Florida Attorney General James Uthmeier issued subpoenas to Contec, a Chinese medical device manufacturer, and Epsimed, a Miami-based reseller, over allegations that their patient monitors contain backdoors and automatically transmit patient data to China without consent. The companies are accused of violating Florida's Deceptive and Unfair Trade Practices Act by omitting material security vulnerabilities andmaking false representations about FDA approval and product quality. The AG may seek damages, civil penalties, and injunctive relief in future enforcement.
In-house legal teams at healthcare providers, medical device vendors, and resellers should review contracts with medical device manufacturers to include explicit prohibitions on unauthorized patient data transmission, especially to foreign entities. Contracts must require full disclosure of security vulnerabilities, backdoors, and data sharing practices, mandate compliance with FDUTPA and health privacy laws, and require valid FDA approval representations. Additionally, contracts should include clauses requiring vendor notification of security risks, consent for health data sharing, and audit rights to verify compliance with cybersecurity standards.
Entity
Contec and Epsimed
Industry
Healthcare"Contec and Epsimed may have violated FDUTPA by:"
"alleged violations of Florida's Deceptive and Unfair Trade Practices Act"
"programming that automatically transmits patient information to an IP address owned by a university in China"
"built-in 'backdoor' that could allow bad actors to manipulate data shown on the devices without the patient or provider's knowledge"
"Contec and Epsimed omitting material facts about the monitor’s security vulnerabilities"
"Release Date Jun 16, 2025"
Florida Attorney General James Uthmeier opened a civil investigation into Discord and issued a subpoena demanding documents related to its marketing to children, age-verification processes, content moderation, parental controls, and reporting of child exploitative activity. The investigation alleges potential violations of Florida’s Deceptive and Unfair Trade Practices Act, citing the platform’s widespread use by child predators to target minors. Discord must produce records on its child safety practices, minor user data, and complaint handling related to child exploitation.
The Florida Attorney General's Office launched the CHINA Prevention Unit and issued a subpoena to Shein for deceptive trade practices and data privacy violations. The unit focuses on combating threats from foreign adversaries like the Chinese Communist Party to consumer data and economic security. This action is part of broader efforts to audit and hold accountable companies with ties to China.
Florida Attorney General James Uthmeier filed a lawsuit against Roblox, alleging that the company misrepresented the safety of its platform to parents and failed to protect children from accessing adult content and being contacted by predators. The lawsuit seeks injunctive relief and other remedies to ensure child safety on the platform.
Florida Attorney General James Uthmeier issued an investigative subpoena to TP-Link Systems Inc. as part of a consumer protection investigation into the company’s cybersecurity practices, supply-chain infrastructure, and handling of U.S. consumer data, including allegations of unauthorized data sharing with the Chinese Communist Party. The probe will determine if TP-Link misled customers about foreign government access to their personal data, which would violate the Florida Deceptive and Unfair Trade Practices Act, with no findings of wrongdoing yet.
Florida Attorney General James Uthmeier filed a civil enforcement action against Roku, Inc. for violating the Florida Digital Bill of Rights (FDBOR) and Florida Deceptive and Unfair Trade Practices Act (FDUTPA). The complaint alleges Roku collected, sold, and enabled reidentification of children’s sensitive personal data, including viewing habits and voice recordings, without parental consent or meaningful notice to consumers. The state seeks civil penalties, injunctive relief, and requirements for Roku to implement transparent disclosures, lawful parental controls, and cease unauthorized processing of children’s data.
Florida Attorney General James Uthmeier filed complaints against multiple pornography websites for violating Florida's age-verification law by not verifying users' ages, allowing children access to harmful material. The law requires such sites to implement age verification, and violations can result in fines up to $50,000 per violation. The complaints seek injunctions, civil penalties, and compliance with the law.