers that rely on credit scores, geographic pricing (ZIP/census tract) and consumer-report data — they will need to rework models, rerun actuarial filings, and potentially lose price segmentation that supports profitability in certain customer cohorts.
- Data providers and scoring vendors (credit bureaus, companies selling credit-based insurance scores and consumer reports) — demand for their products for auto underwriting will likely fall, reducing revenue and requiring contract renegotiations with insurers.
- Regulators and compliance functions — the FTC and state insurance regulators will face increased monitoring and investigatory work (reviewing Biennial submissions, public filings, and handling litigation), and insurers will need to build new compliance documentation, testing, and recordkeeping systems.
Key Issues
The Core Tension
The central dilemma is between two legitimate objectives: protecting consumers (especially lower-income and geographically concentrated groups) from pricing that reflects income-proxy discrimination versus preserving insurers’ ability to use granular, predictive data to price risk accurately. Eliminating proxies reduces one kind of unfairness but can increase cross-subsidies, raise average premiums, or push insurers toward alternative risk measures that have their own equity and privacy trade-offs.
The bill advances a clear public-policy goal—cutting off inputs that function as proxies for income or protected-class characteristics—but it trades off actuarial granularity for fairness. Insurers rely on correlated variables because they improve predictive accuracy; removing those inputs can blunt model performance unless firms substitute other, legitimate risk measures (for example, telematics-based driving metrics).
Those substitutions may shift cost and privacy burdens to consumers (telematics requires device installation or data-sharing) and create new avenues for differential pricing.
The public-disclosure requirement presents another tension: transparency aids oversight but also reveals proprietary rating methodologies to competitors and to malicious actors who might game models. The FTC’s biennial disparate-impact reviews impose data, documentation, and testing obligations that will be operationally heavy, and the statute provides little detail on the methodology the FTC should use to assess disparate impact—leaving outcomes dependent on future rulemaking and case-by-case enforcement.
Finally, the Act’s definition of violation—any consideration of a listed factor that prevents a consumer from obtaining the lowest rate from the insurer or affiliates—is broad and fact-intensive, likely to generate litigation over causation, model inputs’ indirect effects, and what constitutes the ‘lowest rate’ available.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.