FTC Consumer Reviews Rule (16 CFR 465): A Contractor's Compliance Guide

In August 2024, the Federal Trade Commission finalized a rule that quietly changed how every contractor in America is allowed to ask for reviews. It's called the Consumer Reviews and Testimonials Rule — 16 CFR Part 465 — and it carries civil penalties of up to $51,744 per violation. Not per business. Per violation. If your review software filters out unhappy customers before they hit Google, you are now exposed.

Most contractors haven't heard of it. The ones who have heard about it from their marketing agency got a vague email that said "we're compliant" without explaining what changed. This guide is the version you actually need: what the rule prohibits in plain English, why the old "feedback funnel" playbook is now a federal liability, and what a compliant review program looks like when you still want to grow from 23 reviews to 200.

What 16 CFR Part 465 actually prohibits

The rule has seven main sections. Four of them matter to a contractor running a service business. Read these carefully — they're written in legalese, but the operational meaning is concrete.

§465.2 — Fake reviews and testimonials. You can't write them, buy them, or knowingly publish them. This includes reviews written by employees, family members, or anyone with a material connection to your business who doesn't disclose it. A foreman's cousin leaving a five-star Google review without disclosing the relationship is a violation.

§465.4 — Buying positive or negative reviews. You can't pay, discount, or give anything of value conditioned on the sentiment of a review. "Leave us a 5-star review and get $20 off your next service" is illegal. "Leave us an honest review and get $20 off" is a gray area the FTC will likely treat as illegal because the incentive structure pressures positivity. The safe path: no compensation tied to reviews at all.

§465.5 — Insider reviews without disclosure. Officers, managers, employees, and their immediate relatives must disclose the relationship if they review the business. The owner's wife leaving a glowing review without saying "I'm the owner's spouse" is a violation — even if everything she wrote is true.

§465.6 — Review suppression. This is the one that kills review gating. The rule prohibits using "unfounded or groundless legal threats, physical threats, intimidation, or false accusations" to prevent or remove negative reviews. It also prohibits misrepresenting that displayed reviews represent all or most reviews when negative reviews have been suppressed.

The FTC's accompanying guidance makes the intent unmistakable: you cannot route customers based on predicted sentiment to keep negative reviews off public platforms. That's the entire mechanism of traditional review gating, and it's now a federal rule violation.

[Image TODO: side-by-side diagram comparing review gating (illegal — sentiment screen blocks unhappy customers from public review link) vs. review routing (compliant — every customer sees public review buttons, private feedback offered in addition)]

Why review gating is now a federal liability, not just a Google policy issue

Review gating has been against Google's review content policy since 2018. The penalty was profile suspension — bad, but recoverable. Under 16 CFR 465, the penalty structure is fundamentally different.

The FTC can pursue civil penalties of up to $51,744 per violation as of 2024 (the number adjusts annually for inflation). "Per violation" has not been definitively litigated for this rule yet, but in analogous FTC enforcement actions, each suppressed review or each customer routed away from the public platform can count as a separate violation. A contractor who has been gating reviews for two years through a typical software platform could have suppressed hundreds of negative reviews. The math gets ugly fast.

How traditional gating software works — and why every step now creates liability

The old playbook, sold by dozens of reputation platforms through 2023, worked like this:

• Customer gets a text or email asking "How was your experience?"
• They click a 1–5 star rating.
• 4–5 stars → routed to Google/Yelp/Facebook review page.
• 1–3 stars → routed to a private feedback form that never becomes public.

Under §465.6, the last step is the violation. You've used a sentiment screen to suppress negative reviews from appearing where consumers can see them. The fact that the customer technically *could* find Google on their own doesn't matter — you misrepresented the review collection process and steered them away from the public platform based on predicted sentiment.

What this means for your existing software

If your reputation platform has a star-rating screen before the Google link, you have a problem. Most of the legacy platforms in this space — the ones that built their pitch on "we filter out the bad ones" — quietly updated their flows in late 2024. Some are now compliant. Some still aren't. Some are technically compliant but encourage non-compliant usage in their training materials. Ask your vendor in writing: "Does every customer who completes our flow see a direct public review button, regardless of any rating or sentiment input they provide first?" If the answer is no, switch.

Review routing vs. review gating: the operational difference

The FTC didn't ban asking for reviews. It didn't ban offering customers a way to give you private feedback. It banned using sentiment to suppress public reviews. That distinction is the whole game.

Review gating screens customers and shows the public review link only to the happy ones. Review routing shows every customer the public review link, and additionally offers unhappy customers a private channel to reach the owner directly. Both feel similar to the customer. Legally and ethically, they're opposites.

Here's what a compliant flow looks like in practice. A homeowner gets a text two hours after your tech leaves: "Hi Sarah — thanks for choosing us today. If you have 30 seconds, we'd appreciate a quick Google review: [link]. If anything didn't go right, you can also text Mike (the owner) directly: [link]." Both options are present. Both are equally prominent. No star rating gates the experience. The customer chooses.

A furious customer can still leave a one-star Google review. They can also choose to text Mike instead. Most furious customers, given a genuine private path to the owner, will take it — not because they're suppressed, but because they actually want the problem solved more than they want revenge. That's the quiet truth of compliant routing: it works better than gating ever did, because it treats people like adults. GoodMarks is built entirely on this model — there is no version of our product that screens by sentiment.

A scenario: how a 5-truck plumbing company stays compliant and still grows

Consider Ridgeline Plumbing, a composite five-truck shop in Phoenix. Pre-2024, they used a legacy platform with sentiment screening. They had 187 Google reviews at a 4.8 average. They were also, unknowingly, sitting on roughly 40 suppressed negative experiences over 18 months — customers who clicked 1–3 stars and got routed to a private form that died in a CRM nobody checked.

In January 2025, they switch to a routing-based workflow. Every post-job text shows both buttons: public review and private message to the owner. Here's what changes in the first 90 days:

• Total review requests sent: 412 (one per completed job)
• Public Google reviews received: 71 (17% conversion — up from 11% under the old gated flow, because the link is now direct, not buried behind a star screen)
• Private feedback messages to the owner: 9
• New one-star or two-star public reviews: 3

That last number is the one owners panic about. Three negative public reviews in 90 days. But the average rating moved from 4.8 to 4.81, because the 68 positive reviews swamped the three negatives. And the three negatives — one billing dispute, one tech who didn't wear booties, one scheduling no-show — got owner responses within 24 hours that other shoppers will read for years. Two of the three customers updated their reviews after the owner made it right.

Meanwhile, the nine private feedback messages produced four service recoveries (refunds, redo visits, dispatcher coaching) that the old system would have buried. The owner stopped losing $400 jobs to $30 problems he never heard about.

This is what compliance actually buys you: a real picture of your operation, plus a faster review velocity that Google's local algorithm rewards. Industry estimates suggest review recency is one of the top factors in local pack ranking — 71 reviews in 90 days beats 187 reviews collected over three years for ranking purposes.

What compliant review solicitation looks like in practice

The FTC didn't publish a contractor playbook, but the rule plus existing endorsement guides make the boundaries clear. Here's what you can and can't do.

Compliant

• Ask every customer for a review after the job, by text, email, QR code on invoice, or in person.
• Provide a direct link to your Google Business Profile, Yelp page, or other public platform.
• Offer a private feedback channel in addition to — not instead of — the public option.
• Respond to all reviews, positive and negative, publicly and professionally.
• Provide a token of thanks (a branded pen, a cookie at job completion) that is not conditioned on writing a review or on the review's content.

Not compliant

• Showing the public review link only to customers who rate the experience positively first.
• Offering discounts, gift cards, raffle entries, or anything of value in exchange for a review.
• Asking employees, family, or friends to leave reviews without clear disclosure of the relationship.
• Using contractual non-disparagement clauses to threaten customers who leave negative reviews (separately banned by the Consumer Review Fairness Act of 2016).
• Disputing legitimate negative reviews with false claims to get them removed.

The gray areas

A few things sit in genuinely ambiguous territory. Asking for a review only after a customer expresses satisfaction verbally to your tech is not clearly prohibited — the customer self-selected, no software screen exists. But it's risky because it produces a similar effect to gating. The defensible practice: train techs to ask every customer, not just the happy-sounding ones.

Reposting positive Google reviews on your website with the customer's name shown is fine if the reviews are real and unedited. Cherry-picking only the best ones is also fine, as long as you don't claim they represent all your reviews. What you can't do: edit a real review to make it sound better, or invent a quote and attribute it to "M. from Phoenix."

How to audit your current review program in 30 minutes

Set a timer. Walk through these checks.

1. Test your own flow as a customer. Pretend to be unhappy. Click through your post-job text or email. Does a star rating or sentiment question appear before you see the Google link? If yes, that's gating. Document the screen and fix it this week.

2. Read your vendor's product documentation. Search for "sentiment," "filter," "gating," "satisfaction screen," "happy path." If those words appear positively in the marketing copy, you have a problem regardless of how the current flow behaves.

3. Check your incentive language. Look at every template — texts, emails, in-person scripts, lawn signs. Any language tying a discount, gift, or entry to leaving a review is a violation. "Leave us a review for a chance to win a $100 gift card" has to go.

4. Pull your team's review history. If you can identify reviews from employees or their immediate relatives that don't disclose the relationship, you have §465.5 exposure. The fix is asking those individuals to update their reviews with disclosure, or to remove them. Going forward, employees shouldn't review the business at all unless they disclose.

5. Audit your private feedback queue. If you have one and nobody's checking it, customers think they're being heard and they're not. That's a service problem before it's a compliance problem, but it makes both worse.

For a deeper look at how transparent routing changes the economics of a review program, see why we don't gate reviews at GoodMarks and our pricing for plans built around compliant routing from day one.

What enforcement will probably look like

The FTC doesn't have the staff to audit every contractor in America. What they do is bring high-profile cases that send signals. Expect the first wave of enforcement to target large reputation platforms and franchise systems where gating is institutional, not individual roofers in Tulsa. But state attorneys general can also bring claims under state mini-FTC acts, and competitors can file complaints. Plaintiff's attorneys are already watching for class action potential around suppressed negative reviews.

The real near-term risk for most contractors isn't a federal lawsuit. It's two things: vendor liability (your platform gets sued and your data shows up in discovery) and competitive complaints (a competitor reports you to get your Google profile flagged or your state license board involved). Both are cheaper to avoid than to defend. Switch your flow now, document the change, and you eliminate the exposure.

Move your review program to compliant routing

If your current platform still screens reviews by sentiment — even subtly, even just with a star-rating step before the Google link — you're carrying federal liability for a feature that no longer works better than the legal alternative. GoodMarks is built on transparent routing: every customer sees the public review button, and unhappy customers also get a private path to you. No screens, no filters, no gating. See how it works or check pricing to move your program off legacy gating this quarter.