Free Cookie & Pixel Scan
Mitigate Data Privacy Compliance Risks
CHECK YOUR LIABILITY NOW
INPUT YOUR WEBSITE BELOW TO GET STARTED
☐By submitting this form, you consent to Captain Compliance scanning for potential risks, cookies, and pixels. We will also provide a report to your email with the scanned information in accordance with our privacy policy.*
Instant Report
Privacy Laws Govern the Use of Trackers, Cookies and Pixels
This guide highlights laws that have been referenced in web tracker lawsuits, identifies which have a private right of action, as well as provides examples of related settlements or regulatory fines.
Notable State Law Examples
JANUARY 1, 2023
California Privacy Rights Act (CPRA)
The only comprehensive state laws with a private right of action ranging from $100-$750 per consumer per incident.
ENACTED 1981, AMENDED 2023
California Confidentiality of Medical Information Act (CMIA)
Private right of action up to $2,500 per violation.
MARCH 31, 2024
Washington My Health My Data Act
Private right of action – Washington residents can sue for actual damages up to $25,000 under the Washington Consumer Protection Act.
Notable Federal Law Examples
ENACTED IN 1988
Video Privacy Protection Act (VPPA)
Private right of action up to $2,500 per violation.
ENACTED IN 2000
Children’s Online Privacy Protection Act (COPPA)
ENACTED IN 1996
HIPAA – Health Breach Notification Rule, HIPAA Privacy Rule
ENACTED IN 2009
Health Information for Economic and Clinical Health Act (HITECH Act)
ENACTED IN 1999
Gramm-Leach-Bliley Act – Privacy of Consumer Financial Information Rule
Recent Lawsuits & Regulatory Actions
Regulatory Actions
Jan. 2024 – NY State AG Hits NYP With $300K Fine for Web Tracker Use Under the HITECH Act.
March 2023 – BetterHelp is Fined $7.8 Million for Sharing Sensitive Health Data for Advertising by the FTC.
Feb. 2023 – GoodRx Ordered to Pay a $1.5 Million Civil Penalty for Use of Trackers by the FTC.
Aug. 2022 – Sephora Fined $1.2 Million for Violating California’s CCPA.
Sept. 2020 – Glow Fertility App is Fined $250,000 by California AG Under the California CMIA.
Notable GDPR Fines