1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,338
Total Actions
14
Jurisdictions
$50.6B+
Total Fines Tracked
The FTC banned Support King, LLC (SpyFone) and its CEO from the surveillance business for secretly harvesting and sharing users' data without consent, and ordered the deletion of all illegally collected data and notification to affected device owners. The company failed to secure the data, leading to a hack that exposed 2,200 consumers.
Attorney General William Tong of Connecticut joined a multistate coalition of 37 attorneys general in filing a lawsuit against Google alleging antitrust violations related to the Google Play Store and Google Billing. The lawsuit claims Google used its dominance to restrict competition, force developers to use Google Billing, and charge high commissions up to 30%. The action seeks to restore competition in the app market and halt Google's anticompetitive practices.
The FTC finalized a settlement with Zoom Video Communications, Inc. for misleading consumers about its data security practices and compromising user security. The settlement requires Zoom to implement a comprehensive security program, review software updates for security flaws, and undergo biennial third-party assessments.
Everalbum, Inc. settled FTC allegations that it deceived consumers about its use of facial recognition technology in its photo storage app and failed to delete photos when users deactivated their accounts. The settlement requires Everalbum to obtain express consent before using facial recognition, delete user photos and derived face embeddings, and delete developed models and algorithms. It also prohibits misrepresentations about data practices and requires consent for biometric data use if marketing software to consumers.
The FTC settled with Zoom for deceiving users about its encryption security and unfairly installing software that bypassed browser safeguards. Zoom must implement a comprehensive security program, undergo biennial audits, and is banned from making false security claims. No monetary penalty was imposed.
The FTC settled with NTT Global Data Centers Americas, Inc. for deceiving consumers about its participation in the EU-U.S. Privacy Shield framework. The company's certification lapsed in 2018, but it continued to claim compliance in its privacy policy and marketing materials. Under the settlement, NTT is prohibited from misrepresenting its participation in any privacy program and must apply Privacy Shield protections to previously collected personal data or delete it.
NTT Global Data Centers settled FTC allegations that it misled consumers about its participation in the EU-U.S. Privacy Shield framework and failed to comply with its requirements. The settlement requires the company to hire a third-party assessor if it re-certifies, prohibits misrepresentations about privacy programs, and mandates continued application of Privacy Shield protections or deletion of data collected while participating.
Lightyear Dealer Technologies (DealerBuilt) settled an investigation into a 2016 data breach where a misconfigured file system exposed personal data, including social security numbers and bank information, of thousands of auto dealership customers nationwide. The settlement includes an $80,784 payment (with $20,000 suspended) and mandatory cybersecurity reforms.
$49K
The New Jersey Division of Consumer Affairs settled with DealerApp, a mobile app developer for auto dealerships, for allegedly collecting and transmitting consumer personal information without notice or consent. DealerApp agreed to pay a $38,000 civil penalty and implement measures to disclose data practices and obtain consent for third-party sharing.
$38K
The New Jersey Attorney General and FTC settled with app developer Equiliv Investments and Ryan Ramminger for distributing the Prized app that contained malware to mine cryptocurrency without user consent. The settlement prohibits such activities, requires record-keeping for 20 years, and imposes a $5,200 penalty with an additional $44,800 suspended.
$5K
The New Jersey Division of Consumer Affairs obtained a consent decree against Jeremy Rubin, developer of Tidbit Bitcoin-mining software, for accessing New Jersey computers without users' knowledge or consent. The settlement includes a suspended $25,000 monetary penalty and prohibits future unauthorized access, requiring clear notification and verifiable consent.
$25K
The New Jersey Attorney General settled with Dokogeo, the developer of the Dokobots app, for violating COPPA by collecting personal information from children without parental consent. The settlement requires Dokogeo to disclose its data practices, stop collecting children's data, delete existing children's data, and pay a suspended $25,000 penalty.
$25K
All data sourced from official government enforcement pages.