1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Connecticut Attorney General William Tong announced settlements with four hearing aid companies for marketing their products as 'FDA-approved' when no such approval exists. The companies will collectively pay $40,000 and cease such marketing practices. The investigation underscores that over-the-counter hearing aids are not FDA-approved and consumers should be wary of such claims.
$40K
In March 2022, Connecticut Attorney General William Tong announced that Connecticut is co-leading a multistate investigation into T-Mobile's 2021 data breach, which affected over 53 million individuals. The breach compromised sensitive data including names, dates of birth, Social Security Numbers, and driver's license information. Tong urged affected consumers to take protective steps such as credit monitoring and freezes.
New Jersey is co-leading a multistate investigation into TikTok to determine if the platform violates consumer protection laws by using techniques that increase engagement among young users, potentially causing mental and physical harm. The investigation will examine what TikTok knows about these harms to children, teenagers, and young adults.
The FTC settled with CafePress for failing to implement reasonable data security measures, leading to multiple breaches that exposed Social Security numbers and other sensitive data. As part of the settlement, over $370,000 in refunds are being distributed to 20,044 consumers who filed valid claims.
$370K
Attorney General William Tong led a coalition of 42 states and territories to urge the FDA to preserve state consumer protection authorities for over-the-counter hearing aids, concerned that the proposed rule could preempt state laws and lack adequate age verification and labeling requirements.
Connecticut Attorney General William Tong joined a bipartisan coalition of 51 attorneys general in urging the FCC to require gateway providers to implement STIR/SHAKEN caller ID authentication and take additional measures to block foreign-based illegal robocalls that scam Americans.
Connecticut Attorney General William Tong issued a public warning following the FinalSite ransomware attack that disrupted school websites and communication systems nationwide. He urged all businesses and government entities to strengthen their data security practices and provided a detailed list of preventive measures. The AG also announced a new online form to help businesses comply with breach notification obligations for Connecticut residents.
The FTC settled with Ascension Data & Analytics, LLC for violating the Gramm-Leach-Bliley Act's Safeguards Rule by failing to ensure its vendor properly protected consumer data. The company must strengthen its security safeguards and increase oversight of vendors. No monetary penalty was imposed.
The FTC finalized an order banning Support King, LLC and its CEO from the surveillance business for selling stalkerware apps that secretly collected and shared users' personal data without consent. The order requires them to delete all illegally collected data and notify affected device owners.
New Jersey is co-leading a nationwide investigation into whether Instagram and its parent company Meta Platforms, Inc. are violating state consumer protection laws by employing techniques that induce children, teenagers, and young adults to use the platform in potentially harmful ways. The bipartisan coalition of attorneys general is examining the potential mental and physical health harms resulting from extended engagement, including depression, anxiety, and body image issues.
Attorney General William Tong issued a public warning about unregulated and illegal cannabis edibles sold in packaging that mimics popular snack foods, posing significant risks to children through accidental THC overdose. The AG highlighted the dangers of these look-alike products and urged reporting, while noting that legal cannabis sales in Connecticut will enforce strict packaging standards.
The FTC released a staff report based on Section 6(b) orders to six major ISPs, finding they collect extensive personal data, including internet traffic and location data, and share it with third parties. The ISPs often obscure data use disclosures in fine print and make it difficult for consumers to opt out, while combining data to profile sensitive characteristics. The report highlights the need for stricter privacy restrictions.
Connecticut Attorney General William Tong led a coalition of 14 attorneys general in demanding that Facebook disclose whether members of the 'Disinformation Dozen' were granted XCheck protections, which allow users to bypass enforcement rules. The coalition seeks information on the extent of anti-vaccine content from whitelisted users and complaint outcomes.
Connecticut Attorney General William Tong requested a meeting with TikTok leadership to address the harmful impact of viral challenges like 'Devious Licks' and 'Slap a Teacher' on student and educator safety. The AG criticized TikTok's enforcement of its terms of service and urged reforms to prevent the spread of dangerous content.
Attorney General William Tong released an update on the implementation of the Anti-Robocall Principles signed in 2019. Telecom companies have identified over 52 billion spam calls and blocked 32.5 billion, but robocalls continue to cause significant financial losses. Enforcement actions have increased with thousands of tracebacks and investigations.
A caseworker with the New Jersey Division of Child Protection and Permanency was charged with criminal offenses for allegedly accessing and disclosing confidential DCF database records without authorization. The charges include Computer Theft and Unlawful Access and Disclosure. The investigation was conducted by the New Jersey State Police.
The FTC banned Support King, LLC (SpyFone) and its CEO from the surveillance business for secretly harvesting and sharing users' data without consent, and ordered the deletion of all illegally collected data and notification to affected device owners. The company failed to secure the data, leading to a hack that exposed 2,200 consumers.
Connecticut Attorney General William Tong and Department of Consumer Protection Commissioner Michelle Seagull issued a consumer warning following Tropical Storm Henri about common disaster-related scams, including fraudulent contractors, fake charities, job scams, and used car scams. The release provides specific advice for consumers on how to verify contractors and charities and avoid common scam tactics.
The FTC removed Aristotle International, Inc. from its list of approved COPPA Safe Harbor programs due to insufficient monitoring of member companies' compliance with COPPA guidelines. This action prevents operators from using Aristotle's program for favorable regulatory treatment and marks the first such removal since COPPA's inception.
Attorney General William Tong of Connecticut joined a multistate amicus brief in the U.S. Court of Appeals for the Second Circuit, supporting a lawsuit that challenges the Trump administration's 2019 Borrower Defense Rule. The rule weakened protections for students defrauded by for-profit schools by making it harder to obtain federal student loan debt relief. The amicus brief argues that the rule is arbitrary and capricious and should be eliminated.
Attorney General William Tong of Connecticut joined a multistate coalition of 37 attorneys general in filing a lawsuit against Google alleging antitrust violations related to the Google Play Store and Google Billing. The lawsuit claims Google used its dominance to restrict competition, force developers to use Google Billing, and charge high commissions up to 30%. The action seeks to restore competition in the app market and halt Google's anticompetitive practices.
Attorney General William Tong praised the Connecticut House for passing legislation to strengthen price gouging laws. The bill addresses three shortcomings in the current statute by expanding its application to the entire supply chain, clearly defining price gouging as an 'unconsciously excessive price', and including rentals and leases. The legislation now proceeds to the Senate for consideration.
The FTC finalized a settlement with SkyMed International, Inc., an emergency travel services provider, for failing to secure sensitive consumer data and deceiving consumers about HIPAA compliance. The company left a cloud database with 130,000 membership records unsecured, containing personal and health information. Under the settlement, SkyMed must notify affected consumers, implement a security program, undergo biennial assessments, and is prohibited from misrepresenting its data practices.
The FTC finalized a settlement with Zoom Video Communications, Inc. for misleading consumers about its data security practices and compromising user security. The settlement requires Zoom to implement a comprehensive security program, review software updates for security flaws, and undergo biennial third-party assessments.
The FTC settled with Flo Health, Inc., developer of a popular fertility-tracking app, alleging it misled users by sharing sensitive health data with third-party analytics providers like Facebook and Google after promising to keep such data private. The proposed consent order requires Flo to obtain user consent before sharing health data, notify affected users, and destroy previously shared data, among other requirements.
Everalbum, Inc. settled FTC allegations that it deceived consumers about its use of facial recognition technology in its photo storage app and failed to delete photos when users deactivated their accounts. The settlement requires Everalbum to obtain express consent before using facial recognition, delete user photos and derived face embeddings, and delete developed models and algorithms. It also prohibits misrepresentations about data practices and requires consent for biometric data use if marketing software to consumers.
SkyMed International, Inc. settled FTC allegations that it failed to secure sensitive consumer data, including health information, leaving a cloud database with 130,000 records exposed to the public. The FTC also alleged that SkyMed misrepresented HIPAA compliance on its website. As part of the settlement, SkyMed must implement a comprehensive security program, undergo biennial third-party assessments, and send notices to affected consumers.
Ascension Data & Analytics, LLC, a mortgage analytics company, settled FTC allegations that it violated the Gramm-Leach-Bliley Act's Safeguards Rule by failing to ensure its vendor adequately protected consumer data. The vendor stored sensitive mortgage information in plain text on a cloud server, leading to unauthorized access. Ascension must implement a data security program, undergo biennial assessments, and report future breaches.
The FTC issued orders under Section 6(b) of the FTC Act to nine social media and video streaming companies requiring them to provide data on their data collection, use, advertising practices, and effects on children and teens. The companies must respond within 45 days.
The FTC settled with Zoom for deceiving users about its encryption security and unfairly installing software that bypassed browser safeguards. Zoom must implement a comprehensive security program, undergo biennial audits, and is banned from making false security claims. No monetary penalty was imposed.
All data sourced from official government enforcement pages.