1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
The FTC settled charges with data broker Kochava, Inc. and its subsidiary Collective Data Solutions (CDS) over allegations that they sold precise location data from hundreds of millions of mobile devices without consumer consent, enabling tracking of visits to sensitive locations like reproductive health clinics and places of worship. The settlement prohibits the companies from selling or sharing sensitive location data without affirmative express consumer consent, and imposes compliance requirements including a sensitive location data program, supplier consent assessments, incident reporting, and data retention schedules. No monetary penalty was imposed.
The FTC filed a complaint and obtained a temporary restraining order against six defendants operating a deceptive health care scheme that impersonated government and insurance carriers to sell fake comprehensive health plans. The defendants allegedly charged consumers without express informed consent, failed to disclose material terms including cancellation processes, and misled consumers into paying for inadequate coverage that left many with substantial medical debt. The FTC seeks refunds for affected consumers and alleges violations of the FTC Act, Telemarketing Sales Rule, Impersonation Rule, and Gramm-Leach-Bliley Act.
This press release announces the FTC's testimony before the Senate Commerce, Science and Transportation Committee on April 15, 2026, outlining the agency's priorities including consumer privacy protection, competition enforcement, and implementation of the TAKE IT DOWN Act. No specific enforcement action against a private entity is announced in this release.
The FTC announced an Advance Notice of Proposed Rulemaking (ANPRM) seeking public comment on a potential nationwide rule to address unfair or deceptive fee practices by online food and grocery delivery platforms. The ANPRM covers requirements for disclosing total prices, fees, variable charges, price differentials, and promotion terms. Past FTC enforcement actions against Instacart and Grubhub for deceptive fee practices are cited as evidence of ongoing issues in the industry.
The FTC settled allegations against Stormy Wellington, a high-level multilevel marketing (MLM) participant, for using false and unsubstantiated earnings claims to recruit new members for Total Life Changes and Farmasi MLMs. The stipulated final order prohibits Wellington from making deceptive earnings representations, requires written substantiation of all earnings claims, and mandates notification to her downline participants about the order’s prohibitions. No monetary penalty was imposed.
The FTC obtained a temporary restraining order against NERD Solutions Inc., ED REF Inc., and their operators Natalie Rodriguez and Pablo Ortiz, alleging they operated a deceptive student loan debt relief scheme that impersonated U.S. Department of Education officials and loan servicers to collect illegal upfront fees from consumers. The defendants are accused of violating the FTC Act, Telemarketing Sales Rule, Impersonation Rule, and Gramm-Leach-Bliley Act, having collected at least $8.8 million from affected consumers. The case is pending in the U.S. District Court for the Central District of California.
The Federal Trade Commission (FTC) announced it submitted a draft Advance Notice of Proposed Rulemaking (ANPRM) regarding online food delivery service fees to the Office of Management and Budget (OMB) for review on April 10, 2026. The ANPRM is classified as a 'significant regulatory action' under Executive Orders 12866 and 14215, requiring review by OIRA before public issuance. This press release does not describe an enforcement action against a private entity, nor any privacy-related violations or penalties.
The FTC settled with Humor Rainbow, Inc. (operator of OkCupid) and Match Group Americas over allegations that OkCupid deceived users by sharing personal data including photos and location information with an unauthorized third party, contrary to its privacy policy promises to inform users and provide opt-out opportunities. The settlement permanently prohibits the companies from misrepresenting their data collection, use, disclosure, and privacy control practices. No monetary penalty was imposed.
FTC Chairman Andrew N. Ferguson issued warning letters to the CEOs of four major payment and financial infrastructure providers regarding concerns about debanking law-abiding customers based on political or religious views. The letters remind the companies of their obligations to customers under the FTC Act, warn that inconsistent denials of service could trigger investigations and enforcement, and reference President Trump’s 2025 executive order prohibiting debanking due to political affiliations, religious beliefs, or lawful business activities.
On March 20, 2026, FTC Chairman Andrew N. Ferguson directed FTC staff to form a Healthcare Task Force to coordinate healthcare enforcement and advocacy efforts. The task force will focus on targeted enforcement initiatives, agencywide investigation strategies, amicus opportunities, and identifying emerging enforcement priorities. It will also seek partnerships with other federal agencies including HHS and DOJ to advance healthcare competition and consumer protection.
Consumer fraud and advertising enforcement action where the FTC sent warning letters to 97 auto dealership groups for deceptive pricing practices, such as advertising prices that exclude mandatory fees, misleading consumers about total costs. The letters stress the need for truthful and transparent pricing in the automotive industry.
The Federal Trade Commission is seeking public comment on an Advance Notice of Proposed Rulemaking to address unfair or deceptive rental housing fee practices, including hidden mandatory fees not disclosed in advertised rent. The proposed rule would require clear disclosure of total rent and all associated fees, and would allow the FTC to seek civil penalties for violations. Past FTC enforcement actions against Invitation Homes and Greystar Real Estate Partners resulted in $48 million and $24 million settlements, respectively, for deceptive rent advertising practices.
The FTC is seeking public comment on an Advance Notice of Proposed Rulemaking (ANPRM) to amend the Negative Option Rule, which governs prenotification negative option marketing plans. The rulemaking aims to address deceptive or unfair practices including misleading disclosures, unauthorized billing, and difficult cancellation processes, following over 100,000 consumer complaints about negative option practices in the past five years. Comments will be accepted for 30 days after the ANPRM is published in the Federal Register.
The FTC issued a policy statement announcing that it will not enforce the COPPA Rule against website and online service operators that use age verification technologies solely to determine user age, provided they comply with conditions such as limiting data use, ensuring security, and providing clear notice. This policy aims to incentivize age verification tools to protect children online.
The FTC issued a policy statement announcing it will not enforce COPPA against operators that collect age verification data under specific conditions. The policy aims to encourage the use of age verification technologies to protect children online. Operators must limit data use, ensure security, provide notice, and use accurate verification methods.
The Federal Trade Commission (FTC) sent warning letters to 13 data brokers reminding them of their obligations under the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA). PADFAA prohibits data brokers from selling or providing sensitive personal data about Americans to foreign adversaries such as China, Russia, Iran, and North Korea. The letters warn that violations could result in civil penalties of up to $53,088 per violation and urge companies to review their business practices for compliance.
The FTC issued warning letters to 13 data brokers reminding them of their obligations under the Protecting Americans' Data from Foreign Adversaries Act (PADFAA), which bans the sale or disclosure of sensitive personal data to foreign adversaries like China, Russia, Iran, and North Korea. The letters cite instances where recipients offered data on Armed Forces members, which is protected under PADFAA. Non-compliance could result in civil penalties up to $53,088 per violation.
Antitrust enforcement action where the FTC settled with Express Scripts, a major pharmacy benefit manager, for using anticompetitive rebating practices that artificially inflated insulin prices. The settlement requires ESI to change its business practices to increase transparency and lower patient out-of-pocket costs, potentially saving $7 billion over 10 years.
Privacy enforcement action where the FTC settled with General Motors and OnStar for collecting and selling consumers' geolocation and driving behavior data without adequate notice or consent. The order prohibits sharing data with consumer reporting agencies and requires transparency and consumer choice measures.
Consumer fraud case where the FTC sued JustAnswer LLC for deceiving consumers into enrolling in a costly recurring monthly subscription by falsely claiming low one-time fees. The company did not obtain affirmative consent or clearly disclose subscription terms, violating ROSCA and the FTC Act. The FTC seeks an injunction, consumer refunds, and civil penalties.
Consumer fraud investigation where the FTC is seeking information from 20 universities about whether sports agents are complying with the Sports Agent Responsibility and Trust Act (SPARTA), which requires disclosures to student athletes and notification to schools. The inquiry aims to ensure student athletes are protected from deceptive practices by agents.
The FTC has taken action against Illusory Systems, Inc. (doing business as Nomad) for failing to implement adequate data security measures, which led to a breach where hackers stole $186 million from consumers. The company is required to return the stolen funds and implement an information security program.
$186.0M
The FTC proposed a consent order against Illuminate Education, Inc. for failing to secure student data, leading to a breach affecting over 10 million students. The company allegedly had security failures and delayed breach notifications. The order requires a data security program, data deletion, and a retention schedule.
The FTC filed a complaint against Iconic Hearts Holdings, Inc., operator of the Sendit anonymous messaging app, for unlawfully collecting personal data from children in violation of COPPA, misleading users by sending messages from fake personas, and tricking consumers into paid subscriptions by falsely promising to reveal anonymous senders.
The FTC issued 6(b) orders to seven technology companies to investigate the safety and privacy practices of their AI chatbots, particularly regarding impacts on children and teens. The inquiry focuses on compliance with children's privacy laws, data handling, and disclosures, requiring companies to provide information on these aspects.
FTC Chairman Andrew Ferguson sent warning letters to over a dozen major technology companies, reminding them of their obligations under the FTC Act to protect American consumers' data security and privacy, even when facing pressure from foreign governments to weaken encryption or censor content. The letters warn that weakening security measures or censoring speech in response to foreign demands could constitute deceptive practices under the FTC Act.
FTC Chairman Andrew Ferguson sent warning letters to major technology companies, urging them not to weaken data security or censor American consumers' speech in response to foreign government demands. He reminded them that such actions could violate the FTC Act's prohibition on unfair and deceptive practices, particularly if companies break promises about encryption and security. The letters cite foreign laws like the EU's Digital Services Act and UK's Investigatory Powers Act as pressures that might lead to non-compliance.
The FTC settled charges against GoDaddy Inc. and GoDaddy.com, LLC for misleading customers about their data security protections and failing to adequately secure their website hosting services. The company's security failures left customers' and website visitors' data vulnerable to attacks. The final order requires GoDaddy to implement comprehensive data security measures.
The FTC settled charges against GoDaddy Inc. and GoDaddy.com, LLC for misleading customers about their data security protections and failing to adequately secure their website hosting services. The company allegedly did not implement reasonable security measures, leaving customer websites vulnerable to attacks that could harm both the customers and visitors to those sites. The case resulted in a consent order requiring GoDaddy to improve its security practices.
The FTC finalized an order with GoDaddy for failing to implement adequate data security measures and misleading consumers about its security and Privacy Shield compliance. The order prohibits misrepresentations, requires a comprehensive security program, and mandates independent assessments.
All data sourced from official government enforcement pages.