Privacy and Security Enforcement | Federal Trade Commission

Skip to main content

Privacy and Security Enforcement

When companies tell consumers they will safeguard their personal information, the FTC can and does take law enforcement action to make sure that companies live up these promises. The FTC has brought legal actions against organizations that have violated consumers’ privacy rights, or misled them by failing to maintain security for sensitive consumer information, or caused substantial consumer injury. In many of these cases, the FTC has charged the defendants with violating Section 5 of the FTC Act, which bars unfair and deceptive acts and practices in or affecting commerce. In addition to the FTC Act, the agency also enforces other federal laws relating to consumers’ privacy and security.

CafePress, In the Matter of
(June 24, 2022 )
Twitter, Inc., U.S. v.
(May 25, 2022 )
BoostMyScore LLC
(May 6, 2022 )
Ascension Data & Analytics, LLC, In the Matter of
(December 22, 2021 )
OpenX Technologies, Inc.
(December 15, 2021 )
Kuuhuub, Inc., et al., U.S. v. (Recolor Oy)
(July 22, 2021 )
Flo Health, Inc.
(June 22, 2021 )
Everalbum, Inc., In the Matter of
(May 7, 2021 )
Support King, LLC (SpyFone.com), In the Matter of
(May 3, 2021 )
Vivint Smart Home, Inc.
(April 29, 2021 )
SkyMed International, Inc., In the Matter of
(December 16, 2020 )
AppFolio, Inc.
(December 8, 2020 )
Midwest Recovery Systems, LLC
(November 30, 2020 )
Zoom Video Communications, Inc., In the Matter of
(November 9, 2020 )
MyLife.com, Inc.
(July 27, 2020 )
Ortho-Clinical Diagnostics, Inc., In the Matter of
(July 13, 2020 )
NTT Global Data Centers Americas, Inc., In the Matter of
(July 9, 2020 )
Miniclip, In the Matter of
(July 6, 2020 )
Kohl's Department Stores, Inc.
(June 10, 2020 )
HyperBeard, Inc.
(June 4, 2020 )

FTC Finalizes Action Against CafePress for Covering Up Data Breach, Lax Security
(June 24, 2022 )
FTC Report Warns About Using Artificial Intelligence to Combat Online Problems
(June 16, 2022 )
FTC Charges Twitter with Deceptively Using Account Security Data to Sell Targeted Ads
(May 25, 2022 )
FTC Calls for Research Presentations for PrivacyCon 2022
(May 23, 2022 )
FTC to Crack Down on Companies that Illegally Surveil Children Learning Online
(May 19, 2022 )
FTC Announces Tentative Agenda for May 19 Open Commission Meeting
(May 12, 2022 )
FTC Joins Amicus Brief Opposing Liability Shield for Sloppy Credit Reports
(May 6, 2022 )
FTC Takes Action Against CafePress for Data Breach Cover Up
(March 15, 2022 )
FTC Takes Action Against Company Formerly Known as Weight Watchers for Illegally Collecting Kids’ Sensitive Health Data
(March 4, 2022 )
FTC Marks Identity Theft Awareness Week for 2022 January 31-February 4
(January 21, 2022 )
Lead Generator that Deceptively Solicited Loan Applications from Millions of Consumers and Indiscriminately Shared Sensitive Info Agrees to Pay $1.5 Million FTC Penalty
(January 7, 2022 )
Merchant Cash Advance Providers Banned from Industry, Ordered to Redress Small Businesses
(January 5, 2022 )
FTC Finalizes Order with Mortgage Analytics Firm, Requiring it to Strengthen Security Safeguards, Increase Oversight of Vendors
(December 22, 2021 )
FTC Finalizes Order Banning Stalkerware Provider from Spyware Business
(December 21, 2021 )
FTC, DOJ Obtain Ban on Negative Option Marketing and $21 Million for Consumers Deceived by Background Report Provider MyLife
(December 16, 2021 )
Advertising Platform OpenX Will Pay $2 Million for Collecting Personal Information from Children in Violation of Children’s Privacy Law
(December 15, 2021 )
FTC Strengthens Security Safeguards for Consumer Financial Information Following Widespread Data Breaches
(October 27, 2021 )
FTC Staff Report Finds Many Internet Service Providers Collect Troves of Personal Data, Users Have Few Options to Restrict Use
(October 21, 2021 )
FTC Chair and CFPB Director Issue Joint Statement on Amicus Brief filed in Henderson v. The Source for Public Data, L.P.
(October 14, 2021 )
FTC Announces Tentative Agenda for October 21 Open Commission Meeting
(October 14, 2021 )

Topics for FTC PrivacyCon 2022 include commercial surveillance, automated decision-making
(June 6, 2022)
FTC says credit repair business doubled as a pyramid scheme
(May 31, 2022)
Twitter to pay $150 million penalty for allegedly breaking its privacy promises – again
(May 23, 2022)
New publication offers guidance on revised FTC Safeguards Rule
(May 24, 2022)
FTC to Ed Tech: Protecting kids’ privacy is your responsibility
(May 19, 2022)
FTC alleges “The Credit Game” broke the rules governing credit repair
(May 5, 2022)
What the pandemic has taught businesses about the collection of health information
(April 21, 2022)
Data breach prevention and response: Lessons from the CafePress case
(March 15, 2022)
When it comes to health data, comply with COPPA – no kidding
(March 10, 2022)
Revised Health Breach Notification Rule resources spell out companies’ legal obligations
(January 21, 2022)
FTC says Dun & Bradstreet deceived small businesses about services and pricing
(January 13, 2022)
Where in the world is…? FTC challenges stealthy geolocation tracking and COPPA violations
(December 15, 2021)
Ransomware risk: 2 preventive steps for your small business
(November 5, 2021)
A Look at What ISPs Know About You: A must-read report from the FTC
(October 21, 2021)
NIST workshop considers improvements to labeling for Internet of Things products and consumer software
(September 8, 2021)
FTC action against stalkerware app SpyFone and CEO Scott Zuckerman underscores threats of surveillance businesses
(September 1, 2021)
Get ready for PrivacyCon on July 27th
(July 20, 2021)
FTC gets back to the basics at June 24th Dallas workshop for businesses, attorneys
(June 21, 2021)
Back to business #1: Where’s your data?
(June 14, 2021)
Helping you answer consumers’ privacy questions
(June 4, 2021)

PrivacyCon 2021
July 27, 2021
Bringing Dark Patterns to Light: An FTC Workshop
April 29, 2021
Identity Theft Awareness Week Podcast: The FTC and Identity Theft Resource Center talk about identity theft and COVID-19
February 5, 2021
Identity Theft Awareness Week Facebook Live Event: The FTC and AARP discuss identity theft
February 4, 2021
Identity Theft Awareness Week: The FTC and Identity Theft Resource Center partner for a LinkedIn Story “takeover”
February 3, 2021
Identity Theft Awareness Week Webinar: Ripple Effects of COVID-19-Related Identity Theft & Tips to Protect Yourself in 2021
February 1, 2021
Data To Go: An FTC Workshop on Data Portability
September 22, 2020
PrivacyCon 2020
July 21, 2020
Information Security and Financial Institutions: FTC Workshop to Examine Safeguards Rule
July 13, 2020
Tax ID Theft Awareness Week Twitter Chat: Protecting Against Tax ID Theft and Government Imposter Scams
February 6, 2020
Tax ID Theft Awareness Week Webinar with the FTC and Identity Theft Resource Center
February 6, 2020
Tax ID Theft Awareness Week Tele-Town Halls with the FTC, AARP, and the U.S. Treasury Department
February 5, 2020
Tax ID Theft Awareness Week Tele-Town Halls with the FTC, AARP, and the U.S. Treasury Department
February 5, 2020
Tax ID Theft Awareness Week Webinar for Small Businesses with the FTC and IRS
February 4, 2020
Tax ID Theft Awareness Week Webinar with the FTC and Identity Theft Resource Center
February 3, 2020
Tax ID Theft Awareness Webinar with the FTC, Veterans Administration and US Postal Inspection Service
January 29, 2020
You Don't Say: An FTC Workshop on Voice Cloning Technologies
January 28, 2020
Accuracy in Consumer Reporting Workshop
December 10, 2019
The Future of the COPPA Rule: An FTC Workshop
October 7, 2019
Green Lights & Red Flags: FTC Rules of the Road for Business
August 15, 2019

Application of Title V, Subtitle A, of the G-L-B Act, and of the Commission's Privacy Rule, to Attorneys At Law
(April 8, 2002 )
Section 603(k): Definition of "adverse action"
(June 28, 2001 )
Section 615(a): Required notice of adverse action based on a consumer report
(June 28, 2001 )
Section 604(a)(3)(A): Credit transaction
(June 22, 2001 )
Section 604(a)(2): Written authorization of consumer
(May 24, 2001 )
Section 609: Disclosures to consumers
(August 8, 2000 )
Section 603(g): Definition of "file"
(August 1, 2000 )
Section 609(a)(3): Identification of recipients
(August 1, 2000 )
Section 612: Charges for disclosures
(August 1, 2000 )
Section 611(a): Investigation of consumer disputes by CRAs
(August 1, 2000 )
Section 623(b): Duty of furnishers to investigate consumer disputes
(August 1, 2000 )
Section 603(d)(1): Definition of "consumer report" (general)
(July 26, 2000 )
Section 604(a)(3)(F): Legitimate business need
(July 26, 2000 )
Section 616-617: Civil liability
(July 6, 2000 )
Section 609(a)(1): Information to be disclosed
(June 30, 2000 )
Section 604(a)(3)(C): Underwriting of insurance
(March 1, 2000 )
Section 623(a)(5): Duty of furnishers to provide date of delinquency on charge-off, collection or similar accounts
(February 15, 2000 )
Section 605(a)(4): Section 605(c) Time limits: Charge-off and collection accounts
(February 15, 2000 )
Section 623(a)(2): Duty of furnishers to correct and update information
(February 15, 2000 )
Section 623(a)(1): Duty of furnishers to provide accurate information
(February 15, 2000 )

Combatting Online Harms Through Innovation
(June 16, 2022 )
Consumer Sentinel Network Data Book 2021
(February 22, 2022 )
A Look at What ISPs Know About You: Examining the Privacy Practices of Six Major Internet Service Providers
(October 21, 2021 )
FTC Report to Congress on Privacy and Security
(September 13, 2021 )
Protecting Consumers During the COVID-19 Pandemic: A Year in Review
(April 19, 2021 )
Consumer Sentinel Network Data Book 2020
(February 4, 2021 )
6(b) Orders to File Special Reports to Social Media and Video Streaming Service Providers
(December 14, 2020 )
Reports in Response to Senate Appropriations Committee Report 116-111 on the FTC’s Use of Its Authorities and the Resources Used and Needed to Protect Consumer Privacy and Security
(June 18, 2020 )
Privacy & Data Security Update for 2019
(February 21, 2020 )
Consumer Sentinel Network Data Book 2019
(January 23, 2020 )
Privacy & Data Security Update for 2018
(March 15, 2019 )
Consumer Sentinel Network Data Book 2018
(February 28, 2019 )
FTC Informational Injury Workshop: BE and BCP Staff Perspective
(October 19, 2018 )
Engage, Connect, Protect: The FTC’s Projects and Plans to Foster Small Business Cybersecurity - The Federal Trade Commission Staff Perspective
(April 10, 2018 )
Mobile Security Updates: Understanding the Issues
(February 28, 2018 )
Do Web Hosts Protect Their Small Business Customers With Secure Hosting And Anti-Phishing Technologies? The Federal Trade Commission Staff Perspective
(February 20, 2018 )
Privacy & Data Security Update (2017): An Overview of the Commission’s Enforcement, Policy Initiatives, and Consumer Outreach and Business Guidance in the Areas of Privacy and Data Security: January 2017 – December 2017
(January 18, 2018 )
The Connected Cars Workshop: The Federal Trade Commission Staff Perspective
(January 9, 2018 )
Cross-Device Tracking: A Federal Trade Commission Staff Report (January 2017)
(January 23, 2017 )
Privacy & Data Security Update (2016)
(January 19, 2017 )

Moran v. The Screening Pros LLC
(October 4, 2013 )

FTC Safeguards Rule: What Your Business Needs to Know
(May 24, 2022 )
Complying with FTC’s Health Breach Notification Rule
(January 21, 2022 )
Health Breach Notification Rule: The Basics for Business
(January 21, 2022 )
Data Breach Response: A Guide for Business
(February 1, 2021 )
Consumer Reports: What Information Furnishers Need to Know
(January 13, 2021 )
Careful Connections: Keeping the Internet of Things Secure
(September 29, 2020 )
Complying with COPPA: Frequently Asked Questions
(July 20, 2020 )
Stick with Security: A Business Blog Series
(October 12, 2017 )
Digital Copier Data Security: A Guide for Businesses
(July 1, 2017 )
Children’s Online Privacy Protection Rule: A Six-Step Compliance Plan for Your Business
(June 20, 2017 )
Businesses Must Provide Victims and Law Enforcement with Transaction Records Relating to Identity Theft
(May 18, 2017 )
App Developers: Start with Security
(May 17, 2017 )
Small Business Computer Security Basics
(April 26, 2017 )
Conceptos básicos sobre seguridad informática para pequeños negocios
(April 12, 2017 )
Using Consumer Reports for Credit Decisions: What to Know About Adverse Action and Risk-Based Pricing Notices
(November 9, 2016 )
Consumer Reports: What Insurers Need to Know
(November 9, 2016 )
Using Consumer Reports: What Employers Need to Know
(October 31, 2016 )
Using Consumer Reports: What Landlords Need to Know
(October 19, 2016 )
What Tenant Background Screening Companies Need to Know About the Fair Credit Reporting Act
(October 19, 2016 )
Protecting Personal Information: A Guide for Business
(October 14, 2016 )

PrivacyCon 2021 (Part 2)

July 29, 2021

PrivacyCon 2021 (Part 1)

July 29, 2021

Data To Go: An FTC Workshop on Data Portability

September 22, 2020

PrivacyCon 2020 (Part 2)

July 21, 2020

PrivacyCon 2020 (Part 1)

July 21, 2020

FTC Workshop to Examine Safeguards Rule (Part 2)

July 13, 2020

FTC Workshop to Examine Safeguards Rule (Part 1)

July 13, 2020

FTC Voice Cloning Technologies Workshop

January 28, 2020

Accuracy in Consumer Reporting Workshop (Session 1)

December 10, 2019

Accuracy in Consumer Reporting Workshop (Session 2)

December 10, 2019

The Future of the COPPA Rule: An FTC Workshop - Session 1

October 7, 2019

The Future of the COPPA Rule: An FTC Workshop - Session 2

October 7, 2019

FTC Press Conference on Settlement With Google / YouTube

September 4, 2019

FTC Press Conference on Facebook Settlement

July 24, 2019

FTC Press Conference on Equifax Settlement

July 22, 2019

PrivacyCon 2019 - Part 2

June 27, 2019

PrivacyCon 2019 - Part 1

June 27, 2019

FTC Hearing 12: April 10 Session 2 Remarks by FTC Commissioner Rebecca Kelly Slaughter followed by Panel Discussions on Accountability and Whether the FTC's Toolkit Concerning Consumer Privacy is Adequate

April 10, 2019

FTC Hearing 12: April 10 Session 1 Panel Discussions on the Role of Notice and Choice and the Role of Access, Deletion and Correction in Connection with Consumer Privacy

April 10, 2019

FTC Hearing 12: April 9 Session 2 Remarks by FTC Commissioner Noah Joshua Phillips followed by Panels on Consumer Demand and Expectations for Privacy and Current Approaches to Privacy

April 9, 2019