Court Rules

Privacy Enforcement Tracker

1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.

1,338

Total Actions

14

Jurisdictions

$50.6B+

Total Fines Tracked

Access this data programmatically:MCP Server API Docs
JurisdictionAllHHSFTCCTNJCATXNYORCPPAFL
ViolationAllData BreachHealth DataSecurity FailureUnauthorized Data SharingNotice FailureConsent FailureChildren's DataOpt-Out FailureDark PatternsData Broker Non-ComplianceStudent DataBiometric Data
IndustryAllTechnologyGamingEducation TechnologyHealthcareFinancial ServicesSocial MediaAdvertising TechnologyData BrokerTelecommunicationsMedia & Entertainment
RiskAllCriticalHighMediumLow
Showing 4 resultsClear all filters
FTCSettlement

COGNOSPHERE LLC(Cognosphere)

The FTC settled with Cognosphere LLC, developer of Genshin Impact, for violating COPPA by collecting personal information from children without parental consent and for deceptive practices regarding in-game loot box purchases. The company will pay $20 million in penalties and is banned from selling loot boxes to children under 16 without verifiable parental consent.

CriticalChildren's DataDark Patterns

$20.0M

FTCConsent Decree

Cognosphere Pte. Ltd and Cognosphere LLC(Cognosphere)

The FTC settled with Cognosphere, the developer of Genshin Impact, for violating COPPA by collecting children's data without parental consent and for using deceptive loot box practices that misled players about costs and odds. Cognosphere will pay a $20 million fine, be banned from selling loot boxes to teens under 16 without parental consent, and must implement various transparency and data deletion measures.

CriticalChildren's DataDark Patterns

$20.0M

CASettlement

Tilting Point Media LLC

California Attorney General Rob Bonta and Los Angeles City Attorney Hydee Feldstein Soto announced a $500,000 settlement with Tilting Point Media LLC over allegations that the company violated COPPA and the CCPA by illegally collecting and sharing children’s personal data without parental consent via its 'SpongeBob: Krusty Cook-Off' mobile game. The settlement requires Tilting Point to pay $500,000 in civil penalties and comply with injunctive terms including implementing neutral age screens, obtaining parental consent for children’s data collection/sharing, and maintaining an SDK governance framework. Tilting Point must also submit annual compliance reports to the California DOJ and LA City Attorney’s Office.

MediumChildren's DataConsent FailureNotice Failure

$500K

FTCSettlement

Epic Games, Inc.(Epic Games)

Epic Games, maker of Fortnite, violated children's privacy laws by collecting data from under-13 users without parental consent and used deceptive designs to trick users into unintended purchases. The FTC secured a $275 million civil penalty and $245 million in consumer refunds, with requirements to enhance privacy defaults, delete improperly collected data, implement a privacy program, and prohibit dark patterns and account locking for charge disputes.

CriticalChildren's DataDark Patterns

$275.0M

Explore Enforcement Data

By Jurisdiction

HHS Office for Civil Rights536 Federal Trade Commission115 Connecticut Attorney General92 New Jersey Attorney General60 California Attorney General57 Texas Attorney General41 New York Attorney General39 Oregon Attorney General18 California Privacy Protection Agency12 Florida Attorney General12 Virginia Attorney General8 Massachusetts Attorney General6 Illinois Attorney General3 WA1

By Violation Type

Data Breach601 Health Data594 Security Failure561 Unauthorized Data Sharing169 Notice Failure98 Consent Failure88 Children's Data71 Opt-Out Failure36 Dark Patterns20 Data Broker Non-Compliance18 Student Data18 Biometric Data18

By Industry

TechnologyGamingEducation TechnologyHealthcareFinancial ServicesSocial MediaAdvertising TechnologyData BrokerTelecommunicationsMedia & EntertainmentGovernmentRetailInsuranceOther