Privacy and Security Enforcement
When companies tell consumers they will safeguard their personal information, the FTC can and does take law enforcement action to make sure that companies live up these promises. The FTC has brought legal actions against organizations that have violated consumers’ privacy rights, or misled them by failing to maintain security for sensitive consumer information, or caused substantial consumer injury. In many of these cases, the FTC has charged the defendants with violating Section 5 of the FTC Act, which bars unfair and deceptive acts and practices in or affecting commerce. In addition to the FTC Act, the agency also enforces other federal laws relating to consumers’ privacy and security.
- InMarket Media, LLC ( )
- Ring, LLC ( )
- Facebook, Inc., In the Matter of ( )
- Cerebral, Inc. and Kyle Robertson, U.S. v. ( )
- Monument ( )
- X-Mode Social, Inc. ( )
- Rite Aid Corporation, FTC v. ( )
- Global Tel Link Corporation ( )
- Avast ( )
- Blackbaud, Inc. ( )
- FTC v Kochava, Inc. ( )
- Epic Games, In the Matter of ( )
- CafePress, In the Matter of ( )
- TruthFinder, LLC, FTC v. ( )
- 1Health.io/Vitagene, In the Matter of ( )
- Edmodo, LLC, U.S. v. ( )
- Vivint Smart Home, Inc. ( )
- Amazon.com (Alexa), U.S. v. ( )
- BetterHelp, Inc., In the Matter of ( )
- Easy Healthcare Corporation, U.S. v. ( )
- FTC Releases Fiscal Year 2023 Annual Report ( )
- BetterHelp Customers Will Begin Receiving Notices About Refunds Related to a 2023 Privacy Settlement with FTC ( )
- FTC Finalizes Order with InMarket Prohibiting It from Selling or Sharing Precise Location Data ( )
- FTC Finalizes Changes to the Health Breach Notification Rule ( )
- FTC Sends Refunds to Ring Customers Stemming from 2023 Settlement over Charges the Company Failed to Block Employees and Hackers from Accessing Consumer Videos ( )
- Proposed FTC Order will Prohibit Telehealth Firm Cerebral from Using or Disclosing Sensitive Data for Advertising Purposes, and Require it to Pay $7 Million ( )
- FTC Finalizes Order with X-Mode and Successor Outlogic Prohibiting it from Sharing or Selling Sensitive Location Data ( )
- Alcohol Addiction Treatment Firm will be Banned from Disclosing Health Data for Advertising to Settle FTC Charges that It Shared Data Without Consent ( )
- FTC Denies Application for New Parental Consent Mechanism Under COPPA ( )
- FTC Releases 2023 Privacy and Data Security Update ( )
- 24 International Competition Network Participants Issue Joint Statement on Increasing Tech Capacity to Keep Pace with Increasing Digitization of the Economy ( )
- FTC to Host Annual PrivacyCon Event Virtually on March 6 ( )
- FTC Announces Agenda for 2024 PrivacyCon ( )
- FTC Finalizes Order with Global Tel*Link Over Security Failures that Led to Breach of Sensitive Data ( )
- FTC Order Will Ban Avast from Selling Browsing Data for Advertising Purposes, Require It to Pay $16.5 Million Over Charges the Firm Sold Browsing Data After Claiming Its Products Would Block Online Tracking ( )
- FTC Proposes New Protections to Combat AI Impersonation of Individuals ( )
- FTC Order Will Require Blackbaud to Delete Unnecessary Data, Boost Safeguards to Settle Charges its Lax Security Practices Led to Data Breach ( )
- FTC Extends Deadline by 60 days for Commission Decision on ESRB Application for New Consent Mechanism Under COPPA ( )
- FTC Order Will Ban InMarket from Selling Precise Consumer Location Data ( )
- FTC Signs on to Multilateral Arrangement to Bolster Cooperation on Privacy and Data Security Enforcement ( )
- Safeguards Rule notification requirement now in effect( )
- Cars & Consumer Data: On Unlawful Collection & Use( )
- Aqua Finance’s sales, financing, and FCRA practices land company in hot water( )
- Updated FTC Health Breach Notification Rule puts new provisions in place to protect users of health apps and devices ( )
- Consumer health information: Handle with (extreme) care( )
- FTC Privacy and Security Update: What your business needs to know( )
- Ready, Set, PrivacyCon( )
- PrivacyCon looks at latest research into AI, mobile device security, health privacy, deepfakes, and more( )
- FTC says Avast promised privacy, but pirated consumers’ data for treasure( )
- Tolling Agreements: A Win-Win for Parties and the Public( )
- Wonder what “blatantly illegal conduct” looks like? Court opinion about how a defendant harmed small businesses offers insights( )
- Keeping Your Privacy Enhancing Technology (PET) Promises( )
- FTC says Blackbaud’s lax security allowed hacker to steal sensitive data – and that’s just the beginning of the story( )
- Three ways your business can mark Identity Theft Awareness Week( )
- How “location, location, location” can lead to “enforcement, enforcement, enforcement”( )
- FTC is taking another look at COPPA and kids’ online privacy – and we want your insights( )
- What goes on in the shadows: FTC action against data broker sheds light on unfair and deceptive sale of consumer location data( )
- The DNA of privacy and the privacy of DNA( )
- Read these 2023 FTC best sellers to be a better seller in 2024( )
- A job scam that college students – and your HR team – need to know about( )
- PrivacyCon 2024March 6, 2024
- Open Commission Meeting -January 18, 2024January 18, 2024
- Open Commission Meeting - May 18, 2023May 18, 2023
- Open Commission Meeting - December 14, 2022December 14, 2022
- Open Commission Meeting - September 15, 2022September 15, 2022
- Open Commission Meeting -May 19, 2022May 19, 2022
- Open Commission Meeting – October 21, 2021October 21, 2021
- Open Commission Meeting – September 15, 2021September 15, 2021
- PrivacyCon 2021July 27, 2021
- Bringing Dark Patterns to Light: An FTC WorkshopApril 29, 2021
- Identity Theft Awareness Week Podcast: The FTC and Identity Theft Resource Center talk about identity theft and COVID-19February 5, 2021
- Identity Theft Awareness Week Facebook Live Event: The FTC and AARP discuss identity theftFebruary 4, 2021
- Identity Theft Awareness Week: The FTC and Identity Theft Resource Center partner for a LinkedIn Story “takeover”February 3, 2021
- Identity Theft Awareness Week Webinar: Ripple Effects of COVID-19-Related Identity Theft & Tips to Protect Yourself in 2021February 1, 2021
- Data To Go: An FTC Workshop on Data PortabilitySeptember 22, 2020
- PrivacyCon 2020July 21, 2020
- Information Security and Financial Institutions: FTC Workshop to Examine Safeguards RuleJuly 13, 2020
- Tax ID Theft Awareness Week Twitter Chat: Protecting Against Tax ID Theft and Government Imposter ScamsFebruary 6, 2020
- Tax ID Theft Awareness Week Webinar with the FTC and Identity Theft Resource CenterFebruary 6, 2020
- Tax ID Theft Awareness Week Tele-Town Halls with the FTC, AARP, and the U.S. Treasury DepartmentFebruary 5, 2020
- Chair Khan Opening Statement at House Committee on Appropriations , Subcommittee on Financial Services and General Government ( )
- Joint Statement of Chair Khan, Joined by Commissioners Slaughter and Bedoya, Regarding the Health Breach Notification Rule ( )
- Statement of Commissioner Holyoak, Joined by Commissioner Ferguson, Regarding the Health Breach Notification Rule ( )
- Statement of Chair Lina M. Khan Joined by Commissioner Rebecca Kelly Slaughter and Commissioner Alvaro M. Bedoya in the Matter of Avast Limited ( )
- Remarks by Chair Lina M. Khan as Prepared for Delivery at Harvard Center for Labor and a Just Economy ( )
- Letter from Chair Khan to Rep. Jim Jordan, Chairman of the House Judiciary Committee, Regarding the FTC's Investigation of Potential Third-Party Access to the Information of Twitter Users ( )
- Statement of Chair Khan, Joined by Commissioners Slaughter and Bedoya, Regarding the Final Trade Regulation Rule on Impersonation of Government and Businesses ( )
- Remarks of Benjamin Wiseman at the Harvard Journal of Law & Technology on Worker Surveillance and AI ( )
- Joint Statement of Chair Lina M. Khan, Commissioner Rebecca Kelly Slaughter, and Commissioner Alvaro M. Bedoya In the Matter of Blackbaud, Inc. ( )
- Statement of Chair Lina M. Khan Joined by Commissioner Rebecca Kelly Slaughter and Commissioner Alvaro Bedoya In the Matter of X-Mode Social, Inc. and Outlogic, LLC ( )
- Statement of Commissioner Alvaro M. Bedoya On the Issuance of the Notice of Proposed Rulemaking to Update the Children's Online Privacy Protection Rule (COPPA Rule) ( )
- Statement of Commissioner Alvaro M. Bedoya On FTC v. Rite Aid Corporation ( )
- Letter from Chair Lina M. Khan to Didier Reynders, Commissioner for Justice, European Commission Concerning the EU-U.S. Data Privacy Framework Principles ( )
- Remarks of Chair Khan at the May 2023 Open Commission Meeting ( )
- Policy Statement of the Federal Trade Commission on Biometric Information and Section 5 of the Federal Trade Commission Act ( )
- Statement of Commissioner Rebecca Kelly Slaughter regarding the Health Breach Notification Rule and the Biometric Policy Statement ( )
- Statement of Commissioner Alvaro M. Bedoya in the Matter of Facebook, Inc. ( )
- Joint Statement on Enforcement Efforts Against Discrimination and Bias in Automated Systems ( )
- Remarks of BCP Director Samuel Levine at the JOLT Symposium at Harvard Law School ( )
- Concurring Statement from Commissioner Wilson Regarding BetterHelp ( )
- Application of Title V, Subtitle A, of the G-L-B Act, and of the Commission's Privacy Rule, to Attorneys At Law ( )
- Section 603(k): Definition of "adverse action" ( )
- Section 615(a): Required notice of adverse action based on a consumer report ( )
- Section 604(a)(3)(A): Credit transaction ( )
- Section 604(a)(2): Written authorization of consumer ( )
- Section 609: Disclosures to consumers ( )
- Section 603(g): Definition of "file" ( )
- Section 609(a)(3): Identification of recipients ( )
- Section 612: Charges for disclosures ( )
- Section 611(a): Investigation of consumer disputes by CRAs ( )
- Section 623(b): Duty of furnishers to investigate consumer disputes ( )
- Section 604(a)(3)(F): Legitimate business need ( )
- Section 603(d)(1): Definition of "consumer report" (general) ( )
- Section 616-617: Civil liability ( )
- Section 609(a)(1): Information to be disclosed ( )
- Section 604(a)(3)(C): Underwriting of insurance ( )
- Section 623(a)(1): Duty of furnishers to provide accurate information ( )
- Section 623(a)(5): Duty of furnishers to provide date of delinquency on charge-off, collection or similar accounts ( )
- Section 605(a)(4): Section 605(c) Time limits: Charge-off and collection accounts ( )
- Section 623(a)(2): Duty of furnishers to correct and update information ( )
- The FTC’s Efforts in the Greater Fight Against Ransomware and Cyber-Related Attacks ( )
- The U.S. SAFE WEB Act and the FTC’s Fight Against Cross-Border Fraud ( )
- Protecting Older Consumers 2022-2023: A Report of the Federal Trade Commission ( )
- Bringing Dark Patterns to Light ( )
- Combatting Online Harms Through Innovation ( )
- Consumer Sentinel Network Data Book 2021 ( )
- A Look at What ISPs Know About You: Examining the Privacy Practices of Six Major Internet Service Providers ( )
- FTC Report to Congress on Privacy and Security ( )
- Federal Trade Commission 2020 Privacy and Data Security Update ( )
- Protecting Consumers During the COVID-19 Pandemic: A Year in Review ( )
- Consumer Sentinel Network Data Book 2020 ( )
- 6(b) Orders to File Special Reports to Social Media and Video Streaming Service Providers ( )
- Social Media Bots and Advertising: FTC Report to Congress ( )
- Reports in Response to Senate Appropriations Committee Report 116-111 on the FTC’s Use of Its Authorities and the Resources Used and Needed to Protect Consumer Privacy and Security ( )
- Privacy & Data Security Update for 2019 ( )
- Consumer Sentinel Network Data Book 2019 ( )
- Privacy & Data Security Update for 2018 ( )
- Consumer Sentinel Network Data Book 2018 ( )
- FTC Informational Injury Workshop: BE and BCP Staff Perspective ( )
- Engage, Connect, Protect: The FTC’s Projects and Plans to Foster Small Business Cybersecurity - The Federal Trade Commission Staff Perspective ( )
- Comment from the Federal Trade Commission on Artificial Intelligence and Copyright ( )
- FTC Staff Comment to the Board of Governors of the Federal Reserve System, in Docket No. R-1748, RIN 7100-AG15, Debit Card Interchange Fees and Routing ( )
- FTC Staff Letter to Department of Health and Human Services Concerning the 21st Century Cures Act: Interoperability, Information Blocking and the ONC Health IT Certification Program Rule ( )
- Comment of the Staff of the Federal Trade Commission’s Bureau of Consumer Protection: Preliminary Draft for the NIST Privacy Framework ( )
- FTC Staff Comment to the NTIA: Developing the Administration’s Approach to Consumer Privacy ( )
- Comment of the Staff of the Bureau of Consumer Protection, the Bureau of Competition, and the Bureau of Economics of the Federal Trade Commission Before the Federal Communications Commission: In the Matter of Restoring Internet Freedom ( )
- FTC Comment to the National Telecommunications & Information Administration on “Communicating IoT Device Security Update Capability to Improve Transparency for Consumers” ( )
- FTC Staff Comment to the National Telecommunications and Information Administration Regarding the Safety Working Groups “Coordinated Vulnerability Disclosure ‘Early Stage’ Template” ( )
- Comment of Jessica L. Rich, Director, Bureau of Consumer Protection, to the National Highway Traffic Safety Administration Supporting the Inclusion of Consumer Privacy and Cybersecurity Guidance in the Document “Federal Automated Vehicles Policy” ( )
- FTC Staff Comment to the NTIA: The Benefits, Challenges, and Potential Roles for the Government in Fostering the Advancement of the Internet of Things ( )
- FTC Staff Comment to the Federal Communications Commission: In the Matter of Protecting the Privacy of Customers of Broadband and Other Telecommunications Services ( )
- Comment Filed by Jessica Rich on Privacy Enforcement Implications of FCC’s Proposed Set-Top Box Rulemaking ( )
- Comment Filed by Jessica Rich, Discussing Voluntary Code of Conduct for Utilities and Third Parties Providing Consumer Energy Use Services ( )
- FTC Comment Before the FCC Concerning Proposed Cyber Security Certification Program ( )
- Khalilah Suluki v. Credit One Bank, NA ( )
- Jones v. Google ( )
- Holden v. Holiday Inn Club Vacations, Inc. ( )
- FTC, CFPB Submit Amicus Brief Defending Consumers’ Ability to Dispute Inaccurate Items on Credit Reports ( )
- Sessa v. TransUnion, LLC ( )
- Henderson v. The Source for Public Data, L.P., et al. ( )
- Anthony Rivera v. JPMorgan Chase Bank, N.A. ( )
- Moran v. The Screening Pros LLC ( )
- Shamara T. King v. General Information Services, Inc. ( )
- Safeco Ins. Co. v. Burr; GEICO Gen. Ins. Co. v. Edo ( )
- Whitfield v. Radian Guaranty, Inc ( )
- Ashby v. Farmers Group, Inc ( )
- Spano v. SAFECO Insurance Co ( )
- Cole v. U.S. Capital, Inc. et al. ( )
- Willes v. State Farm Fire and Casualty Co ( )
- Rausch v. The Hartford Financial Services Group, Inc. ( )
- TRW Inc., Petitioner v. Adelaide Andrews ( )
- Toby Nelson v. Chase Manhattan Mortage Corporation, et al. ( )
- Deborah Wilson v. Rental Research Services, Inc. ( )
- Collecting, Using, or Sharing Consumer Health Information? Look to HIPAA, the FTC Act, and the Health Breach Notification Rule ( )
- Start with Security: A Guide for Business ( )
- Using Consumer Reports: What Landlords Need to Know ( )
- Mobile Health App Interactive Tool ( )
- Mobile Health App Developers: FTC Best Practices ( )
- FTC Safeguards Rule: What Your Business Needs to Know ( )
- Complying with FTC’s Health Breach Notification Rule ( )
- Health Breach Notification Rule: The Basics for Business ( )
- Data Breach Response: A Guide for Business ( )
- Consumer Reports: What Information Furnishers Need to Know ( )
- Careful Connections: Keeping the Internet of Things Secure ( )
- Complying with COPPA: Frequently Asked Questions ( )
- Stick with Security: A Business Blog Series ( )
- Digital Copier Data Security: A Guide for Businesses ( )
- Children’s Online Privacy Protection Rule: A Six-Step Compliance Plan for Your Business ( )
- Businesses Must Provide Victims and Law Enforcement with Transaction Records Relating to Identity Theft ( )
- App Developers: Start with Security ( )
- Small Business Computer Security Basics ( )
- Conceptos básicos sobre seguridad informática para pequeños negocios ( )
- Using Consumer Reports for Credit Decisions: What to Know About Adverse Action and Risk-Based Pricing Notices ( )
- Prepared Statement of the Federal Trade Commission: The Urgent Need to Fix Section 13(b) of the FTC Act ( )
- Opening Statement Of Acting Chairwoman Rebecca Kelly Slaughter before the United States House Committee on Energy and Commerce Subcommittee on Consumer Protection and Commerce: The Urgent Need To Fix Section 13(B) Of The FTC Act ( )
- Prepared Statement of the Federal Trade Commission: Curbing COVID Cons: Warning Consumers about Pandemic Frauds, Scams, and Swindles ( )
- Prepared Statement of the Federal Trade Commission: Strengthening the Federal Trade Commission's Authority to Protect Consumers ( )
- Oversight of the Federal Trade Commission ( )
- Statement of Commissioner Noah Joshua Phillips Regarding the Hearing on Oversight of the Federal Trade Commission ( )
- Written Testimony of Commissioner Chopra Before the House Judiciary, Subcommittee on Antitrust, Commercial, and Administrative Law: “Hearing on Online Platforms and Market Power, Part 3: The Role of Data and Privacy in Competition” ( )
- Opening Statement of Commissioner Chopra Before the House Judiciary, Subcommittee on Antitrust, Commercial, and Administrative Law: “Hearing on Online Platforms and Market Power, Part 3: The Role of Data and Privacy in Competition” ( )
- Statement of Commissioner Noah Joshua Phillips Before the Subcommittee on Consumer Protection and Commerce of the House Committee on Energy and Commerce ( )
- Prepared Remarks of Chairman Joseph J. Simons on “Oversight of the Federal Trade Commission: Strengthening Protections for American’s Privacy and Data Security” ( )
- Prepared Statement of the Federal Trade Commission: “Oversight of the Federal Trade Commission,” Before the Subcommittee on Consumer Protection and Commerce, United States House of Representatives Committee on Energy and Commerce ( )
- Prepared Opening Remarks of Commissioner Rohit Chopra Before the House Energy and Commerce Committee, Subcommittee on Consumer Protection and Commerce “Oversight of the Federal Trade Commission” ( )
- Oral Statement of Commissioner Christine S. Wilson as Prepared for Delivery Before the U.S. House Committee on Energy and Commerce Subcommittee on Consumer Protection and Commerce ( )
- Statement of Commissioner Rebecca Kelly Slaughter Before the Committee on Energy and Commerce, Subcommittee on Consumer Protection and Commerce ( )
- Prepared Statement of the Federal Trade Commission Before the Subcommittee on Economic and Consumer Policy of the Oversight and Reform Committee, United States House of Representatives ( )
- Prepared Statement of the Federal Trade Commission Before the Permanent Subcommittee on Investigations of the Committee on Homeland Security and Governmental Affairs, United States Senate ( )
- Prepared Statement of the Federal Trade Commission: “Oversight of the FTC,” Before the Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security of the Committee on Commerce, Science, and Transportation, United States Senate ( )
- Statement of Commissioner Noah Joshua Phillips Before the Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security of the US Senate Committee on Commerce, Science, and Transportation ( )
- Prepared Statement of FTC Commissioner Noah Joshua Phillips before the House Energy and Commerce Committee ( )
- Prepared Statement of the Federal Trade Commission: The Fair Credit Reporting Act, Credit Bureaus, and Data Security, Before the Committee On Banking, Housing, and Urban Affairs, United States Senate ( )