1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,338
Total Actions
14
Jurisdictions
$50.6B+
Total Fines Tracked
The FTC issued a policy statement announcing it will not enforce COPPA against operators that collect age verification data under specific conditions. The policy aims to encourage the use of age verification technologies to protect children online. Operators must limit data use, ensure security, provide notice, and use accurate verification methods.
The FTC issued a policy statement announcing that it will not enforce the COPPA Rule against website and online service operators that use age verification technologies solely to determine user age, provided they comply with conditions such as limiting data use, ensuring security, and providing clear notice. This policy aims to incentivize age verification tools to protect children online.
The FTC issued warning letters to 13 data brokers reminding them of their obligations under the Protecting Americans' Data from Foreign Adversaries Act (PADFAA), which bans the sale or disclosure of sensitive personal data to foreign adversaries like China, Russia, Iran, and North Korea. The letters cite instances where recipients offered data on Armed Forces members, which is protected under PADFAA. Non-compliance could result in civil penalties up to $53,088 per violation.
The Federal Trade Commission (FTC) sent warning letters to 13 data brokers reminding them of their obligations under the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA). PADFAA prohibits data brokers from selling or providing sensitive personal data about Americans to foreign adversaries such as China, Russia, Iran, and North Korea. The letters warn that violations could result in civil penalties of up to $53,088 per violation and urge companies to review their business practices for compliance.
Consumer fraud enforcement action where the FTC is distributing $23 million in refunds to investors defrauded by the Sanctuary Belize and Kanantik real estate schemes. The defendants deceived consumers about luxury amenities and resale potential, resulting in losses of over $100 million. This is the second round of refunds following a court judgment.
$22.9M
Antitrust enforcement action where the FTC settled with Express Scripts, a major pharmacy benefit manager, for using anticompetitive rebating practices that artificially inflated insulin prices. The settlement requires ESI to change its business practices to increase transparency and lower patient out-of-pocket costs, potentially saving $7 billion over 10 years.
Consumer fraud case where the FTC settled with Growth Cave defendants for operating a deceptive business opportunity and credit repair scheme that cost consumers nearly $50 million. The settlement permanently bans them from such activities, requires asset liquidation to pay a $48.6 million judgment, and prohibits misleading earnings claims and AI use.
$48.6M
Telemarketing enforcement case where the FTC obtained a temporary restraining order against defendants who deceptively marketed limited benefit health plans as comprehensive health insurance. The scheme caused tens of millions of dollars in harm to consumers seeking health coverage. The court halted operations at the FTC's request.
Consumer fraud case where the FTC and Florida shut down RivX for deceiving consumers with false trucking investment opportunities. The court entered an $8.39 million judgment and banned the defendants from business opportunities. This protects consumers from business opportunity scams.
$8.4M
Privacy enforcement action where the FTC settled with General Motors and OnStar for collecting and selling consumers' geolocation and driving behavior data without adequate notice or consent. The order prohibits sharing data with consumer reporting agencies and requires transparency and consumer choice measures.
The FTC filed a motion in federal court seeking to hold payment processor Cliq, Inc. and its operators in contempt for systematically violating a 2015 consent order. The defendants are accused of processing payments for high-risk and prohibited merchants, failing to screen for deceptive practices, and facilitating fraud avoidance tactics. The FTC is requesting at least $52.9 million in consumer relief, a permanent ban on the individuals from payment processing, and appointment of a receiver.
$52.9M
Consumer fraud case where the FTC sued JustAnswer LLC for deceiving consumers into enrolling in a costly recurring monthly subscription by falsely claiming low one-time fees. The company did not obtain affirmative consent or clearly disclose subscription terms, violating ROSCA and the FTC Act. The FTC seeks an injunction, consumer refunds, and civil penalties.
Consumer fraud investigation where the FTC is seeking information from 20 universities about whether sports agents are complying with the Sports Agent Responsibility and Trust Act (SPARTA), which requires disclosures to student athletes and notification to schools. The inquiry aims to ensure student athletes are protected from deceptive practices by agents.
The FTC settled with Disney for violating the COPPA Rule by mislabeling videos on YouTube, which allowed the collection of children's personal data without parental consent. Disney must pay a $10 million civil penalty and implement measures to ensure proper video labeling and compliance with COPPA.
$10.0M
The FTC has taken action against Illusory Systems, Inc. (doing business as Nomad) for failing to implement adequate data security measures, which led to a breach where hackers stole $186 million from consumers. The company is required to return the stolen funds and implement an information security program.
$186.0M
The FTC proposed a consent order against Illuminate Education, Inc. for failing to secure student data, leading to a breach affecting over 10 million students. The company allegedly had security failures and delayed breach notifications. The order requires a data security program, data deletion, and a retention schedule.
The FTC filed a complaint against Iconic Hearts Holdings, Inc., operator of the Sendit anonymous messaging app, for unlawfully collecting personal data from children in violation of COPPA, misleading users by sending messages from fake personas, and tricking consumers into paid subscriptions by falsely promising to reveal anonymous senders.
The FTC and 19 states settled with Kars-R-Us.com, Inc. and its operators for deceptive charity fundraising claims, where only 0.28% of over $45 million raised was used for breast cancer screenings. Operators face permanent fundraising bans and a $3.88 million monetary judgment.
$3.9M
The FTC secured a $2.5 billion settlement with Amazon, including a $1 billion civil penalty and $1.5 billion in consumer refunds, for enrolling millions of consumers in Prime subscriptions without proper consent and designing a deliberately difficult cancellation process. The order requires Amazon to implement clear enrollment disclosures, an easy cancellation method, and cease the unlawful practices.
$1.0B
The FTC issued 6(b) orders to seven technology companies to investigate the safety and privacy practices of their AI chatbots, particularly regarding impacts on children and teens. The inquiry focuses on compliance with children's privacy laws, data handling, and disclosures, requiring companies to provide information on these aspects.
The FTC settled allegations against Apitor Technology for violating COPPA by allowing a third party to collect geolocation data from children without parental consent. Apitor must pay a $500,000 suspended fine, delete improperly collected data, and implement measures to comply with COPPA, including obtaining parental consent and notifying parents.
$500K
The FTC released a statement by Chairman Ferguson, joined by Commissioners Holyoak and Meador, regarding the enforcement action against Disney Worldwide Services for alleged violations of the Children's Online Privacy Protection Act (COPPA). The statement addresses the case involving children's privacy protections.
The FTC alleges that Disney violated COPPA by failing to properly label children-directed videos on YouTube as 'Made for Kids,' allowing the collection of personal data from children under 13 without parental consent. Disney will pay a $10 million civil penalty and must implement a program to ensure accurate video designations, potentially incorporating age assurance technologies.
$10.0M
The FTC distributed refunds to consumers who purchased deceptively marketed treatment plans from Golden Sunrise Nutraceutical. The company and its medical director were barred from making unsupported health claims about curing COVID-19, cancer, and Parkinson's disease after a court order in September 2025. Over $40,700 was sent to 578 consumers, with additional claims possible until May 2026.
$103K
FTC Chairman Andrew Ferguson sent warning letters to over a dozen major technology companies, reminding them of their obligations under the FTC Act to protect American consumers' data security and privacy, even when facing pressure from foreign governments to weaken encryption or censor content. The letters warn that weakening security measures or censoring speech in response to foreign demands could constitute deceptive practices under the FTC Act.
FTC Chairman Andrew Ferguson sent warning letters to major technology companies, urging them not to weaken data security or censor American consumers' speech in response to foreign government demands. He reminded them that such actions could violate the FTC Act's prohibition on unfair and deceptive practices, particularly if companies break promises about encryption and security. The letters cite foreign laws like the EU's Digital Services Act and UK's Investigatory Powers Act as pressures that might lead to non-compliance.
The FTC entered into a settlement with U.K.-based payment processor Paddle to resolve allegations that its unfair payment processing practices facilitated tech support scammers operating in Cyprus. Paddle agreed to pay a $5 million monetary penalty as part of the settlement.
$5.0M
The FTC settled charges against GoDaddy Inc. and GoDaddy.com, LLC for misleading customers about their data security protections and failing to adequately secure their website hosting services. The company allegedly did not implement reasonable security measures, leaving customer websites vulnerable to attacks that could harm both the customers and visitors to those sites. The case resulted in a consent order requiring GoDaddy to improve its security practices.
The FTC settled charges against GoDaddy Inc. and GoDaddy.com, LLC for misleading customers about their data security protections and failing to adequately secure their website hosting services. The company's security failures left customers' and website visitors' data vulnerable to attacks. The final order requires GoDaddy to implement comprehensive data security measures.
The FTC finalized an order with GoDaddy for failing to implement adequate data security measures and misleading consumers about its security and Privacy Shield compliance. The order prohibits misrepresentations, requires a comprehensive security program, and mandates independent assessments.
All data sourced from official government enforcement pages.