Federal and state enforcement actions involving notice failure violations, tracked from official government sources.
127
Total Actions
$3.1B
Total Fines
10
Jurisdictions
Consumer fraud enforcement action where the FTC settled with Air AI for misleading entrepreneurs with false earnings and refund guarantees. The company will be banned from marketing business opportunities and pay a suspended $18 million judgment with $50,000 for consumer relief. Violations included failure to provide required disclosures and false claims under the Telemarketing Sales Rule and Business Opportunity Rule.
$18.0M
Consumer protection and civil rights lawsuit filed by Oregon AG and 20 other states against the U.S. Department of Agriculture over unlawful funding conditions that coerce states into complying with policies unrelated to nutrition programs. The conditions relate to immigration, DEI, and gender identity, and are alleged to violate the Spending Clause and Administrative Procedure Act. The suit seeks to block these conditions to protect billions in funding for programs like SNAP, WIC, and school lunches that serve vulnerable populations.
Consumer fraud enforcement action where the FTC settled with Xponential Fitness for violating the Franchise Rule by misrepresenting key information to franchisees, including time to open and costs. The settlement includes a $17 million monetary judgment for redress and prohibits future misrepresentations.
$17.0M
Connecticut Attorney General William Tong, joined by 17 other attorneys general, filed a lawsuit against the U.S. Department of Education to block new IPEDS data reporting requirements that demand student information disaggregated by race and sex. The coalition argues the rushed implementation is unlawful, invades student privacy, and risks unreliable data and baseless investigations. They seek an injunction to halt the data collection and protect student privacy.
Privacy enforcement action where Oregon AG and a coalition of 16 other states sue the Trump Administration to stop the Department of Education's new IPEDS data reporting requirements, arguing they jeopardize student privacy, lack proper definitions, and risk data errors and identification.
The California Privacy Protection Agency settled with PlayOn Sports for $1.10 million over CCPA violations, including failing to provide adequate opt-out mechanisms and improperly tracking users, particularly students. The company must implement proper opt-out methods, improve disclosures, and comply with children's data consent requirements.
$1.1M
The FTC and 11 states settled with Walmart for $100 million over deceptive earnings claims in its Spark Driver gig worker app, where drivers were misled about base pay, tips, and incentives. The settlement also addressed GLBA violations for failing to provide proper notice regarding the handling of drivers' financial information. Walmart must implement an earnings verification program and is banned from misrepresenting driver earnings.
$100.0M
Texas Attorney General Ken Paxton reached an agreement with Samsung Electronics America, Inc. to stop collecting Automated Content Recognition (ACR) data from smart TVs without consumers' express consent. Samsung must update its smart TVs to provide clear and conspicuous disclosures and obtain consent before any data collection, ensuring Texans are informed and in control of their viewing data.
The FTC issued a policy statement announcing it will not enforce COPPA against operators that collect age verification data under specific conditions. The policy aims to encourage the use of age verification technologies to protect children online. Operators must limit data use, ensure security, provide notice, and use accurate verification methods.
Consumer fraud enforcement action where the FTC is distributing $23 million in refunds to investors defrauded by the Sanctuary Belize and Kanantik real estate schemes. The defendants deceived consumers about luxury amenities and resale potential, resulting in losses of over $100 million. This is the second round of refunds following a court judgment.
$22.9M
Consumer fraud case where the FTC sued JustAnswer LLC for deceiving consumers into enrolling in a costly recurring monthly subscription by falsely claiming low one-time fees. The company did not obtain affirmative consent or clearly disclose subscription terms, violating ROSCA and the FTC Act. The FTC seeks an injunction, consumer refunds, and civil penalties.
Consumer fraud investigation where the FTC is seeking information from 20 universities about whether sports agents are complying with the Sports Agent Responsibility and Trust Act (SPARTA), which requires disclosures to student athletes and notification to schools. The inquiry aims to ensure student athletes are protected from deceptive practices by agents.
New York Attorney General Letitia James sent a letter to Instacart demanding information about its algorithmic pricing practices after a study revealed significant price differences for the same products. The AG warns that Instacart may be violating the New York Algorithmic Pricing Disclosure Act by failing to clearly disclose the use of personal data for price setting.
The FTC settled with Disney for violating the COPPA Rule by mislabeling videos on YouTube, which allowed the collection of children's personal data without parental consent. Disney must pay a $10 million civil penalty and implement measures to ensure proper video labeling and compliance with COPPA.
$10.0M
Connecticut Attorney General William Tong, leading a coalition of 35 attorneys general, urged Meta to enforce its policies against misleading AI-generated weight loss ads on Instagram and Facebook. The ads promote non-FDA approved GLP-1 drugs without disclosing risks and use fake AI content. The coalition demands Meta restrict such ads, require clear risk disclosures, and label AI-generated content.
Environmental and consumer protection enforcement action where Mercedes-Benz USA agreed to a nearly $150 million settlement for installing emissions defeat devices in diesel vehicles and misleading consumers about their environmental compliance. The settlement includes significant consumer relief and practice reforms.
$149.7M
Attorney General William Tong led a coalition of 15 attorneys general in submitting a comment letter to the EPA opposing the Trump Administration's proposal to roll back PFAS reporting requirements under the Toxic Substances Control Act. The coalition argues that the exemptions would shield most manufacturers from reporting critical information about PFAS chemicals, hindering efforts to protect public health and the environment.
Texas Attorney General Ken Paxton filed a lawsuit against Sony, Samsung, LG, Hisense, and TCL Technology Group for using Automated Content Recognition (ACR) technology to collect Texans' viewing data without proper consent. A temporary restraining order was secured against Hisense to halt all data collection and sharing. The AG issued a consumer alert with instructions to disable ACR on smart TVs.
Texas Attorney General Ken Paxton has filed lawsuits against five major TV manufacturers—Sony, Samsung, LG, Hisense, and TCL—for unlawfully collecting Texans' viewing data using Automated Content Recognition (ACR) technology without their knowledge or consent. The ACR software captures screenshots of TV displays every 500 milliseconds and transmits the data to the companies, which then sell it for targeted advertising. The AG's office alleges these practices violate Texas privacy laws and seeks to enjoin the companies from continuing the surveillance.
Texas Attorney General Ken Paxton filed a lawsuit against five major TV manufacturers—Sony, Samsung, LG, Hisense, and TCL—for illegally collecting consumers' viewing data through Automated Content Recognition (ACR) technology without knowledge or consent. The companies capture screenshots and monitor TV usage in real-time, then sell the data for targeted advertising, risking sensitive information. The suit seeks to halt these invasive practices and protect Texans' privacy.
Connecticut Attorney General William Tong, along with the FTC and 21 other states and counties, filed a lawsuit against Uber Technologies, LLC and Uber USA, LLC for deceptive practices related to their Uber One subscription service. The lawsuit alleges Uber used negative option marketing, misled consumers about savings, made cancellation difficult, and charged consumers prematurely. The action seeks restitution, penalties, and an injunction under the Connecticut Unfair Trade Practices Act and the Restore Online Shoppers' Confidence Act.
Connecticut Attorney General William Tong led a multistate coalition in sending inquiry letters to six major BNPL providers—Affirm, Afterpay, Klarna, PayPal, Sezzle, and Zip—seeking detailed information on their pricing, fees, disclosures, and consumer assessment practices to evaluate compliance with consumer protection laws, following the rescission of federal Truth in Lending Act rules for BNPL.
Consumer protection and advertising enforcement action. Oregon Attorney General secured a settlement with meal-kit company HelloFresh for misleading consumers with deceptive 'free meal,' 'free shipping,' and 'free gift' offers that required hundreds of dollars in purchases to obtain. The company must pay $106,000 and implement comprehensive advertising reforms.
$106K
Connecticut Attorney General William Tong filed an expanded complaint against Altice/Optimum Online for deceptive advertising and hidden 'Network Enhancement' fees that collected at least $39.1 million from consumers. The company allegedly misled customers with 'price for life' deals while burying fees in fine print and targeting Spanish speakers with English-only disclosures. The complaint seeks penalties and disgorgement under the Connecticut Unfair Trade Practices Act.
Connecticut Attorney General secured a $1 million multistate settlement with TFG Holding, Inc. for deceptive VIP membership program marketing and billing practices. The company must improve disclosures, obtain explicit consent, provide easy cancellation, and offer restitution to affected consumers.
$1.0M
The Florida Attorney General's Office of Parental Rights filed a civil enforcement action against Roku, Inc. for violating the Florida Digital Bill of Rights and FDUTPA by collecting and selling children's personal data without parental consent and misrepresenting privacy controls. The action seeks civil penalties, injunctive relief, and measures to ensure compliance.
The Texas Attorney General opened an investigation into TP-Link Systems Inc. for potentially allowing the Chinese government to access Texans' consumer data through back doors in networking equipment. The investigation will examine whether TP Link violated Texas privacy law by misleading consumers about its independence and improperly collecting or disclosing data. This follows a prior privacy notice violation issued to the company.
The California Privacy Protection Agency (CPPA) settled with Tractor Supply Company for $1.35 million over violations of the California Consumer Privacy Act (CCPA). The violations included failing to maintain a proper privacy policy, not notifying job applicants of their rights, lacking an effective opt-out mechanism, and sharing personal information without adequate contracts. Tractor Supply must pay the fine and implement remedial measures such as scanning digital properties and annual compliance certification.
$1.4M
The FTC and 19 states settled with Kars-R-Us.com, Inc. and its operators for deceptive charity fundraising claims, where only 0.28% of over $45 million raised was used for breast cancer screenings. Operators face permanent fundraising bans and a $3.88 million monetary judgment.
$3.9M
The FTC secured a $2.5 billion settlement with Amazon, including a $1 billion civil penalty and $1.5 billion in consumer refunds, for enrolling millions of consumers in Prime subscriptions without proper consent and designing a deliberately difficult cancellation process. The order requires Amazon to implement clear enrollment disclosures, an easy cancellation method, and cease the unlawful practices.
$1.0B
The FTC issued 6(b) orders to seven technology companies to investigate the safety and privacy practices of their AI chatbots, particularly regarding impacts on children and teens. The inquiry focuses on compliance with children's privacy laws, data handling, and disclosures, requiring companies to provide information on these aspects.
The FTC settled allegations against Apitor Technology for violating COPPA by allowing a third party to collect geolocation data from children without parental consent. Apitor must pay a $500,000 suspended fine, delete improperly collected data, and implement measures to comply with COPPA, including obtaining parental consent and notifying parents.
$500K
Texas Attorney General Ken Paxton has opened an investigation into Meta AI Studio and Character.AI for deceptive practices in marketing AI chatbots as mental health services to children. The platforms are accused of impersonating licensed professionals, fabricating qualifications, and exploiting user data for advertising without proper disclosure. Civil Investigative Demands have been issued to examine violations of Texas consumer protection laws and the SCOPE Act.
Massachusetts Attorney General settled with Earnest Operations LLC for $2.5 million over allegations that the student loan lender's use of AI underwriting models led to disparate impact on Black, Hispanic, and non-citizen applicants. The company failed to test its AI models for bias, used discriminatory variables like Cohort Default Rate, and sent inaccurate adverse action notices. Earnest must pay the fine, discontinue problematic practices, and implement compliance measures.
$2.5M
Connecticut Attorney General William Tong announced a settlement with TicketNetwork, Inc. for violating the Connecticut Data Privacy Act by maintaining an unreadable privacy notice and non-functional consumer rights mechanisms. TicketNetwork agreed to comply with CTDPA requirements, maintain metrics for consumer rights requests, report to the AG, and pay $85,000.
$85K
The FTC settled charges against GoDaddy Inc. and GoDaddy.com, LLC for misleading customers about their data security protections and failing to adequately secure their website hosting services. The company allegedly did not implement reasonable security measures, leaving customer websites vulnerable to attacks that could harm both the customers and visitors to those sites. The case resulted in a consent order requiring GoDaddy to improve its security practices.
The FTC settled charges against GoDaddy Inc. and GoDaddy.com, LLC for misleading customers about their data security protections and failing to adequately secure their website hosting services. The company's security failures left customers' and website visitors' data vulnerable to attacks. The final order requires GoDaddy to implement comprehensive data security measures.
Texas Attorney General Ken Paxton announced legal action against several Chinese companies, including TP-Link, Alibaba, and CapCut, for violating the Texas Data Privacy and Security Act (TDPSA). The companies have been given 30 days to comply with requirements to disclose data processing, allow consumers to opt out of data collection, and enable data deletion. Failure to comply will result in further legal action to protect Texans' privacy rights and prevent data from being accessed by the Chinese Communist Party.
Texas Attorney General Ken Paxton has notified several Chinese companies, including TP-Link, Alibaba, and CapCut, that they are violating the Texas Data Privacy and Security Act (TDPSA). The companies must comply with TDPSA requirements to disclose data processing, allow consumer opt-outs, and enable data deletion within 30 days. Failure to comply will result in further legal action.
Texas Attorney General Ken Paxton has issued notices to several Chinese companies, including TP-Link, Alibaba, and CapCut, for violating the Texas Data Privacy and Security Act (TDPSA). The companies must comply with TDPSA's requirements to disclose data processing, allow opt-outs, and enable data deletion within 30 days, or face further legal action.
New York Attorney General Letitia James filed a lawsuit against National General Holdings Corp and Allstate Insurance Company for failing to protect personal information and notify consumers of data breaches. The breaches exposed driver's license numbers of over 165,000 New Yorkers due to poor cybersecurity. The AG is seeking monetary penalties and an injunction.
Texas Attorney General Ken Paxton filed a lawsuit against Allstate and its subsidiary Arity for unlawfully collecting, using, and selling driving data from over 45 million consumers without consent. The data, which includes precise geolocation information, was used to justify insurance premium increases. This action alleges violations of the Texas Data Privacy and Security Act (TDPSA).
Connecticut Attorney General William Tong announced a $5 million preliminary settlement with Stone Academy and its owners for unfair and deceptive conduct. The for-profit nursing school failed to deliver promised education, lacking textbooks, experienced teachers, and clinical training, and abruptly closed in February 2023. The settlement provides cash payments to harmed students, bars the owner from higher education employment for five years, and includes measures to help students complete their education.
$5.0M
Texas Attorney General Ken Paxton has launched investigations into Character.AI and fourteen other companies, including Reddit, Instagram, and Discord, for potential violations of the SCOPE Act and TDPSA regarding children's privacy and safety. The investigations focus on unauthorized sharing of minors' data and lack of parental controls. No penalties have been imposed yet as the investigations are ongoing.
Texas Attorney General Ken Paxton announced investigations into 15 companies, including Character.AI, Reddit, Instagram, and Discord, for potential violations of the SCOPE Act and TDPSA concerning children's privacy. The investigations target practices such as unauthorized sharing of minors' personal data and failure to provide parental controls. This action is part of Texas's broader initiative to enforce data privacy laws.
Connecticut Attorney General William Tong announced a $65,000 settlement with Hilario Truck Center and Hilario’s Service Center for illegally collecting junk fees such as PPE fees, administrative fees, and fuel surcharges during police-ordered tows. The settlement requires the companies to pay $10,000 to the state and provide refunds to eligible consumers who paid these unauthorized fees between 2019 and 2024.
$65K
New York Attorney General Letitia James secured a settlement with Albany ENT & Allergy Services (AENT) after ransomware attacks compromised the medical records of over 200,000 patients. AENT failed to maintain adequate data security and did not properly disclose all affected data. The settlement requires AENT to pay $1 million in penalties and invest $2.25 million in cybersecurity improvements.
$1.0M
Connecticut Attorney General William Tong announced a $20,000 settlement with EnergyBillCruncher.com for misleading solar marketing tactics, including false claims about government coverage, misuse of the state seal, and false urgency in social media ads. The company must cease these practices and notify its solar installer partners.
$20K
The Connecticut Attorney General obtained a $5 million stipulated judgment against Vision Solar for alleged deceptive sales practices, including high-pressure tactics, misrepresentations, and performing unpermitted work. Although the company is bankrupt and cannot pay, the judgment establishes binding operational standards for solar companies in Connecticut regarding disclosures, contracting, permitting, and use of licensed contractors.
$5.0M
The FTC staff report examined data practices of nine major social media and video streaming companies and found they engaged in vast surveillance of users with lax privacy controls and inadequate safeguards for children and teens. The report recommends limiting data collection, restricting targeted advertising, and strengthening protections for young users, and calls for comprehensive federal privacy legislation.
Texas Attorney General Ken Paxton settled with Pieces Technologies for making deceptive claims about the accuracy of its healthcare AI products used in Texas hospitals. The company advertised an error rate of '<1 per 100,000' which was found inaccurate. The settlement requires Pieces to accurately disclose product accuracy and ensure hospital staff understand the limitations.
Consumer fraud case where the FTC settled with Invitation Homes for deceiving renters with undisclosed fees and unlawful charges, including hidden fees and unfair security deposit withholdings. The company must pay over $47.2 million in refunds to affected consumers and change its leasing practices.
$48.0M
Verkada, a security camera company, failed to secure customer data, leading to a hacker accessing over 150,000 cameras and sensitive health information. The company also violated the CAN-SPAM Act by sending spam emails without proper opt-out mechanisms. To settle, Verkada will pay $2.95 million and implement a comprehensive security program with audits.
$3.0M
Connecticut Attorney General William Tong announced an investigation into EnergyBillCruncher for making false claims that the government would cover solar installation costs, misusing the state seal, and creating false urgency. The investigation seeks information on the company's ownership, consumer interactions, and partnerships. This is part of broader actions against deceptive solar sales tactics.
The FTC and DOJ sued TikTok and ByteDance for violating COPPA by collecting personal information from children under 13 without parental consent. The complaint alleges that TikTok knowingly allowed millions of children on its platform and failed to comply with a 2019 consent order. The lawsuit seeks civil penalties and a permanent injunction.
The FTC finalized an order against Avast for selling consumers' web browsing data for advertising after promising privacy protection. Avast must pay $16.5 million, is banned from selling such data, must delete collected data, obtain consent, notify consumers, and implement a privacy program.
$16.5M
Texas Attorney General Ken Paxton opened an investigation into multiple car manufacturers for collecting and selling driver data to third parties, including insurance companies, without consumers' knowledge or consent. The investigation, conducted under the Texas Deceptive Trade Practices – Consumer Protection Act, seeks documents about data collection practices and disclosures made to customers. The AG's office is concerned about invasive data collection and potential deceptive practices.
The FTC finalized a consent order against Blackbaud Inc. for alleged security failures that led to a data breach exposing personal data of millions of consumers. Blackbaud must delete unnecessary data, implement a security program, and not misrepresent its policies. No monetary penalty was imposed.
Connecticut Attorney General William Tong filed a lawsuit against Altice for charging unlawful 'Network Enhancement Fees' and failing to adequately disclose internet speed limits. The complaint seeks to stop the fees, recover millions for consumers, and address deceptive marketing practices including language barriers.
The FTC settled with InMarket Media for unlawfully collecting and using consumers' precise location data without adequate notice and consent. The order prohibits InMarket from selling or sharing precise location data, requires deletion of collected data, and mandates consumer consent mechanisms and privacy programs.
The FTC settled with telehealth firm Cerebral, Inc. for sharing sensitive consumer mental health data with third parties like LinkedIn, Snapchat, and TikTok for advertising without proper consent, employing sloppy security practices, and misleading consumers about cancellation policies. Cerebral must pay over $7 million (with $2 million due upfront), is permanently banned from using health information for most advertising, must implement a comprehensive privacy program, delete unnecessary data, and provide easy cancellation.
$7.0M
Bumble Inc. agreed to pay $315,000 and update its disclosures to settle allegations that it misrepresented its criminal background screening policies to New Jersey users, violating the New Jersey Consumer Fraud Act and Internet Dating Safety Act. The settlement requires Bumble to clearly disclose its screening practices and safety limitations on its dating platforms.
$315K
DoorDash sold California consumers' personal information to a marketing cooperative without providing required notice or an opt-out option, violating the CCPA and CalOPPA. The settlement requires DoorDash to pay a $375,000 civil penalty and comply with injunctive terms, including reviewing vendor contracts and providing annual reports to the Attorney General. This enforcement action clarifies that participation in marketing cooperatives constitutes a sale under the CCPA.
$375K
The FTC settled with Avast for deceiving customers by claiming its antivirus software blocked tracking while secretly collecting and selling browsing data. Avast must pay $16.5 million in refunds and is banned from such practices. The FTC is now processing claims for affected consumers.
$16.5M
The Connecticut Office of the Attorney General released a mandated report on the Connecticut Data Privacy Act (CTDPA), detailing over a dozen notices of violation issued to companies across various industries for deficiencies in privacy disclosures and consumer rights mechanisms. The report highlights common compliance failures and reaffirms the AG's commitment to enforcement and education under the state's consumer privacy law.
The FTC settled with data brokers X-Mode Social and Outlogic for selling precise location data without informed consent and failing to protect sensitive information. The proposed order bans the sale of sensitive location data, requires deletion of collected data, and mandates a comprehensive privacy program. This is the FTC's first action against a data broker for sensitive location data practices.
Connecticut Attorney General William Tong expanded the complaint against Stone Academy, alleging its owners siphoned millions for personal luxury while students were denied promised education and clinical training. Revenues surged during the pandemic, but exam pass rates fell and students lacked textbooks and qualified teachers. The AG seeks civil penalties, restitution, and a receiver to protect assets for student relief.
The FTC and CFPB settled with Trans Union LLC and its subsidiary for violating the Fair Credit Reporting Act by including inaccurate and incomplete eviction records in tenant screening reports, harming consumers' ability to obtain housing. The settlement requires Trans Union to pay $15 million, with $11 million for consumer compensation and $4 million as a civil penalty, and to implement measures to ensure report accuracy and disclose data sources.
$15.0M
California Attorney General Rob Bonta announced a $93 million settlement with Google for deceiving users about location tracking. Google continued to collect location data even after users opted out, violating California consumer protection laws. The settlement includes injunctive terms to enhance transparency and user controls over location settings.
$93.0M
The FTC settled with background report providers TruthFinder and Instant Checkmate, charging they deceived consumers about the accuracy of their reports (often mischaracterizing traffic tickets as criminal records) and violated the Fair Credit Reporting Act (FCRA) by operating as consumer reporting agencies without following its requirements, including ensuring accuracy and limiting permissible purposes. The companies will pay a $5.8 million penalty and implement a comprehensive FCRA compliance monitoring program.
$5.8M
The FTC finalized an order against 1Health.io for failing to secure genetic data and unfairly changing its privacy policy. The company must pay $75,000 for consumer refunds, destroy DNA samples, and implement security measures. It deceived consumers about data deletion and shared data without proper consent.
$75K
The FTC settled charges against Experian Consumer Services for violating the CAN-SPAM Act by sending marketing emails to consumers who signed up for credit management accounts without providing an opt-out mechanism. The emails promoted products like Experian Boost and Dark Web scans but lacked unsubscribe links. Experian must pay $650,000 and is prohibited from future violations.
$650K
The FTC settled with genetic testing company 1Health.io for failing to secure sensitive genetic and health data, deceiving consumers about data deletion, and unfairly changing its privacy policy without notice or consent. The settlement includes refunds totaling over $49,500 to 2,432 affected consumers.
$50K
The FTC charged Ring LLC with allowing employees to access private customer videos without consent and failing to secure user accounts, leading to hackers controlling cameras. Under a proposed consent order, Ring must pay $5.8 million in refunds, delete unlawfully accessed data, and implement a privacy and security program.
$5.8M
The FTC charged Easy Healthcare Corporation, operator of the Premom fertility app, with deceiving users by sharing their sensitive health data with third parties for advertising without consent and failing to notify breaches as required by the Health Breach Notification Rule. Under a proposed consent decree, the company will pay a $100,000 civil penalty, be barred from sharing health data for advertising, and must implement privacy and security measures.
$100K
Connecticut, Oregon, and the District of Columbia reached a $100,000 settlement with Easy Healthcare Corporation, the operator of the Premom ovulation tracking app, for sharing sensitive user health and location data with third parties without appropriate disclosures or user consent. The settlement requires the company to implement comprehensive privacy and security programs, obtain consent before sharing health or location data, and provide users with a method to delete their personal information.
$100K
The FTC proposed modifications to its 2020 privacy order with Meta, alleging violations including non-compliance with the order, misleading parents about Messenger Kids, and unauthorized data sharing. The proposed changes include banning monetization of youth data, pausing new product launches, and strengthening privacy requirements.
Connecticut Attorney General William Tong and Secretary of State Stephanie Thomas warned businesses about a scam by C F Division Services, LLC, which sends solicitations mimicking government notices for free UCC reports while charging $90. The company's disclaimer is not clear and conspicuous, and the AG has demanded information via letter while investigating the deceptive practices.
The FTC settled with GoodRx for sharing consumers' sensitive prescription and health information with Facebook, Google, and other third parties for advertising without consent, and for failing to report these unauthorized disclosures as required by the Health Breach Notification Rule. GoodRx will pay a $1.5 million civil penalty and is permanently barred from sharing user health data for advertising.
$1.5M
Google settled with 40 state attorneys general over allegations that it misled consumers about location tracking practices. Google will pay $391.5 million and must enhance transparency and user controls for location data collection.
$391.5M
Connecticut and 39 other states secured a $391.5 million settlement with Google for misleading consumers about location tracking and continuing to collect data after users opted out. The settlement mandates Google to enhance transparency and user controls for location settings, including clear disclosures and user-friendly account controls.
$391.5M
Connecticut, as part of a 40-state coalition, secured multistate settlements totaling over $16 million with Experian and T-Mobile related to data breaches in 2012 and 2015 that exposed consumers' personal information. Experian agreed to pay $12.67 million and implement enhanced data security measures, while T-Mobile agreed to pay $2.43 million and strengthen vendor management. Additionally, Experian Data Corp. paid $1 million to resolve a separate 2012 breach investigation, with all entities required to improve data protection practices.
$16.0M
Attorney General William Tong joined a coalition of 18 attorneys general to urge the FTC to strengthen the Motor Vehicle Dealers Trade Regulation Rule. The coalition supports proposed updates that prohibit misrepresentations, require accurate pricing disclosures, and obtain informed consent for add-ons, while suggesting enhancements like written disclosures and record retention to prevent consumer harm in car sales.
The FTC and CFPB filed an amicus brief with the Third Circuit Court of Appeals to overturn a lower court ruling that exempted furnishers from investigating indirect disputes under the FCRA. The brief argues that all disputes must be investigated to ensure consumers can correct inaccurate credit information and be notified of outcomes, upholding key FCRA protections.
Connecticut Attorney General William Tong led 34 states and territories in a $438.5 million settlement with JUUL Labs over its youth-targeted marketing and misleading practices. The settlement includes strict injunctive terms prohibiting youth marketing, certain flavors, and requiring age verification. Funds will support tobacco cessation programs.
$438.5M
Connecticut Attorney General settled with Frontier Communications over deceptive marketing, hidden fees, and poor service. The $60 million settlement requires Frontier to invest $42.5 million in fiber upgrades for 40,000 households in distressed areas, end a $6.99 monthly surcharge, pay $1 million to the state, and provide $200,000 in consumer refunds. Frontier must also improve customer service, billing disclosures, and service quality guarantees over six years.
$1.0M
California Attorney General Rob Bonta announced a settlement with Sephora, Inc. for $1.2 million over violations of the California Consumer Privacy Act. Sephora failed to disclose that it sold consumer personal information and did not process opt-out requests via Global Privacy Control. The settlement requires Sephora to pay penalties and implement compliance measures including policy changes and reporting.
$1.2M
Harris Jewelry defrauded servicemembers with deceptive marketing, inflated prices, and hidden fees. A multistate settlement requires $34.2 million in refunds and debt relief, stops debt collection, and dissolves the business, affecting over 46,000 servicemembers.
$1.0M
Connecticut Attorney General and Consumer Counsel announced a $3 million settlement with electric supplier Public Power for failing to publish required 'next cycle rate' information, which denied consumers the opportunity to switch suppliers to avoid rate increases. As part of the settlement, Public Power and its sister companies must permanently exit the Connecticut market, and the funds will be used to pay down unpaid electric bills for hardship customers.
$3.0M
The FTC finalized an order against CafePress for failing to secure consumer data and covering up a data breach. The company must implement comprehensive security measures, and its former owner must pay $500,000 in redress to victims.
$500K
Connecticut Attorney General William Tong sued Reynolds Consumer Products for violating the Connecticut Unfair Trade Practices Act by falsely marketing Hefty 'Recycling Bags' as recyclable and suitable for recycling programs, despite knowing they are incompatible with Connecticut's recycling facilities and cause contamination. The lawsuit seeks damages, injunctive relief, and other remedies to stop the deceptive practice.
Connecticut Attorney General William Tong secured $1.2 million in restitution for 40,841 state consumers as part of a multistate $141 million settlement with Intuit Inc., the owner of TurboTax. The settlement resolves allegations that Intuit deceived low-income consumers into paying for tax preparation services that were offered for free through the IRS Free File program by using deceptive marketing tactics and confusing product names. Intuit must pay restitution, suspend its 'free, free, free' ad campaign, and implement business practice reforms.
$141.0M
Connecticut Attorney General William Tong joined a coalition of 19 attorneys general to submit comments to the CFPB, urging robust consumer protections for buy-now-pay-later (BNPL) lenders. The coalition expressed concerns that BNPL loans may trap consumers in debt through hidden fees, inadequate disclosures, and improper data monetization practices.
The FTC took action against CafePress for failing to secure consumer data and covering up a major data breach. The company stored sensitive information insecurely and delayed notifying customers. As part of the settlement, Residual Pumpkin must pay $500,000 in redress, and both companies must implement comprehensive security programs.
$500K
Connecticut Attorney General William Tong announced settlements with four hearing aid companies for marketing their products as 'FDA-approved' when no such approval exists. The companies will collectively pay $40,000 and cease such marketing practices. The investigation underscores that over-the-counter hearing aids are not FDA-approved and consumers should be wary of such claims.
$40K
Connecticut Attorney General filed a $5 million stipulation judgment against Safe Home Security for repeated non-compliance with court-ordered consumer protection measures, including blocking contract terminations and misrepresenting terms. The judgment requires immediate payment of $1 million and suspends $4 million pending compliance, with an independent monitor for five years.
$5.0M
Connecticut Attorney General William Tong announced a $1.85 billion multistate settlement with student loan servicer Navient for unfair and deceptive servicing practices. Navient steered borrowers into costly forbearances and originated predatory loans, resulting in debt relief for over 66,000 borrowers and restitution for 350,000 federal loan borrowers. The settlement includes a $142.5 million payment to attorneys general and conduct reforms to improve servicing practices.
$142.5M
The Connecticut Attorney General announced an enforcement action against Associated Community Services for operating a massive telefunding scheme that bombarded 67 million consumers with 1.3 billion deceptive fundraising calls, fraudulently collecting over $110 million. The action resulted in hundreds of millions of dollars in fines and a permanent prohibition from fundraising, forcing the sale of assets purchased with illegal proceeds.
The FTC finalized an order banning Support King, LLC and its CEO from the surveillance business for selling stalkerware apps that secretly collected and shared users' personal data without consent. The order requires them to delete all illegally collected data and notify affected device owners.
The FTC and DOJ settled with MyLife.com, Inc. and its CEO for deceiving consumers with misleading background reports that falsely implied criminal records and for engaging in difficult-to-cancel subscription practices. MyLife violated the Fair Credit Reporting Act, Restore Online Shoppers’ Confidence Act, and Telemarketing Sales Rule. The settlement includes a permanent ban on negative option marketing, $33.9 million in judgments for consumer refunds, and a monitoring program.
$33.9M