Show Hide Section Navigation

    Filter Cases

  • {[]}

Produced by the IAPP Westin Research Center

The FTC Casebook collects and provides access to more than 180 privacy and data security enforcement actions—full-text searchable, tagged, indexed and annotated.


Sorry, No Matching Results Found

Recent FTC Privacy News

Keeping Promises: Corporate Control Transactions Do Not Nullify Data Obligations

(Jul 1, 2015) The New York Times (NYT) sounded an alarm this week with respect to wholesale transfers of consumer data in the context of corporate mergers, acquisitions and bankruptcy transactions. The NYT's research demonstrates that regardless of the promises in a company’s privacy policy, when the company is up for sale all bets are off. The article looks at 100 of the most popular websites, finding that “of the 99 sites with English-language terms of service or privacy policies, 85 said they might transfe... Read More

IAPP Announces PLSC Winners

(Jun 30, 2015) This year’s Privacy Law Scholars Conference featured some of the leading thinking in the field, and the IAPP was proud to award $2,500 and a speaking role to the authors of the two papers voted as the best of the best. After a couple of years featuring co-written papers, this year we’ve awarded two single authors for work that, on the one hand, looks back at the history of the Social Security number and, on the other, offers a path toward a new and better form of consumer-protection regulation. Read More

FTC CPO: Making Sure We Put Our Money Where Our Mouth Is

(Jun 8, 2015) Katie Race Brin might be relatively new as the FTC’s chief privacy officer, but, her passion for privacy rights took root years ago. A law student at Berkeley, she was a member of the first-ever class at the Samuelson Law, Technology & Public Policy clinic, then-headed by well-known scholar Deidre Mulligan. Now, she's in charge of privacy at the agency known as the virtual cop on the privacy beat. “My job is basically making sure we’re putting our money where our mouth is in terms of privacy,” she said. “As part of our consumer protection mission, we bring enforcement actions when companies engage in unfair or deceptive practices in violation of Section 5. We take action when companies haven’t adequately protected information, so we have to make sure that as an agency we’re holding ourselves to those same standards.” Angelique Carson, CIPP/US, talks to Brin in this exclusive for The Privacy Advisor. Read More

Featured Cases

    Nomi Technologies, Inc.

    (Apr 23, 2015) Nomi Technologies, a company whose technology allows retailers to track consumers’ movements through their stores, agreed to settle FTC charges that it misled consumers with promises that it would provide an in-store mechanism for consumers to opt out of tracking and that consumers would be informed when locations were using Nomi’s tracking services. Read More

    TES Franchising, LLC

    (Apr 7, 2015) FTC filed a complaint against TES Franchising, LLC, and American International Mailing, Inc. alleging the companies’ websites indicated they were currently certified under the U.S.-EU Safe Harbor Framework and U.S.-Swiss Safe Harbor Framework, when in fact their certifications had lapsed years earlier. Read More

    American International Mailing, Inc.

    (Apr 7, 2015) American International Mailing, Inc. self-certified compliance with the U.S.-EU Safe Harbor Framework in 2006 but failed to renew its self-certification from 2010-2015, despite continuing to state in its privacy statements that it abides by the Safe Harbor Principles. The FTC charged AIM with one count of deceptive trade practices under Section 5. Read More

    Craig Brittain, In the Matter of

    (Jan 29, 2015) The FTC’s complaint against Craig Brittain alleged that he used deception to acquire and post intimate images of women, then referred them to another website he controlled, where they were told they could have the pictures removed if they paid hundreds of dollars. Read More

    Sitesearch Corporation, Doing Business As LeapLab

    (Dec 23, 2014) LeapLab, a data broker operation, allegedly sold the sensitive personal information of hundreds of thousands of consumers – including Social Security and bank account numbers – to scammers who debited millions from their accounts. Read More

    TRUSTe, Inc.

    (Nov 17, 2014) TRUSTe, Inc., a major provider of privacy certifications for online businesses, agreed to settle Federal Trade Commission charges that it deceived consumers about its recertification program for company’s privacy practices, as well as perpetuated its misrepresentation as a non-profit entity. TRUSTe seals assure consumers that businesses’ privacy practices are in compliance with specific privacy standards like the Children’s Online Privacy Protection Act (COPPA) and the U.S.-EU Safe Harbor Framework. Read More

    Cornerstone and Company, LLC

    (Nov 12, 2014) The FTC alleged Cornerstone and Company, LLC posted consumers’ bank account and credit card numbers, birth dates, contact information, employers’ names, and information about debts the consumers allegedly owed on a public website. The complaint alleged that the debt seller exposed this sensitive information in the course of trying to sell portfolios of past-due payday loan, credit card, and other purported debt. Read More

    Bayview Solutions, LLC

    (Nov 12, 2014) According to the FTC, Bayview Solutions, LLC posted unencrypted documents online containing consumers’ names, addresses, credit card numbers, bank account numbers, and amounts the consumers allegedly owed. The sensitive data was posted on a website geared for debt buyers, sellers, and other members of the debt collection industry, but accessible to anyone with an internet connection. Read More


Contact the IAPP Westin Research Center at