1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
The California Privacy Protection Agency settled with PlayOn Sports for $1.10 million over CCPA violations, including failing to provide adequate opt-out mechanisms and improperly tracking users, particularly students. The company must implement proper opt-out methods, improve disclosures, and comply with children's data consent requirements.
$1.1M
The FTC filed a motion in federal court seeking to hold payment processor Cliq, Inc. and its operators in contempt for systematically violating a 2015 consent order. The defendants are accused of processing payments for high-risk and prohibited merchants, failing to screen for deceptive practices, and facilitating fraud avoidance tactics. The FTC is requesting at least $52.9 million in consumer relief, a permanent ban on the individuals from payment processing, and appointment of a receiver.
$52.9M
The FTC settled with Disney for violating the COPPA Rule by mislabeling videos on YouTube, which allowed the collection of children's personal data without parental consent. Disney must pay a $10 million civil penalty and implement measures to ensure proper video labeling and compliance with COPPA.
$10.0M
Connecticut Attorney General secured a $1 million multistate settlement with TFG Holding, Inc. for deceptive VIP membership program marketing and billing practices. The company must improve disclosures, obtain explicit consent, provide easy cancellation, and offer restitution to affected consumers.
$1.0M
The FTC alleges that Disney violated COPPA by failing to properly label children-directed videos on YouTube as 'Made for Kids,' allowing the collection of personal data from children under 13 without parental consent. Disney will pay a $10 million civil penalty and must implement a program to ensure accurate video designations, potentially incorporating age assurance technologies.
$10.0M
New Jersey Attorney General Matthew J. Platkin joined a coalition of 20 attorneys general in filing a lawsuit against the U.S. Department of Agriculture (USDA) for demanding that states turn over sensitive personal information of SNAP recipients, including Social Security numbers and addresses. The lawsuit argues that this demand violates federal privacy laws and the Constitution, as the data is protected and should only be used for program administration. The coalition seeks to block USDA from conditioning SNAP funding on compliance with this demand.
California Attorney General Rob Bonta announced a $1.55 million settlement with Healthline Media LLC for CCPA violations. Healthline failed to honor opt-out requests, shared consumer data including health-related article titles with third parties, and used deceptive privacy practices. The settlement includes injunctive relief and a compliance program.
$1.6M
The FTC alleged that General Motors and its OnStar subsidiary collected and sold drivers' precise geolocation and driving behavior data (e.g., hard braking, speeding) to consumer reporting agencies without adequately notifying consumers or obtaining their affirmative consent. A proposed consent order bans the companies from disclosing this sensitive data to consumer reporting agencies for five years and requires them to implement clearer consent mechanisms, data access/deletion processes, and opt-out options.
Connecticut Attorney General William Tong announced a $5 million preliminary settlement with Stone Academy and its owners for unfair and deceptive conduct. The for-profit nursing school failed to deliver promised education, lacking textbooks, experienced teachers, and clinical training, and abruptly closed in February 2023. The settlement provides cash payments to harmed students, bars the owner from higher education employment for five years, and includes measures to help students complete their education.
$5.0M
Texas Attorney General Ken Paxton has launched investigations into Character.AI and fourteen other companies, including Reddit, Instagram, and Discord, for potential violations of the SCOPE Act and TDPSA regarding children's privacy and safety. The investigations focus on unauthorized sharing of minors' data and lack of parental controls. No penalties have been imposed yet as the investigations are ongoing.
The Connecticut Attorney General obtained a $5 million stipulated judgment against Vision Solar for alleged deceptive sales practices, including high-pressure tactics, misrepresentations, and performing unpermitted work. Although the company is bankrupt and cannot pay, the judgment establishes binding operational standards for solar companies in Connecticut regarding disclosures, contracting, permitting, and use of licensed contractors.
$5.0M
The FTC settled with NGL for deceptively marketing its anonymous messaging app to children and teens, using fake messages to trick users into paid subscriptions without proper consent. The order banned marketing to users under 18 and required $4.5 million in refunds for unauthorized charges.
$4.5M
Monument, Inc., an alcohol addiction treatment firm, shared consumers' health data with third-party advertising platforms like Meta and Google without consent, despite promising confidentiality. The FTC settled with a consent order that bans Monument from disclosing health data for advertising, requires affirmative consent for other sharing, imposes a $2.5 million suspended fine, and mandates data deletion, consumer notification, and a privacy program.
$2.5M
New Jersey, leading a coalition of 41 other attorneys general, sued Meta for knowingly designing addictive Instagram and Facebook features targeting children and teens while falsely claiming the platforms were safe. The lawsuit alleges Meta collected personal data from users under 13 without parental consent, violating the federal Children's Online Privacy Protection Act (COPPA) and state consumer protection laws like the New Jersey Consumer Fraud Act.
A coalition of 42 attorneys general filed a federal lawsuit against Meta, alleging that the company designed addictive features that harm youth mental health and violated COPPA by collecting children's data without parental consent. The lawsuit seeks injunctive relief, monetary penalties, and restitution.
The FTC settled with background report providers TruthFinder and Instant Checkmate, charging they deceived consumers about the accuracy of their reports (often mischaracterizing traffic tickets as criminal records) and violated the Fair Credit Reporting Act (FCRA) by operating as consumer reporting agencies without following its requirements, including ensuring accuracy and limiting permissible purposes. The companies will pay a $5.8 million penalty and implement a comprehensive FCRA compliance monitoring program.
$5.8M
BetterHelp agreed to pay $7.8 million to settle FTC allegations that it used and shared consumers' health data for advertising without consent. The online therapy provider is banned from such practices and must provide refunds to approximately 800,000 affected consumers.
$7.8M
The FTC charged Ring LLC with allowing employees to access private customer videos without consent and failing to secure user accounts, leading to hackers controlling cameras. Under a proposed consent order, Ring must pay $5.8 million in refunds, delete unlawfully accessed data, and implement a privacy and security program.
$5.8M
The FTC proposed a consent order against BetterHelp for sharing consumers' sensitive mental health data with third parties like Facebook for targeted advertising without proper consent. BetterHelp must pay $7.8 million in refunds and is banned from such data sharing, with requirements for consent and privacy programs.
$7.8M
The FTC settled with GoodRx for sharing consumers' sensitive prescription and health information with Facebook, Google, and other third parties for advertising without consent, and for failing to report these unauthorized disclosures as required by the Health Breach Notification Rule. GoodRx will pay a $1.5 million civil penalty and is permanently barred from sharing user health data for advertising.
$1.5M
The FTC settled with Kuuhuub Inc., operator of the Recolor coloring book app, for violating COPPA by collecting personal information from children under 13 without parental consent. The app's social media features allowed children to register and share data, and third-party ad networks collected persistent identifiers for targeted ads. The settlement requires deletion of children's data, refunds to underage subscribers, a $3 million penalty (suspended upon $100,000 payment), and user notifications about the violations.
$3.0M
Lenovo preinstalled 'Visual Discovery' software on its computers that intercepted browsing data and broke encrypted connections without user consent, compromising security and privacy. The multi-state settlement imposes a $3.5 million penalty and requires Lenovo to implement disclosure, consent, opt-out, and security compliance measures.
$3.5M
The California Attorney General reached a $28.4 million settlement with Aaron's, Inc. for installing spyware on rented computers without customer consent and for violating the Karnette Rental-Purchase Act. The spyware, called 'Detective Mode', allowed remote monitoring of keystrokes, screenshots, location, and webcam activation. Aaron's must refund $25 million to approximately 100,000 customers and pay $3.4 million in penalties, and is prohibited from using spyware.
$3.4M
Google settled multi-state allegations that it collected personal data from unsecured wireless networks during Street View operations without user consent. The settlement requires Google to destroy the collected data, refrain from future non-consensual collection, implement a 10-year employee privacy training program, and run a public advertising campaign. New Jersey's share of the settlement is approximately $147,000.
All data sourced from official government enforcement pages.