US Accessibility & Privacy Enforcement Overview

Active Enforcement Environment

The United States has one of the most active digital compliance enforcement environments in the world, with multiple federal agencies, 50 state attorneys general, and private plaintiffs pursuing accessibility and privacy violations.

2024 Enforcement Statistics

8,800+

ADA Title III Lawsuits

$7.9B

Privacy Fines (FTC)

150+

State AG Privacy Actions

25+

DOJ ADA Settlements

Federal Enforcement Agencies

Department of Justice (DOJ)
Jurisdiction:
  • ADA Title II: State and local government accessibility
  • ADA Title III: Private business accessibility
  • Section 508: Federal agency accessibility oversight
Enforcement Powers:
  • Civil rights investigations and compliance reviews
  • Pattern or practice lawsuits
  • Settlement agreements and consent decrees
  • Civil penalties: Up to $75,000 first violation, $150,000 subsequent
Recent Focus Areas:
  • State and local government website accessibility
  • Higher education accessibility
  • Healthcare provider digital services
  • Voting and election accessibility
Federal Trade Commission (FTC)
Jurisdiction:
  • COPPA: Children's Online Privacy Protection Act
  • Section 5: Unfair and deceptive trade practices (privacy)
  • GLBA: Gramm-Leach-Bliley Act (financial privacy)
  • HIPAA: Health Insurance Portability and Accountability Act (in coordination with HHS)
Enforcement Powers:
  • Civil penalties up to $50,120 per violation (COPPA)
  • Injunctions and consent orders
  • Monetary relief for consumers
  • Ongoing compliance monitoring
Record Penalties (2023-2024):
Meta (Facebook) $5 billion - Cambridge Analytica
Amazon $31 million - Ring/Alexa violations
Epic Games $520 million - COPPA/dark patterns
HHS Office for Civil Rights (OCR)
Jurisdiction:
  • Section 504: Disability discrimination in federally funded programs
  • Section 1557: Nondiscrimination in healthcare (ACA)
  • HIPAA: Health information privacy and security
Focus Areas:
  • Hospital and healthcare provider website accessibility
  • Patient portal accessibility
  • Telehealth accessibility
  • Health information data breaches
Department of Education OCR
Jurisdiction:
  • Section 504: Federally funded educational programs
  • ADA Title II: Public schools and universities
Resolution Agreements (2020-2024):
  • 500+ accessibility complaints resolved
  • Major university settlements for LMS accessibility
  • K-12 technology procurement requirements

State Enforcement

State Attorneys General

State AGs have become increasingly active in both accessibility and privacy enforcement:

Privacy Enforcement:
  • California AG: CCPA/CPRA enforcement, $100M+ in actions
  • New York AG: Major data breach settlements
  • Texas AG: Aggressive privacy enforcement
  • Multi-state actions: 48-state settlement with Google ($391.5M)
  • BIPA enforcement: Illinois AG pursuing biometric violations
State Privacy Laws with AG Enforcement:
State Law Max Penalty per Violation
California CCPA/CPRA $7,500 intentional / $2,500 unintentional
Virginia VCDPA $7,500
Colorado CPA $20,000
Connecticut CTDPA $5,000
Illinois BIPA $5,000 intentional / $1,000 negligent

Private Litigation

ADA Website Lawsuits
Lawsuit Volume (2024):
  • 8,800+ federal ADA Title III lawsuits filed
  • 4,187 specifically targeting website accessibility
  • 7% increase from 2023
Top Target Industries:
  1. Retail/E-commerce (30%)
  2. Food Service (20%)
  3. Healthcare (15%)
  4. Hospitality (15%)
  5. Other (20%)
Remedies Available:
  • Injunctive relief (must fix website)
  • Attorney's fees (often $15,000-$50,000)
  • Compensatory damages (some circuits)
Privacy Class Actions
Litigation Trends:
  • BIPA class actions averaging $100M+ settlements
  • VPPA (Video Privacy) claims resurging
  • CCPA private right of action for breaches
  • State wiretapping law claims for tracking
Notable Settlements (2023-2024):
Facebook BIPA $650M
TikTok BIPA $92M
Clearview AI BIPA $50M (proposed)

Common Enforcement Triggers

Trigger Accessibility Privacy
Consumer complaint
Advocacy group complaint
Data breach notification
Plaintiff attorney outreach
News/media investigation
Competitor report
Agency sweep/audit

Reducing Enforcement Risk

Accessibility
  • Regular accessibility audits
  • WCAG 2.1 Level AA compliance
  • Accessibility statement with contact
  • User testing with disabled users
  • Staff training on accessibility
  • Vendor accessibility requirements
Privacy
  • Privacy program with written policies
  • Consent management platform
  • Honor opt-out requests (GPC)
  • Data inventory and mapping
  • Incident response plan
  • Vendor due diligence
Enforcement Alert

8,800+ ADA lawsuits were filed in 2024. Is your organization compliant?

Compliance Guide
Enforcement Resources
Get Compliant