1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,338
Total Actions
14
Jurisdictions
$50.6B+
Total Fines Tracked
Connecticut Attorney General William Tong filed a lawsuit against Vision Solar, LLC for engaging in predatory high-pressure sales tactics, misrepresenting financing and tax credits, and performing unpermitted work that left homeowners with nonfunctioning systems and unaffordable loans. The action seeks restitution for consumers, civil penalties, and injunctive relief to stop the company's unfair and deceptive practices.
Connecticut Attorney General William Tong led 34 states and territories in a $438.5 million settlement with JUUL Labs over its youth-targeted marketing and misleading practices. The settlement includes strict injunctive terms prohibiting youth marketing, certain flavors, and requiring age verification. Funds will support tobacco cessation programs.
$438.5M
The FTC took action against CafePress for failing to secure consumer data and covering up a major data breach. The company stored sensitive information insecurely and delayed notifying customers. As part of the settlement, Residual Pumpkin must pay $500,000 in redress, and both companies must implement comprehensive security programs.
$500K
The FTC finalized an order banning Support King, LLC and its CEO from the surveillance business for selling stalkerware apps that secretly collected and shared users' personal data without consent. The order requires them to delete all illegally collected data and notify affected device owners.
The FTC banned Support King, LLC (SpyFone) and its CEO from the surveillance business for secretly harvesting and sharing users' data without consent, and ordered the deletion of all illegally collected data and notification to affected device owners. The company failed to secure the data, leading to a hack that exposed 2,200 consumers.
The FTC settled with Kuuhuub Inc., operator of the Recolor coloring book app, for violating COPPA by collecting personal information from children under 13 without parental consent. The app's social media features allowed children to register and share data, and third-party ad networks collected persistent identifiers for targeted ads. The settlement requires deletion of children's data, refunds to underage subscribers, a $3 million penalty (suspended upon $100,000 payment), and user notifications about the violations.
$3.0M
The FTC settled with Vivint Smart Homes, Inc. for $20 million over allegations that the company misused consumer credit reports to secure financing for unqualified customers, harming consumers' credit. The FTC is now distributing approximately $500,000 in refunds to affected consumers.
$20.0M
Everalbum, Inc. settled FTC allegations that it deceived consumers about its use of facial recognition technology in its photo storage app and failed to delete photos when users deactivated their accounts. The settlement requires Everalbum to obtain express consent before using facial recognition, delete user photos and derived face embeddings, and delete developed models and algorithms. It also prohibits misrepresentations about data practices and requires consent for biometric data use if marketing software to consumers.
The FTC settled with Zoom for deceiving users about its encryption security and unfairly installing software that bypassed browser safeguards. Zoom must implement a comprehensive security program, undergo biennial audits, and is banned from making false security claims. No monetary penalty was imposed.
California Attorney General Xavier Becerra announced a settlement with Glow, Inc., operator of a fertility-tracking mobile app, over privacy and security failures that risked exposing millions of users’ sensitive personal and medical information. The settlement includes a $250,000 civil penalty and injunctive terms requiring Glow to implement privacy and security design principles, obtain affirmative user consent for data sharing, and allow users to revoke consent. Glow was alleged to have failed to safeguard health information, allowed unauthorized access to user data, and maintained flawed password reset functions that could enable third-party access without consent.
$250K
Meitu, Inc. allegedly violated COPPA and the New Jersey Consumer Fraud Act by collecting personal information from children under 13 without parental consent. The settlement requires Meitu to pay a $100,000 civil penalty, update its privacy policies, and modify its apps to block data collection from children.
$100K
Lenovo preinstalled 'Visual Discovery' software on its computers that intercepted browsing data and broke encrypted connections without user consent, compromising security and privacy. The multi-state settlement imposes a $3.5 million penalty and requires Lenovo to implement disclosure, consent, opt-out, and security compliance measures.
$3.5M
VIZIO and Inscape settled allegations that they collected viewing data from Smart TVs without adequate disclosure and consent, selling it to third parties. They agreed to pay $1 million to New Jersey, destroy collected data, and implement privacy measures including obtaining consumer consent and establishing a privacy program.
$1.0M
The California Attorney General settled with Houzz Inc. for secretly recording incoming and outgoing telephone calls from March to September 2013 without notifying or obtaining consent from all parties, violating state wiretapping and eavesdropping laws. The settlement requires Houzz to pay $175,000, appoint a Chief Privacy Officer, conduct a privacy risk assessment, secure and destroy the recordings, and implement compliance measures.
$175K
The New Jersey Attorney General and FTC settled with app developer Equiliv Investments and Ryan Ramminger for distributing the Prized app that contained malware to mine cryptocurrency without user consent. The settlement prohibits such activities, requires record-keeping for 20 years, and imposes a $5,200 penalty with an additional $44,800 suspended.
$5K
The New Jersey Division of Consumer Affairs obtained a consent decree against Jeremy Rubin, developer of Tidbit Bitcoin-mining software, for accessing New Jersey computers without users' knowledge or consent. The settlement includes a suspended $25,000 monetary penalty and prohibits future unauthorized access, requiring clear notification and verifiable consent.
$25K
The New Jersey Attorney General settled with Dokogeo, the developer of the Dokobots app, for violating COPPA by collecting personal information from children without parental consent. The settlement requires Dokogeo to disclose its data practices, stop collecting children's data, delete existing children's data, and pay a suspended $25,000 penalty.
$25K
Dataium settled allegations that it used history sniffing to track consumers' online browsing without consent and sold personal data of 400,000 consumers to a data broker without notice. The settlement imposes a $400,000 monetary penalty, requires a privacy program, and mandates transparency and opt-out mechanisms.
$400K
New Jersey joined a multi-state settlement with Google alleging that Google circumvented Safari browser's default privacy settings to plant third-party cookies without user consent. Google agreed to pay $17 million and implement injunctive relief to prevent such conduct and improve transparency.
$17.0M
Google settled multi-state allegations that it collected personal data from unsecured wireless networks during Street View operations without user consent. The settlement requires Google to destroy the collected data, refrain from future non-consensual collection, implement a 10-year employee privacy training program, and run a public advertising campaign. New Jersey's share of the settlement is approximately $147,000.
All data sourced from official government enforcement pages.