Court Rules

Privacy Enforcement Tracker

1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.

1,338

Total Actions

14

Jurisdictions

$50.6B+

Total Fines Tracked

Access this data programmatically:MCP Server API Docs
JurisdictionAllHHSFTCCTNJCATXNYORCPPAFL
ViolationAllData BreachHealth DataSecurity FailureUnauthorized Data SharingNotice FailureConsent FailureChildren's DataOpt-Out FailureDark PatternsData Broker Non-ComplianceStudent DataBiometric Data
IndustryAllTechnologyGamingEducation TechnologyHealthcareFinancial ServicesSocial MediaAdvertising TechnologyData BrokerTelecommunicationsMedia & Entertainment
RiskAllCriticalHighMediumLow
Showing 4 resultsClear all filters
NYSettlement

Fantasia Trading LLC, Power Mobile Life LLC, and Smart Innovation, LLC(eufy)

New York Attorney General Letitia James secured a $450,000 settlement from three companies distributing eufy-branded home security cameras for failing to implement adequate data security measures. The companies’ cameras had unencrypted video streams accessible without authentication, exposing private consumer footage. The settlement requires the companies to implement stronger security protocols, including encryption, vulnerability testing, and a comprehensive information security program.

MediumSecurity Failure

$450K

CTSettlement

Guardian Analytics, Inc. and Actimize, Inc.(Guardian Analytics)

Guardian Analytics, Inc. and Actimize, Inc. settled with the Connecticut Attorney General over a data breach affecting 157,629 Connecticut residents. The breach, from November 2022 to January 2023, exposed personal information due to security failures. The settlement includes a $500,000 penalty and mandatory cybersecurity improvements.

MediumSecurity FailureData Breach

$500K

FTCConsent Decree

Residual Pumpkin Entity, LLC and PlanetArt, LLC(CafePress)

The FTC took action against CafePress for failing to secure consumer data and covering up a major data breach. The company stored sensitive information insecurely and delayed notifying customers. As part of the settlement, Residual Pumpkin must pay $500,000 in redress, and both companies must implement comprehensive security programs.

MediumData BreachSecurity FailureNotice Failure

$500K

CASettlement

Glow, Inc.(Glow)

California Attorney General Xavier Becerra announced a settlement with Glow, Inc., operator of a fertility-tracking mobile app, over privacy and security failures that risked exposing millions of users’ sensitive personal and medical information. The settlement includes a $250,000 civil penalty and injunctive terms requiring Glow to implement privacy and security design principles, obtain affirmative user consent for data sharing, and allow users to revoke consent. Glow was alleged to have failed to safeguard health information, allowed unauthorized access to user data, and maintained flawed password reset functions that could enable third-party access without consent.

MediumHealth DataSecurity FailureConsent Failure

$250K

Explore Enforcement Data

By Jurisdiction

HHS Office for Civil Rights536 Federal Trade Commission115 Connecticut Attorney General92 New Jersey Attorney General60 California Attorney General57 Texas Attorney General41 New York Attorney General39 Oregon Attorney General18 California Privacy Protection Agency12 Florida Attorney General12 Virginia Attorney General8 Massachusetts Attorney General6 Illinois Attorney General3 WA1

By Violation Type

Data Breach601 Health Data594 Security Failure561 Unauthorized Data Sharing169 Notice Failure98 Consent Failure88 Children's Data71 Opt-Out Failure36 Dark Patterns20 Data Broker Non-Compliance18 Student Data18 Biometric Data18

By Industry

TechnologyGamingEducation TechnologyHealthcareFinancial ServicesSocial MediaAdvertising TechnologyData BrokerTelecommunicationsMedia & EntertainmentGovernmentRetailInsuranceOther