Penalty Amount
$75,000
The FTC finalized an order against 1Health.io for failing to secure genetic data and unfairly changing its privacy policy. The company must pay $75,000 for consumer refunds, destroy DNA samples, and implement security measures. It deceived consumers about data deletion and shared data without proper consent.
1Health.io must pay $75,000 for consumer refunds, instruct third-party laboratories to destroy all consumer DNA samples retained for more than 180 days, prohibit sharing health data without affirmative express consent, notify the FTC about unauthorized disclosures, and implement a comprehensive information security program.
In-house legal teams should review all vendor and customer agreements, particularly those involving the processing of genetic, health, or biometric data. Focus on clauses governing data security standards (e.g., encryption requirements), privacy policy change mechanisms (including notice and consent provisions), data deletion and destruction obligations, and limitations on data sharing. Given the findings of deceptive practices and inadequate security, contracts must be amended to include explicit, opt-in consent for any retroactive privacy policy changes, mandate specific technical safeguards for sensitive genetic data (like encryption at rest and in transit), and enforce strict, time-bound protocols for the complete destruction of DNA samples and associated data upon request or after analysis. Additionally, ensure data processing addendums for genetic data incorporate these heightened standards and provide clear audit rights.
Entity
1Health.io
Also known as: 1Health
Industry
HealthcareOfficial Press Release
https://www.ftc.gov/news-events/news/press-releases/2023/09/ftc-finalizes-order-1healthio-over-charges-it-failed-protect-privacy-security-dna-data-unfairly
1Health Complaint
https://www.ftc.gov/system/files/ftc_gov/pdf/1Health-Complaint.pdf
1Health DecisionandOrder
https://www.ftc.gov/system/files/ftc_gov/pdf/1Health-DecisionandOrder.pdf
Federal Trade Commission Enforcement Page
https://www.ftc.gov/enforcement
"1Health.io"
"must pay $75,000"
"charges that the genetic testing firm left sensitive genetic and health data unsecured, deceived consumers about their ability to get their data deleted, and changed its privacy policy retroactively without adequately notifying consumers and obtaining their consent."
$50K
The FTC settled with genetic testing company 1Health.io for failing to secure sensitive genetic and health data, deceiving consumers about data deletion, and unfairly changing its privacy policy without notice or consent. The settlement includes refunds totaling over $49,500 to 2,432 affected consumers.
The FTC sent warning letters to 12 companies offering 'nudify' tools that generate nonconsensual intimate images, for failing to comply with the TAKE IT DOWN Act (TIDA) by not providing a mechanism for victims to request removal of such content. The letters urge immediate compliance with TIDA, which requires platforms to remove nonconsensual intimate images within 48 hours of a valid request. Noncompliant companies may face future legal action and civil penalties of up to $53,088 per violation.
The FTC began enforcing the TAKE IT DOWN Act on May 19, 2026, a law requiring covered platforms to establish a process for victims to request removal of nonconsensual intimate images and delete such content within 48 hours of a valid request. The agency launched a consumer complaint portal, issued compliance guidance for businesses and consumers, and sent reminder letters to major platforms including Meta, TikTok, and X about their obligations under the law. No specific penalties or enforcement actions against individual companies were announced in this release.
$6.5M
A federal court held Cliq Inc. and its executives Andrew Phillips and John Blaugrund in civil contempt for multiple violations of a 2015 FTC order requiring the payment processor to prevent enabling consumer fraud. The court found the defendants facilitated fraud by processing transactions for high-risk merchants, avoiding fraud monitoring, failing to conduct required underwriting, and ignoring chargeback thresholds. The court imposed $6.5 million in civil contempt sanctions against the defendants.
$795.8M
The FTC and State of Nevada settled charges with lead defendants of the IM Mastery Academy MLM scheme, including Chris and Isis Terry and their affiliated companies, over false earnings claims used to promote financial training programs and a multi-level marketing venture. The stipulated order imposes a $795.8 million judgment, with defendants surrendering nearly $90 million in assets including luxury real estate, vehicles, jewelry, and a yacht, totaling over $100 million with prior judgments from other involved defendants. The order also bans defendants from selling trading-training services, prohibits false earnings claims, and restricts deceptive practices including negative-option misrepresentations and telemarketing violations.
The FTC and State of Illinois, via the Department of Justice, filed a complaint against B.E.S.T. GDR LLC (d/b/a Premium Home Service) and its owner Yosef Bernath for creating thousands of fake home repair business listings with fabricated five-star reviews to deceive consumers. The defendants allegedly routed consumer calls to unqualified representatives, arranged for unlicensed technicians, and violated the FTC Act, Reviews and Testimonials Rule, Gramm-Leach-Bliley Act, and Illinois consumer protection laws. No monetary penalty has been imposed yet as the case is in initial filing stages.