1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
The Connecticut Office of the Attorney General released a mandated report on the Connecticut Data Privacy Act (CTDPA), detailing over a dozen notices of violation issued to companies across various industries for deficiencies in privacy disclosures and consumer rights mechanisms. The report highlights common compliance failures and reaffirms the AG's commitment to enforcement and education under the state's consumer privacy law.
The FTC settled with data brokers X-Mode Social and Outlogic for selling precise location data without informed consent and failing to protect sensitive information. The proposed order bans the sale of sensitive location data, requires deletion of collected data, and mandates a comprehensive privacy program. This is the FTC's first action against a data broker for sensitive location data practices.
California Attorney General Rob Bonta announced a $93 million settlement with Google for deceiving users about location tracking. Google continued to collect location data even after users opted out, violating California consumer protection laws. The settlement includes injunctive terms to enhance transparency and user controls over location settings.
$93.0M
The FTC finalized an order against 1Health.io for failing to secure genetic data and unfairly changing its privacy policy. The company must pay $75,000 for consumer refunds, destroy DNA samples, and implement security measures. It deceived consumers about data deletion and shared data without proper consent.
$75K
The FTC settled charges against Experian Consumer Services for violating the CAN-SPAM Act by sending marketing emails to consumers who signed up for credit management accounts without providing an opt-out mechanism. The emails promoted products like Experian Boost and Dark Web scans but lacked unsubscribe links. Experian must pay $650,000 and is prohibited from future violations.
$650K
The FTC settled with genetic testing company 1Health.io for failing to secure sensitive genetic and health data, deceiving consumers about data deletion, and unfairly changing its privacy policy without notice or consent. The settlement includes refunds totaling over $49,500 to 2,432 affected consumers.
$50K
New Jersey Attorney General Matthew Platkin joined a multistate lawsuit against Avid Telecom for allegedly initiating and facilitating billions of illegal robocalls, including to numbers on the National Do Not Call Registry, in violation of the Telephone Consumer Protection Act and Telemarketing Sales Rule. The company is accused of transmitting scam calls and ignoring warnings from the Industry Traceback Group.
Connecticut Attorney General William Tong filed a lawsuit against Michael D. Lansky, LLC (Avid Telecom) for allegedly initiating billions of illegal robocalls, including to numbers on the National Do Not Call Registry. The company is accused of violating the Telephone Consumer Protection Act and Telemarketing Sales Rule. This action is part of a multistate task force with nearly every state attorney general.
Attorney General William Tong and bipartisan legislators announced a bill to modernize Connecticut's anti-robocall laws, which haven't been updated since 2015. The bill would expand coverage to text messages, ban gateway VoIP providers, enforce calls to Connecticut area codes, set calling hour restrictions, strengthen telemarketer disclosures, and clarify Do Not Call List protections.
Google settled with 40 state attorneys general over allegations that it misled consumers about location tracking practices. Google will pay $391.5 million and must enhance transparency and user controls for location data collection.
$391.5M
Connecticut and 39 other states secured a $391.5 million settlement with Google for misleading consumers about location tracking and continuing to collect data after users opted out. The settlement mandates Google to enhance transparency and user controls for location settings, including clear disclosures and user-friendly account controls.
$391.5M
California Attorney General Rob Bonta announced a settlement with Sephora, Inc. for $1.2 million over violations of the California Consumer Privacy Act. Sephora failed to disclose that it sold consumer personal information and did not process opt-out requests via Global Privacy Control. The settlement requires Sephora to pay penalties and implement compliance measures including policy changes and reporting.
$1.2M
Connecticut Attorney General filed a $5 million stipulation judgment against Safe Home Security for repeated non-compliance with court-ordered consumer protection measures, including blocking contract terminations and misrepresenting terms. The judgment requires immediate payment of $1 million and suspends $4 million pending compliance, with an independent monitor for five years.
$5.0M
The FTC released a staff report based on Section 6(b) orders to six major ISPs, finding they collect extensive personal data, including internet traffic and location data, and share it with third parties. The ISPs often obscure data use disclosures in fine print and make it difficult for consumers to opt out, while combining data to profile sensitive characteristics. The report highlights the need for stricter privacy restrictions.
Lenovo preinstalled 'Visual Discovery' software on its computers that intercepted browsing data and broke encrypted connections without user consent, compromising security and privacy. The multi-state settlement imposes a $3.5 million penalty and requires Lenovo to implement disclosure, consent, opt-out, and security compliance measures.
$3.5M
New Jersey joined 31 other states and the FTC in a $3.5 million settlement with Lenovo for pre-installing VisualDiscovery ad software on laptops that created a 'man-in-the-middle' security vulnerability, intercepting users' encrypted data without adequate disclosure or opt-out mechanisms. The settlement requires Lenovo to improve transparency, obtain affirmative consent, provide effective opt-out tools, and implement a long-term security compliance program with independent audits.
$3.5M
PulsePoint circumvented Safari browser privacy settings to place unauthorized cookies, enabling targeted advertising without user consent. The New Jersey Division of Consumer Affairs secured a $1 million settlement, including a $566,200 civil penalty, and mandated privacy reforms such as third-party assessments and website disclosures.
$566K
All data sourced from official government enforcement pages.