Skip to Content Skip to Navigation

At some point in the future, your personal information and privacy may be compromised or processed without your consent.

But how can you report a privacy violation, and who is responsible for enforcing the law?

It short, it depends on the circumstances — namely, the nature of the violation, and where you live. As of this blog post, for example, the US currently has no unifying data protection law or enforcement agency, so the business of regulating privacy often happens on a state-by-state basis.

What do you do when your data rights are violated?

Generally, it’s recommended that consumers send their first complaint to the offending company or website. Most privacy-aware businesses will have their contact details clearly stated in their privacy policy, and have a process in place to deal with direct complaints from their customers.

Many minor privacy infractions, such as mess-ups in newsletter subscriptions or out-of-date information appearing in your accounts, can be resolved through direct complaints without the matter ever escalating into more complicated territory.

However, if this doesn’t work out, you may need to take it to a higher authority.

What happens when a direct complaint doesn’t work?

According to the US Federal Trade Commission (FTC) website, consumers in the United State should submit a complaint through the FTC’s Complaint Assistant if a company has been collecting or sharing their personal data without their permission. For identity theft or data breaches, consumers are advised to visit IdentityTheft.gov to both report and recover their personal information.

While the penalties for offending businesses are determined by the applicable regulation, in most cases, they are fined a considerable amount of money. In 2019, the FTC imposed a “record breaking” civil penalty of $5 billion on Facebook for lying about how personal data was being used, amongst other alarming violations of user privacy and trust. Alongside independent agencies like the FTC, US state and federal governments may also hand down additional fines to businesses that violate applicable privacy laws.

As your personal data is increasingly tracked, shared and sold by the services you interact with every day, it’s important to know your rights and hold companies accountable for failing to protect your privacy.

If you’re a business owner, keeping the communication lines open with your customers, giving them a fast-tracked way to air their concerns and have their complaints promptly resolved, could also save you a lot of grief (and money) down the track.

Does your business need a privacy policy?

Create one with GetTerms.io in under two minutes. Generate a privacy policy now.