Penalty Amount
$275,000,000
Epic Games, maker of Fortnite, violated children's privacy laws by collecting data from under-13 users without parental consent and used deceptive designs to trick users into unintended purchases. The FTC secured a $275 million civil penalty and $245 million in consumer refunds, with requirements to enhance privacy defaults, delete improperly collected data, implement a privacy program, and prohibit dark patterns and account locking for charge disputes.
Epic must pay a $275 million penalty to the U.S. Treasury, provide $245 million in refunds to consumers, delete personal information collected from children without parental consent, implement a comprehensive privacy program with independent audits, change default privacy settings to turn off voice and text communications for children and teens unless affirmatively consented, and is prohibited from using dark patterns to induce purchases or blocking account access for disputed charges.
In-house legal teams should review all customer-facing agreements, particularly Terms of Service (ToS), End User License Agreements (EULA), and in-app purchase/billing terms for users of any online service or game. Key clauses to scrutinize include: (1) consent mechanisms for data collection, especially for users identified or likely to be under 13, ensuring they mandate verifiable parental consent; (2) billing and purchase clauses to identify and eliminate 'dark patterns'—deceptive UI/UX designs that trick users into unintended charges; (3) account management terms that prohibit locking or restricting accounts for disputing charges; (4) data handling and retention clauses to ensure improper children's data is deleted and collection is limited; and (5) privacy setting clauses to enforce strong defaults for minors (e.g., disabling voice/text chat). Changes will likely involve rewriting consent flows, redesigning purchase interfaces for clarity, implementing robust refund processes, and establishing enforceable privacy-by-default configurations for younger users.
Entity
Epic Games, Inc.
Also known as: Epic Games
Industry
GamingOfficial Press Release
https://www.ftc.gov/news-events/news/press-releases/2022/12/fortnite-video-game-maker-epic-games-pay-more-half-billion-dollars-over-ftc-allegations
2223087EpicGamesComplaint
https://www.ftc.gov/system/files/ftc_gov/pdf/2223087EpicGamesComplaint.pdf
2223087EpicGamesSettlement
https://www.ftc.gov/system/files/ftc_gov/pdf/2223087EpicGamesSettlement.pdf
1923203EpicGamesComplaint
https://www.ftc.gov/system/files/ftc_gov/pdf/1923203EpicGamesComplaint.pdf
1923203EpicGamesACCO
https://www.ftc.gov/system/files/ftc_gov/pdf/1923203EpicGamesACCO.pdf
Federal Trade Commission Enforcement Page
https://www.ftc.gov/enforcement
"Epic Games, Inc., creator of the popular video game Fortnite"
"Epic will pay a $275 million penalty"
"violated the Children’s Online Privacy Protection Act (COPPA)"
"FTC Act’s prohibition against unfair practices"
"violated the COPPA Rule"
"collecting personal information from children under 13 who played Fortnite, a child-directed online service, without notifying their parents or obtaining their parents’ verifiable consent."
The FTC sent warning letters to 12 companies offering 'nudify' tools that generate nonconsensual intimate images, for failing to comply with the TAKE IT DOWN Act (TIDA) by not providing a mechanism for victims to request removal of such content. The letters urge immediate compliance with TIDA, which requires platforms to remove nonconsensual intimate images within 48 hours of a valid request. Noncompliant companies may face future legal action and civil penalties of up to $53,088 per violation.
The FTC began enforcing the TAKE IT DOWN Act on May 19, 2026, a law requiring covered platforms to establish a process for victims to request removal of nonconsensual intimate images and delete such content within 48 hours of a valid request. The agency launched a consumer complaint portal, issued compliance guidance for businesses and consumers, and sent reminder letters to major platforms including Meta, TikTok, and X about their obligations under the law. No specific penalties or enforcement actions against individual companies were announced in this release.
$6.5M
A federal court held Cliq Inc. and its executives Andrew Phillips and John Blaugrund in civil contempt for multiple violations of a 2015 FTC order requiring the payment processor to prevent enabling consumer fraud. The court found the defendants facilitated fraud by processing transactions for high-risk merchants, avoiding fraud monitoring, failing to conduct required underwriting, and ignoring chargeback thresholds. The court imposed $6.5 million in civil contempt sanctions against the defendants.
$795.8M
The FTC and State of Nevada settled charges with lead defendants of the IM Mastery Academy MLM scheme, including Chris and Isis Terry and their affiliated companies, over false earnings claims used to promote financial training programs and a multi-level marketing venture. The stipulated order imposes a $795.8 million judgment, with defendants surrendering nearly $90 million in assets including luxury real estate, vehicles, jewelry, and a yacht, totaling over $100 million with prior judgments from other involved defendants. The order also bans defendants from selling trading-training services, prohibits false earnings claims, and restricts deceptive practices including negative-option misrepresentations and telemarketing violations.
The FTC and State of Illinois, via the Department of Justice, filed a complaint against B.E.S.T. GDR LLC (d/b/a Premium Home Service) and its owner Yosef Bernath for creating thousands of fake home repair business listings with fabricated five-star reviews to deceive consumers. The defendants allegedly routed consumer calls to unqualified representatives, arranged for unlicensed technicians, and violated the FTC Act, Reviews and Testimonials Rule, Gramm-Leach-Bliley Act, and Illinois consumer protection laws. No monetary penalty has been imposed yet as the case is in initial filing stages.
Federal Trade Commission Chairman Andrew N. Ferguson sent letters to over a dozen major technology companies reminding them of their obligation to comply with the Take It Down Act (TIDA) by May 19, 2026. TIDA requires covered platforms to establish a process for victims, including children, to request removal of nonconsensual intimate images, with takedown of content and all identical copies required within 48 hours of a valid request. The FTC also issued supplemental guidance to help companies prepare for compliance and warned that it will monitor and enforce violations of the law.