Your data is valuable, and when it’s misused, it puts you at potential risk through no fault of your own. As the years go by and our lives become more online, info breaches have become an increasingly common issue. According to Nasdaq, personal data leaks increased exponentially from 2020 to 2022. Last year, they affected over 422 million individuals. With that said, here are some of the most significant data breach fines issued by the federal government.
Twitter- $150 Million
In May 2022, the FTC fined Twitter $150 million for falsely representing the company’s data privacy practices. The company had violated a 2011 settlement with the federal watchdog for failing to protect consumer information. Twitter had allegedly used personal data collected for security purposes for targeted advertisements. The company misused the information of over 140 million users between 2014 and 2019 to boost revenue.
Google- $170 million
In 2019, the Federal Trade Commission issued a then record-setting $170 million fine to Google and its subsidiary, YouTube. The settlement stemmed from the tech company violating the 1998 Children’s Online Privacy Protection Act (COPPA). YouTube allegedly knowingly showed targeted advertisements to kids under thirteen, breaking the law. The FTC issued the penalty in two parts, $136 million for violating COPPA and $34 million to New York State.
Epic Games- $520 million
At publication, the FTC’s $520 million penalty against Epic Games includes one of the largest sums levied against a company. The video game maker had allegedly tricked swathes of children into purchasing “V-Bucks,” in-game currency for the game Fortnite. The fine included two charges, $275 million for violating COPPA, the biggest single sum ever collected by the FTC. And $245 million in refunds for using “dark patterns,” or intentionally confusing user interfaces, to trick kids into spending money.
Additionally, Epic Games allegedly exposed children to harm by leaving in-game communications on by default. The setting allowed children to communicate with strangers, opening them up to bullying and “psychologically traumatizing issues” while playing Fortnite.
Equifax- $575 million
In 2019, Equifax agreed to pay at least $575 million in a global settlement with the Federal Trade Commission. The consumer credit reporting agency exposed the personal data of about 147 million people in a 2017 data leak. The commission ordered Equifax to pay $300 million to a fund for people affected by the leak. And they agreed to pay an extra $125 million if the initial $300 million wasn’t enough to cover the damages.
Additionally, the company paid $175 million to 48 states, the District of Columbia, and Puerto Rico. The FTC also ordered Equifax to provide all US consumers with six free credit reports annually for seven years.
Facebook- $5 billion
The Federal Trade Commission’s $5 billion fine against Facebook in 2019 is the most significant federal data protection penalty ever imposed. It’s over 20 times larger than any other data breach fines issued worldwide. And it’s one of the highest penalties ever issued by the federal government for any reason.
Facebook agreed to a twenty-year settlement and was required to overhaul its data privacy policies completely. The company had allegedly violated a 2012 order by the FTC by falsifying platform users’ control of their personal data. In relation, Meta settled a $725 million class-action lawsuit for improperly allowing data analytics firm Cambridge Analytica to access user information.
