Consumers Affected
3,000,000
The FTC settled with Humor Rainbow, Inc. (operator of OkCupid) and Match Group Americas over allegations that OkCupid deceived users by sharing personal data including photos and location information with an unauthorized third party, contrary to its privacy policy promises to inform users and provide opt-out opportunities. The settlement permanently prohibits the companies from misrepresenting their data collection, use, disclosure, and privacy control practices. No monetary penalty was imposed.
The companies are permanently enjoined from misrepresenting any aspects of their personal data collection, use, disclosure, protection, or deletion practices, the purpose of such processing, or the functionality of their privacy controls and consumer options under state privacy laws. No monetary penalty was imposed.
In-house legal teams should review data processing and sharing clauses in vendor, customer, and partner agreements to ensure they align with public privacy policy promises, particularly regarding third-party data sharing and opt-out rights. Vendor agreements must include explicit restrictions on how shared user data (including photos, geolocation, and demographic information) can be used, and require third parties to notify the company of any data use changes. Customer-facing privacy policies and associated terms of service should be audited to confirm that all representations about data sharing, opt-out mechanisms, and privacy controls are accurate and implemented in practice. Additionally, agreements with affiliates and investors should prohibit unauthorized data sharing based on non-business relationships, and include breach notification clauses requiring prompt disclosure of any unauthorized data disclosures.
Entity
Humor Rainbow, Inc. and Match Group Americas
Industry
Social MediaOfficial Press Release
https://www.ftc.gov/news-events/news/press-releases/2026/03/ftc-takes-action-against-match-okcupid-deceiving-users-sharing-personal-data-third-party
OkCupid MatchComplaint
https://www.ftc.gov/system/files/ftc_gov/pdf/OkCupid-MatchComplaint.pdf
MatchGroupAmericasandHumorRainbowStipulatedOrder
https://www.ftc.gov/system/files/ftc_gov/pdf/MatchGroupAmericasandHumorRainbowStipulatedOrder.pdf
Federal Trade Commission Enforcement Page
https://www.ftc.gov/enforcement
"March 30, 2026"
"OkCupid, operated by Dallas-based Humor Rainbow, Inc., and Match Group Americas, which provides services for Humor Rainbow, will be prohibited from misrepresenting its privacy policies."
"As part of a settlement, OkCupid, operated by Dallas-based Humor Rainbow, Inc., and Match Group Americas, which provides services for Humor Rainbow, will be prohibited from misrepresenting its privacy policies."
"OkCupid gave an unauthorized third party access to the personal data of millions of OkCupid users in violation of its privacy policies."
"its privacy policy at the time claimed it may share personal information with service providers, business partners, other entities within its family of businesses or when it informed consumers about such data sharing and gave consumers the chance to opt out. Despite these promises, OkCupid shared users’ personal data with a third party—even though it was not a service provider, business partner, or family affiliate—and did not inform consumers or give them the chance to opt out of such sharing."
"sharing their personal information, including photos and location information, with an unrelated third party"
The FTC settled charges with data broker Kochava, Inc. and its subsidiary Collective Data Solutions (CDS) over allegations that they sold precise location data from hundreds of millions of mobile devices without consumer consent, enabling tracking of visits to sensitive locations like reproductive health clinics and places of worship. The settlement prohibits the companies from selling or sharing sensitive location data without affirmative express consumer consent, and imposes compliance requirements including a sensitive location data program, supplier consent assessments, incident reporting, and data retention schedules. No monetary penalty was imposed.
The FTC filed a complaint and obtained a temporary restraining order against six defendants operating a deceptive health care scheme that impersonated government and insurance carriers to sell fake comprehensive health plans. The defendants allegedly charged consumers without express informed consent, failed to disclose material terms including cancellation processes, and misled consumers into paying for inadequate coverage that left many with substantial medical debt. The FTC seeks refunds for affected consumers and alleges violations of the FTC Act, Telemarketing Sales Rule, Impersonation Rule, and Gramm-Leach-Bliley Act.
$140.0M
Following an FTC investigation, a federal court granted summary judgment against timeshare exit scheme operator Christopher Carroll, ordering him to pay $140 million total ($95 million in consumer redress, $45 million civil penalty) for defrauding consumers out of over $90 million. The scheme used deceptive direct mail and in-person pitches, falsely claimed affiliation with timeshare companies, failed to provide refunds, and violated the FTC’s Cooling-Off Rule by forcing consumers to sign non-cancellable contracts. Carroll is also permanently banned from marketing timeshare exit services or engaging in deceptive door-to-door sales.
This press release announces the FTC's testimony before the Senate Commerce, Science and Transportation Committee on April 15, 2026, outlining the agency's priorities including consumer privacy protection, competition enforcement, and implementation of the TAKE IT DOWN Act. No specific enforcement action against a private entity is announced in this release.
The FTC announced an Advance Notice of Proposed Rulemaking (ANPRM) seeking public comment on a potential nationwide rule to address unfair or deceptive fee practices by online food and grocery delivery platforms. The ANPRM covers requirements for disclosing total prices, fees, variable charges, price differentials, and promotion terms. Past FTC enforcement actions against Instacart and Grubhub for deceptive fee practices are cited as evidence of ongoing issues in the industry.
$868K
The FTC announced three separate settlements with companies making false 'Made in USA' claims: TouchTunes (electronic dartboards, $625k consumer redress), Americana Liberty and related parties (flags and flagpoles, $167,743 redress), and Oak Street Bootmakers (footwear, $75k redress). The companies violated the FTC Act, Made in USA Labeling Rule, and for Americana Liberty, the Textile Act and Rules, by making unqualified origin claims for products with significant imported components or wholly imported from China. Each settlement prohibits future misrepresentations of U.S. origin and requires consumer notices.