Privacy and Security Enforcement
When companies tell consumers they will safeguard their personal information, the FTC can and does take law enforcement action to make sure that companies live up these promises. The FTC has brought legal actions against organizations that have violated consumers’ privacy rights, or misled them by failing to maintain security for sensitive consumer information, or caused substantial consumer injury. In many of these cases, the FTC has charged the defendants with violating Section 5 of the FTC Act, which bars unfair and deceptive acts and practices in or affecting commerce. In addition to the FTC Act, the agency also enforces other federal laws relating to consumers’ privacy and security.
- Chegg ( )
- Drizly, LLC., In the Matter of ( )
- FTC v Kochava, Inc. ( )
- CafePress, In the Matter of ( )
- Twitter, Inc., U.S. v. ( )
- BoostMyScore LLC ( )
- Ascension Data & Analytics, LLC, In the Matter of ( )
- OpenX Technologies, Inc. ( )
- Kuuhuub, Inc., et al., U.S. v. (Recolor Oy) ( )
- Flo Health, Inc. ( )
- Everalbum, Inc., In the Matter of ( )
- Support King, LLC (SpyFone.com), In the Matter of ( )
- Vivint Smart Home, Inc. ( )
- SkyMed International, Inc., In the Matter of ( )
- AppFolio, Inc. ( )
- Midwest Recovery Systems, LLC ( )
- Zoom Video Communications, Inc., In the Matter of ( )
- MyLife.com, Inc. ( )
- Ortho-Clinical Diagnostics, Inc., In the Matter of ( )
- NTT Global Data Centers Americas, Inc., In the Matter of ( )
- FTC Extends Deadline by Six Months for Compliance with Some Changes to Financial Data Security Rule ( )
- FTC Brings Action Against Ed Tech Provider Chegg for Careless Security that Exposed Personal Data of Millions of Customers ( )
- FTC to Host Annual PrivacyCon Event Virtually on November 1 ( )
- FTC’s PrivacyCon 2022 Will Feature Research on Commercial Surveillance, Automated Decision Making ( )
- FTC Takes Action Against Drizly and its CEO James Cory Rellas for Security Failures that Exposed Data of 2.5 Million Consumers ( )
- FTC Extends Comment Deadline on Commercial Surveillance, Lax Data Security Practices Initiative Exploring Possible Rules ( )
- FTC Report Shows Rise in Sophisticated Dark Patterns Designed to Trick and Trap Consumers ( )
- FTC, CFPB Submit Amicus Brief Defending Consumers’ Ability to Dispute Inaccurate Items on Credit Reports ( )
- FTC to Host Forum on September 8 on Commercial Surveillance and Lax Data Security Practices ( )
- FTC Sues Kochava for Selling Data that Tracks People at Reproductive Health Clinics, Places of Worship, and Other Sensitive Locations ( )
- FTC Releases Final Agenda for Public Forum on Commercial Surveillance and Lax Data Security Practices ( )
- FTC Explores Rules Cracking Down on Commercial Surveillance and Lax Data Security Practices ( )
- FTC Finalizes Action Against CafePress for Covering Up Data Breach, Lax Security ( )
- FTC Report Warns About Using Artificial Intelligence to Combat Online Problems ( )
- FTC Charges Twitter with Deceptively Using Account Security Data to Sell Targeted Ads ( )
- FTC Calls for Research Presentations for PrivacyCon 2022 ( )
- FTC to Crack Down on Companies that Illegally Surveil Children Learning Online ( )
- FTC Announces Tentative Agenda for May 19 Open Commission Meeting ( )
- FTC Joins Amicus Brief Opposing Liability Shield for Sloppy Credit Reports ( )
- FTC Takes Action Against CafePress for Data Breach Cover Up ( )
- Compliance deadline for certain revised FTC Safeguards Rule provisions extended to June 2023(November 15, 2022)
- How readiness can help protect veteran-owned businesses(November 10, 2022)
- Live from your laptop, it’s PrivacyCon(November 1, 2022)
- Multiple data breaches suggest ed tech company Chegg didn’t do its homework, alleges FTC(October 31, 2022)
- In time for Halloween: Our Top 10 “Nightmare on Main Street” consumer protection horror films(October 25, 2022)
- Data security forecast: Drizly with a 100% chance of far-reaching order provisions(October 24, 2022)
- FTC issues illuminating report on digital dark patterns(September 19, 2022)
- FTC forum on commercial surveillance and data security convenes soon(September 7, 2022)
- $3 million FTC settlement disapproves of Credit Karma’s deceptive “pre-approved” claims(September 1, 2022)
- FTC says data broker sold consumers’ precise geolocation, including presence at sensitive healthcare facilities(August 29, 2022)
- FTC undertakes inquiry into commercial surveillance practices and wants your insights(August 16, 2022)
- Amplifying the impact of your research(July 26, 2022)
- Location, health, and other sensitive information: FTC committed to fully enforcing the law against illegal use and sharing of highly sensitive data(July 11, 2022)
- Topics for FTC PrivacyCon 2022 include commercial surveillance, automated decision-making(June 6, 2022)
- FTC says credit repair business doubled as a pyramid scheme(May 31, 2022)
- Twitter to pay $150 million penalty for allegedly breaking its privacy promises – again(May 23, 2022)
- New publication offers guidance on revised FTC Safeguards Rule(May 24, 2022)
- FTC to Ed Tech: Protecting kids’ privacy is your responsibility(May 19, 2022)
- FTC alleges “The Credit Game” broke the rules governing credit repair(May 5, 2022)
- What the pandemic has taught businesses about the collection of health information(April 21, 2022)
- PrivacyCon 2021July 27, 2021
- Bringing Dark Patterns to Light: An FTC WorkshopApril 29, 2021
- Identity Theft Awareness Week Podcast: The FTC and Identity Theft Resource Center talk about identity theft and COVID-19February 5, 2021
- Identity Theft Awareness Week Facebook Live Event: The FTC and AARP discuss identity theftFebruary 4, 2021
- Identity Theft Awareness Week: The FTC and Identity Theft Resource Center partner for a LinkedIn Story “takeover”February 3, 2021
- Identity Theft Awareness Week Webinar: Ripple Effects of COVID-19-Related Identity Theft & Tips to Protect Yourself in 2021February 1, 2021
- Data To Go: An FTC Workshop on Data PortabilitySeptember 22, 2020
- PrivacyCon 2020July 21, 2020
- Information Security and Financial Institutions: FTC Workshop to Examine Safeguards RuleJuly 13, 2020
- Tax ID Theft Awareness Week Twitter Chat: Protecting Against Tax ID Theft and Government Imposter ScamsFebruary 6, 2020
- Tax ID Theft Awareness Week Webinar with the FTC and Identity Theft Resource CenterFebruary 6, 2020
- Tax ID Theft Awareness Week Tele-Town Halls with the FTC, AARP, and the U.S. Treasury DepartmentFebruary 5, 2020
- Tax ID Theft Awareness Week Tele-Town Halls with the FTC, AARP, and the U.S. Treasury DepartmentFebruary 5, 2020
- Tax ID Theft Awareness Week Webinar for Small Businesses with the FTC and IRSFebruary 4, 2020
- Tax ID Theft Awareness Week Webinar with the FTC and Identity Theft Resource CenterFebruary 3, 2020
- Tax ID Theft Awareness Webinar with the FTC, Veterans Administration and US Postal Inspection ServiceJanuary 29, 2020
- You Don't Say: An FTC Workshop on Voice Cloning TechnologiesJanuary 28, 2020
- Accuracy in Consumer Reporting WorkshopDecember 10, 2019
- The Future of the COPPA Rule: An FTC WorkshopOctober 7, 2019
- Green Lights & Red Flags: FTC Rules of the Road for BusinessAugust 15, 2019
- Remarks of Chief Technologist Stephanie T. Nguyen As Prepared for Delivery: PrivacyCon 2022 ( )
- Statement of Chair Lina M. Khan Joined by Commissioner Alvaro M. Bedoya In the Matter of Drizly ( )
- How (Not) to Regulate Technology: Reflections from FTC Commissioner Phillips ( )
- Statement of Commissioner Rebecca Kelly Slaughter Regarding Bureau of Consumer Protection Staff Report: “Bringing Dark Patterns to Light” ( )
- Concurring Statement of Commissioner Christine S. Wilson regarding Federal Trade Commission Report to Congress on COPPA Staffing, Enforcement and Remedies ( )
- Statement of Commissioner Christine S. Wilson Regarding the Combatting Online Harms Through Innovation Report ( )
- Policy Statement of the Federal Trade Commission on Rebates and Fees in Exchange for Excluding Lower Cost Drug Products ( )
- Statement of Commissioner Alvaro M. Bedoya Regarding Report to Congress on Combatting Online Harms Through Innovation ( )
- Remarks of Chair Lina M. Khan Regarding Combatting Online Harms Through Innovation Report ( )
- Statement of Commissioner Rebecca Kelly Slaughter Regarding the Commission's Report to Congress: Combatting Online Harms Through Innovation ( )
- Dissenting Statement of Commissioner Noah Joshua Phillips Regarding the Combatting Online Harms Through Innovation Report to Congress ( )
- Oral Remarks of Christine S. Wilson at Open Commission Meeting on June 16, 2022 ( )
- Statement of Chair Lina M. Khan Joined by Commissioner Rebecca Kelly Slaughter in the Matter of Twitter, Inc. ( )
- Statement of Commissioner Alvaro Martin Bedoya Regarding the Policy Statement on Education Technology and COPPA ( )
- Policy Statement of the Federal Trade Commission on Education Technology and the Children's Online Privacy Protection Act ( )
- Remarks by Commissioner Christine S. Wilson on the Policy Statement on Education Technology and the Children's Online Privacy Protection Act and the Request for Public Comment on the Amendments to the Endorsement Guides ( )
- Statement of Chair Lina M. Khan Regarding Policy Statement on Education Technology and the Children's Online Privacy Protection Act ( )
- Remarks of Samuel Levine at Cleveland-Marshall College of Law Cybersecurity and Privacy Protection Conference ( )
- Remarks of Samuel Levine at LGBTQ+ Elder Fraud Prevention and Response Network Summit ( )
- Letter from FTC Commissioner Wilson to Senator Wyden re IRS Planned Use of Facial Recognition ( )
- Application of Title V, Subtitle A, of the G-L-B Act, and of the Commission's Privacy Rule, to Attorneys At Law ( )
- Section 603(k): Definition of "adverse action" ( )
- Section 615(a): Required notice of adverse action based on a consumer report ( )
- Section 604(a)(3)(A): Credit transaction ( )
- Section 604(a)(2): Written authorization of consumer ( )
- Section 609: Disclosures to consumers ( )
- Section 611(a): Investigation of consumer disputes by CRAs ( )
- Section 623(b): Duty of furnishers to investigate consumer disputes ( )
- Section 603(g): Definition of "file" ( )
- Section 609(a)(3): Identification of recipients ( )
- Section 612: Charges for disclosures ( )
- Section 603(d)(1): Definition of "consumer report" (general) ( )
- Section 604(a)(3)(F): Legitimate business need ( )
- Section 616-617: Civil liability ( )
- Section 609(a)(1): Information to be disclosed ( )
- Section 604(a)(3)(C): Underwriting of insurance ( )
- Section 623(a)(2): Duty of furnishers to correct and update information ( )
- Section 623(a)(1): Duty of furnishers to provide accurate information ( )
- Section 623(a)(5): Duty of furnishers to provide date of delinquency on charge-off, collection or similar accounts ( )
- Section 605(a)(4): Section 605(c) Time limits: Charge-off and collection accounts ( )
- Combatting Online Harms Through Innovation ( )
- Consumer Sentinel Network Data Book 2021 ( )
- A Look at What ISPs Know About You: Examining the Privacy Practices of Six Major Internet Service Providers ( )
- FTC Report to Congress on Privacy and Security ( )
- Protecting Consumers During the COVID-19 Pandemic: A Year in Review ( )
- Consumer Sentinel Network Data Book 2020 ( )
- 6(b) Orders to File Special Reports to Social Media and Video Streaming Service Providers ( )
- Reports in Response to Senate Appropriations Committee Report 116-111 on the FTC’s Use of Its Authorities and the Resources Used and Needed to Protect Consumer Privacy and Security ( )
- Privacy & Data Security Update for 2019 ( )
- Consumer Sentinel Network Data Book 2019 ( )
- Privacy & Data Security Update for 2018 ( )
- Consumer Sentinel Network Data Book 2018 ( )
- FTC Informational Injury Workshop: BE and BCP Staff Perspective ( )
- Engage, Connect, Protect: The FTC’s Projects and Plans to Foster Small Business Cybersecurity - The Federal Trade Commission Staff Perspective ( )
- Mobile Security Updates: Understanding the Issues ( )
- Do Web Hosts Protect Their Small Business Customers With Secure Hosting And Anti-Phishing Technologies? The Federal Trade Commission Staff Perspective ( )
- Privacy & Data Security Update (2017): An Overview of the Commission’s Enforcement, Policy Initiatives, and Consumer Outreach and Business Guidance in the Areas of Privacy and Data Security: January 2017 – December 2017 ( )
- The Connected Cars Workshop: The Federal Trade Commission Staff Perspective ( )
- Cross-Device Tracking: A Federal Trade Commission Staff Report (January 2017) ( )
- Privacy & Data Security Update (2016) ( )
- FTC Staff Comment to the Board of Governors of the Federal Reserve System, in Docket No. R-1748, RIN 7100-AG15, Debit Card Interchange Fees and Routing ( )
- FTC Staff Letter to Department of Health and Human Services Concerning the 21st Century Cures Act: Interoperability, Information Blocking and the ONC Health IT Certification Program Rule ( )
- Comment of the Staff of the Federal Trade Commission’s Bureau of Consumer Protection: Preliminary Draft for the NIST Privacy Framework ( )
- FTC Staff Comment to the NTIA: Developing the Administration’s Approach to Consumer Privacy ( )
- Comment of the Staff of the Bureau of Consumer Protection, the Bureau of Competition, and the Bureau of Economics of the Federal Trade Commission Before the Federal Communications Commission: In the Matter of Restoring Internet Freedom ( )
- FTC Comment to the National Telecommunications & Information Administration on “Communicating IoT Device Security Update Capability to Improve Transparency for Consumers” ( )
- FTC Staff Comment to the National Telecommunications and Information Administration Regarding the Safety Working Groups “Coordinated Vulnerability Disclosure ‘Early Stage’ Template” ( )
- Comment of Jessica L. Rich, Director, Bureau of Consumer Protection, to the National Highway Traffic Safety Administration Supporting the Inclusion of Consumer Privacy and Cybersecurity Guidance in the Document “Federal Automated Vehicles Policy” ( )
- FTC Staff Comment to the NTIA: The Benefits, Challenges, and Potential Roles for the Government in Fostering the Advancement of the Internet of Things ( )
- FTC Staff Comment to the Federal Communications Commission: In the Matter of Protecting the Privacy of Customers of Broadband and Other Telecommunications Services ( )
- Comment Filed by Jessica Rich on Privacy Enforcement Implications of FCC’s Proposed Set-Top Box Rulemaking ( )
- Comment Filed by Jessica Rich, Discussing Voluntary Code of Conduct for Utilities and Third Parties Providing Consumer Energy Use Services ( )
- FTC Comment Before the FCC Concerning Proposed Cyber Security Certification Program ( )
- FTC Safeguards Rule: What Your Business Needs to Know ( )
- Complying with FTC’s Health Breach Notification Rule ( )
- Health Breach Notification Rule: The Basics for Business ( )
- Data Breach Response: A Guide for Business ( )
- Consumer Reports: What Information Furnishers Need to Know ( )
- Careful Connections: Keeping the Internet of Things Secure ( )
- Complying with COPPA: Frequently Asked Questions ( )
- Stick with Security: A Business Blog Series ( )
- Digital Copier Data Security: A Guide for Businesses ( )
- Children’s Online Privacy Protection Rule: A Six-Step Compliance Plan for Your Business ( )
- Businesses Must Provide Victims and Law Enforcement with Transaction Records Relating to Identity Theft ( )
- App Developers: Start with Security ( )
- Small Business Computer Security Basics ( )
- Conceptos básicos sobre seguridad informática para pequeños negocios ( )
- Consumer Reports: What Insurers Need to Know ( )
- Using Consumer Reports for Credit Decisions: What to Know About Adverse Action and Risk-Based Pricing Notices ( )
- Using Consumer Reports: What Employers Need to Know ( )
- What Tenant Background Screening Companies Need to Know About the Fair Credit Reporting Act ( )
- Using Consumer Reports: What Landlords Need to Know ( )
- Protecting Personal Information: A Guide for Business ( )
- Prepared Statement of the Federal Trade Commission: The Urgent Need to Fix Section 13(b) of the FTC Act ( )
- Opening Statement Of Acting Chairwoman Rebecca Kelly Slaughter before the United States House Committee on Energy and Commerce Subcommittee on Consumer Protection and Commerce: The Urgent Need To Fix Section 13(B) Of The FTC Act ( )
- Prepared Statement of the Federal Trade Commission: Curbing COVID Cons: Warning Consumers about Pandemic Frauds, Scams, and Swindles ( )
- Prepared Statement of the Federal Trade Commission: Strengthening the Federal Trade Commission's Authority to Protect Consumers ( )
- Statement of Commissioner Noah Joshua Phillips Regarding the Hearing on Oversight of the Federal Trade Commission ( )
- Oversight of the Federal Trade Commission ( )
- Written Testimony of Commissioner Chopra Before the House Judiciary, Subcommittee on Antitrust, Commercial, and Administrative Law: “Hearing on Online Platforms and Market Power, Part 3: The Role of Data and Privacy in Competition” ( )
- Opening Statement of Commissioner Chopra Before the House Judiciary, Subcommittee on Antitrust, Commercial, and Administrative Law: “Hearing on Online Platforms and Market Power, Part 3: The Role of Data and Privacy in Competition” ( )
- Statement of Commissioner Noah Joshua Phillips Before the Subcommittee on Consumer Protection and Commerce of the House Committee on Energy and Commerce ( )
- Prepared Remarks of Chairman Joseph J. Simons on “Oversight of the Federal Trade Commission: Strengthening Protections for American’s Privacy and Data Security” ( )
- Prepared Statement of the Federal Trade Commission: “Oversight of the Federal Trade Commission,” Before the Subcommittee on Consumer Protection and Commerce, United States House of Representatives Committee on Energy and Commerce ( )
- Prepared Opening Remarks of Commissioner Rohit Chopra Before the House Energy and Commerce Committee, Subcommittee on Consumer Protection and Commerce “Oversight of the Federal Trade Commission” ( )
- Oral Statement of Commissioner Christine S. Wilson as Prepared for Delivery Before the U.S. House Committee on Energy and Commerce Subcommittee on Consumer Protection and Commerce ( )
- Statement of Commissioner Rebecca Kelly Slaughter Before the Committee on Energy and Commerce, Subcommittee on Consumer Protection and Commerce ( )
- Prepared Statement of the Federal Trade Commission Before the Subcommittee on Economic and Consumer Policy of the Oversight and Reform Committee, United States House of Representatives ( )
- Prepared Statement of the Federal Trade Commission Before the Permanent Subcommittee on Investigations of the Committee on Homeland Security and Governmental Affairs, United States Senate ( )
- Statement of Commissioner Noah Joshua Phillips Before the Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security of the US Senate Committee on Commerce, Science, and Transportation ( )
- Prepared Statement of the Federal Trade Commission: “Oversight of the FTC,” Before the Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security of the Committee on Commerce, Science, and Transportation, United States Senate ( )
- Prepared Statement of FTC Commissioner Noah Joshua Phillips before the House Energy and Commerce Committee ( )
- Prepared Statement of the Federal Trade Commission: The Fair Credit Reporting Act, Credit Bureaus, and Data Security, Before the Committee On Banking, Housing, and Urban Affairs, United States Senate ( )
