Penalty Amount
$1,550,000
California Attorney General Rob Bonta announced a $1.55 million settlement with health information website publisher Healthline Media LLC, resolving allegations that the company violated the CCPA and Unfair Competition Law. Violations included failing to honor consumer opt-out requests, sharing sensitive health data with third parties without required privacy protections, and using deceptive consent banners that did not disable tracking cookies. The settlement imposes injunctive terms, compliance requirements, and a civil penalty, marking the largest CCPA settlement to date.
Healthline must pay $1.55 million in civil penalties and is permanently enjoined from sharing article titles that could reveal a consumer’s medical diagnosis. The company must ensure opt-out mechanisms (including Global Privacy Control) function properly, implement a CCPA compliance program that includes auditing third-party contracts for required privacy terms, and maintain accurate privacy policies and online disclosures.
In-house legal teams, especially at ad-supported online publishers or companies handling sensitive health data, should review vendor agreements with ad networks, tracking technology providers, and third-party data recipients to ensure they include all CCPA-mandated privacy terms, including requirements to honor opt-out requests (including via Global Privacy Control) and prohibitions on sharing sensitive health data without proper protections. Privacy policies and consent banners must be audited to confirm they accurately disclose tracking practices, that opt-out mechanisms function to disable all tracking cookies when selected, and that no deceptive dark patterns (like non-functional consent banners) are present. Companies should also review data sharing practices to comply with purpose limitation principles, specifically prohibiting transmission of data (such as article titles) that could link consumers to medical diagnoses, and update compliance programs to include regular audits of third-party contracts and privacy disclosures.
Entity
Healthline Media LLC
Also known as: Healthline
Industry
Media & EntertainmentOfficial Press Release
https://oag.ca.gov/news/press-releases/attorney-general-bonta-announces-largest-ccpa-settlement-date-secures-155
People v. Healthline Media Complaint
https://oag.ca.gov/system/files/attachments/press-docs/People%20v.%20Healthline%20Media%20Complaint.pdf
Signed Judgment 0
https://oag.ca.gov/system/files/attachments/press-docs/Signed%20Judgment_0.pdf
Proposed Order re Injunction with case number
https://oag.ca.gov/system/files/attachments/press-docs/Proposed%20Order%20re%20Injunction%20with%20case%20number.pdf
California Attorney General Enforcement Page
https://oag.ca.gov/privacy/privacy-enforcement-actions
"website publisher Healthline Media LLC (Healthline)"
"$1.55 million in civil penalties"
"Tuesday, July 1, 2025"
"violated the California Consumer Privacy Act (CCPA)"
"violated the CCPA and the Unfair Competition Law"
"Failing to opt consumers out of the sharing of their personal information for targeted advertising."
California Attorney General Rob Bonta, joined by attorneys general from seven other states, filed a lawsuit to block the $6.2 billion merger between Nexstar Media Group and Tegna Inc. The lawsuit alleges the merger violates Section 7 of the Clayton Act by reducing competition in local TV markets, leading to higher prices, less local news, and job losses.
California Attorney General Rob Bonta filed a lawsuit against the U.S. Department of Education to block the expansion of IPEDS data collection requiring colleges to submit race-linked student data. The lawsuit argues the demand is arbitrary, capricious, and burdensome, and could enable costly partisan investigations. A multistate coalition co-led the challenge.
California Attorney General Rob Bonta and a coalition of state attorneys general announced they will continue their antitrust lawsuit against Live Nation/Ticketmaster after the U.S. Department of Justice settled the case. The states aim to hold Live Nation accountable for anticompetitive conduct that harms consumers, artists, and venues in the live music industry.
$376K
The California Privacy Protection Agency (CalPrivacy) settled with Ford Motor Company requiring the company to pay a $375,703 fine and change its practices. Ford violated the CCPA by requiring consumers to complete an email verification step before they could opt-out of the sale and sharing of their personal information collected through digital properties and connected vehicle services. In addition to the fine, Ford must provide easy methods to submit opt-out requests with minimal steps, audit its tracking technologies, and ensure compliance with opt-out preference signals including Global Privacy Control.
California Attorney General Rob Bonta, co-leading a bipartisan coalition of 21 attorneys general and charitable regulators, sent a letter to GoFundMe demanding the platform remove all plagiarized donation web pages for over 1.4 million charities, disclose information about donations, and ensure pages do not outrank official charity sites in search results. The action follows reports that GoFundMe used charities' information without consent and engaged in deceptive solicitations, violating state charitable solicitation and consumer protection laws.
California Attorney General Rob Bonta sent a letter to the U.S. Department of Health and Human Services opposing a proposed rule that would eliminate model card requirements for AI tools in healthcare, warning that such rollbacks could lead to biased and unsafe healthcare decisions by reducing transparency.