Massachusetts limits P.L. 86-272 protections

The Massachusetts Department of Revenue recently promulgated final regulations providing that the placement of cookies on devices accessible in the Commonwealth may preclude protection under P.L. 86-272. The new regulations are effective Oct. 10, 2025 and update section (4)(e) of 830 Mass. Code Regs. 63.39.1. The amendment provides an example of when the placement of cookies exceeds the protections of the federal law. This article briefly describes the updated rule and the evolving interpretation of P.L. 86-272.

P.L. 86-272 modernization efforts come to the Bay State

Background

The Interstate Income Act of 1959, commonly known as Public Law 86-272 or P.L. 86-272, is a federal law that prohibits states from imposing corporate income taxes on businesses to the extent that a taxpayer’s activities in the state are limited to the solicitation of orders of tangible personal property that are sent outside the state for approval and, if approved, are filled by shipment or delivery from a point outside the state. For almost four decades, the Multistate Tax Commission (MTC) has provided guidance on the interpretation of P.L. 86-272 based on the federal statute, case law and various guiding principles, generally followed by the states through regulatory or statutory adoption. The MTC guidance lists protected and unprotected activities, as well as activities considered ‘ancillary’ to the solicitation of sales that would not exceed the protections of the federal law.

In 2021, the MTC issued revised guidance to modernize its interpretation regarding sales of tangible personal property through the internet. This guidance classifies certain internet-based activities as beyond the mere solicitation of orders, thereby eliminating the federal protection for corporate income tax purposes. Examples of unprotected activities include providing post-sales assistance through electronic chat or email, placing internet ‘cookies’ on computers designed to gather market research or inviting or accepting applications for employment through a website. New Jersey and New York have recently and substantially adopted the revised guidance through regulatory action.

Commonwealth modernizes

Effective Oct. 10, 2025, Massachusetts became the latest state to address internet-based activities and the modernized interpretation of P.L. 86-272 through amendments to its corporate nexus regulations. Notably, the Commonwealth did not adopt the specific activities and examples detailed in the MTC guidance, but instead added a single example of an unprotected activity.

The example provides that if a business website places internet cookies on devices accessible by persons in Massachusetts, and those cookies collect data that aids business decisions, such as adjusting inventory, creating new products or choosing what to sell, then that activity is not entirely ancillary to the solicitation of sales of tangible personal property and is therefore unprotected. Businesses that engage in this activity are subject to the income measure of the corporate excise tax and must file a return if Massachusetts-sourced receipts exceed $500,000. The regulation cites the U.S. Supreme Court’s decision in South Dakota v. Wayfair, Inc., 585 U.S. 162 (2018) to support a broader interpretation of nexus.

Note that Massachusetts follows ‘throwback’ rules for sales factor apportionment purposes, requiring a taxpayer to include in the sales factor numerator any receipts of tangible personal property that are shipped to a state where the taxpayer is not subject to tax. In determining whether a taxpayer is ‘subject to tax’ in another jurisdiction, the Massachusetts nexus rules must be applied to the delivery location. The amended regulations may provide opportunities for taxpayers currently including throwback sales in Massachusetts apportionment to exclude those sales under the new cookie guidance.