Data privacy & misuse lawsuits & cases
Unauthorized harvesting, sharing, or misuse of personal data — from quiz-app scraping to deceptive privacy practices and regulatory privacy enforcement.
3 tracked cases
- Regulatory actionFine 2018; settled Oct 2019
UK ICO v. Facebook (Cambridge Analytica fine)
Meta/Facebook · United Kingdom
The UK ICO fined Facebook £500,000 (the maximum under the pre-GDPR Data Protection Act 1998) for failing to safeguard users’ personal information and for lack of transparency in connection with the Cambridge Analytica scandal. After initially appealing, Facebook agreed to pay the fine in an October 2019 settlement without admitting liability.
- SettledSettled Jul 24, 2019 ($5B)
FTC v. Facebook, Inc. ($5 billion privacy settlement)
Meta/Facebook · United States (federal)
The FTC imposed a record $5 billion penalty on Facebook to settle charges that it violated a 2012 FTC order by deceiving users about their ability to control the privacy of their personal information — a matter brought into focus by the Cambridge Analytica scandal. The settlement imposed sweeping new privacy restrictions, independent third-party assessments, and 20 years of compliance monitoring. It was the largest privacy penalty ever assessed by the U.S. government at the time.
- Regulatory actionAction 2019
FTC v. Cambridge Analytica, LLC
Cambridge Analytica (data harvested from Facebook) · United States (federal)
The FTC filed an administrative complaint against Cambridge Analytica and settled with its former CEO and an app developer over the deceptive harvesting of personal information from tens of millions of Facebook users via a personality-quiz app, which was used for voter profiling. The action was part of the FTC’s broader response to the Cambridge Analytica scandal.
Other harm types
Informational summaries compiled from public sources cited on each case page. Not legal advice. Verify current status with primary sources.