1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,338
Total Actions
14
Jurisdictions
$50.6B+
Total Fines Tracked
California Attorney General Rob Bonta announced a $2.75 million settlement with The Walt Disney Company, the largest CCPA settlement in state history, resolving allegations that Disney violated the CCPA by failing to fully honor consumers’ opt-out requests for the sale or sharing of their personal data across all devices and streaming services linked to their accounts. Disney’s opt-out methods, including in-app toggles, webforms, and Global Privacy Control implementation, had gaps that allowed continued data sale or sharing even after consumers opted out. Under the settlement, Disney must pay the civil penalty and implement comprehensive opt-out methods that fully cease all sale or sharing of consumer data upon request.
$2.8M
California Attorney General Rob Bonta announced a $1.4 million settlement with mobile gaming company Jam City, Inc. for violating the CCPA by failing to provide consumers with compliant methods to opt out of the sale or sharing of their personal information across its 21 mobile apps. The settlement also resolves allegations that Jam City sold or shared personal data of users aged 13 to 16 without the required affirmative opt-in consent. In addition to the civil penalty, Jam City must implement in-app opt-out methods and obtain opt-in consent for minor users' data sales and sharing.
$1.4M
California Attorney General Rob Bonta announced a $1.55 million settlement with health information website publisher Healthline Media LLC, resolving allegations that the company violated the CCPA and Unfair Competition Law. Violations included failing to honor consumer opt-out requests, sharing sensitive health data with third parties without required privacy protections, and using deceptive consent banners that did not disable tracking cookies. The settlement imposes injunctive terms, compliance requirements, and a civil penalty, marking the largest CCPA settlement to date.
$1.6M
California Attorney General Rob Bonta announced a settlement with Sephora, Inc. resolving allegations that the company violated the California Consumer Privacy Act (CCPA) by failing to disclose it was selling consumers' personal information and failing to process opt-out requests via user-enabled Global Privacy Controls. Sephora agreed to pay $1.2 million in penalties and implement injunctive measures including updating privacy disclosures, enabling opt-out via GPC, conforming service provider agreements to CCPA, and reporting to the AG. The settlement is part of ongoing CCPA enforcement efforts, with the AG also issuing cure notices to other businesses failing to honor GPC opt-out signals.
$1.2M
Lenovo preinstalled 'Visual Discovery' software on its computers that intercepted browsing data and broke encrypted connections without user consent, compromising security and privacy. The multi-state settlement imposes a $3.5 million penalty and requires Lenovo to implement disclosure, consent, opt-out, and security compliance measures.
$3.5M
All data sourced from official government enforcement pages.