FuboTV, a prominent over-the-top streaming service specializing in live sports, news, and entertainment, has recently agreed to a significant settlement addressing allegations of improper user data handling. Founded in 2015 as a soccer-focused platform, Fubo has evolved into a comprehensive virtual multichannel video programming distributor (vMVPD) serving audiences in the United States, Canada, and Spain. With a subscriber base exceeding 2 million globally as of early 2025, the company offers over 100 channels, cloud DVR, 4K streaming, and features like multiviewing on select devices, positioning itself as a sports-first alternative to traditional cable. However, this growth has been accompanied by legal challenges, including a fresh $3.4 million class-action settlement over claims of illegally sharing user data with advertisers. This is just another one of the many multi-million dollar privacy pay outs that we’ve covered between state privacy laws and regulators clamping down it’s a great time to work with Captain Compliance to put privacy software tools in place to help manage legal requirements.
The Lawsuit: Allegations of Privacy Violations
The class-action suit, filed in December 2023 by plaintiff Ne’Tosha Burdette, accused FuboTV of breaching multiple privacy laws by collecting and disclosing users’ personally identifiable information (PII) without proper consent. Central to the claims was the Video Privacy Protection Act (VPPA), a federal law prohibiting the unauthorized sharing of video viewing histories. Additional violations alleged under California state laws included the California Invasion of Privacy Act (CIPA) and California Civil Code § 1799.3, which address unauthorized interception of communications and disclosure of personal records.
According to the complaint, Fubo employed tracking technologies such as pixels and cookies across its web, mobile, and connected TV platforms to gather data on users’ viewing habits, locations, devices, and content interactions. This information was purportedly shared with third-party advertisers to enable targeted ads, despite Fubo’s privacy policy at the time stating it would only share non-PII without consent. Plaintiffs argued that such practices exposed sensitive details, potentially leading to damages of up to $2,500 per VPPA violation and similar penalties under CIPA. With Fubo boasting around 1.6 million U.S. subscribers in 2023, the potential liability could have soared into billions if the case proceeded to trial.
Fubo denied any wrongdoing, emphasizing in statements that the settlement was pursued to sidestep the costs and uncertainties of prolonged litigation. The company maintained it had not engaged in improper conduct but opted for resolution to focus on core operations.
Settlement Details and Claimant Eligibility
Announced in July 2025, the $3.4 million settlement fund covers compensation for affected users, administrative costs, attorneys’ fees (up to $1.36 million), and service awards for class representatives (up to $12,500 total). Eligible individuals include U.S. residents who had or used a FuboTV account before May 29, 2025—the date of the company’s last privacy policy update. Claimants in California may receive 10% more than the standard pro rata payment due to additional state law protections.
To participate, users must file claims by September 12, 2025, either online via the settlement website or by mail. Required information includes email addresses linked to the account, approximate account creation and closure dates, and years of usage. Payouts, distributed electronically or by check, are expected 60 days after final court approval, scheduled for a hearing on October 6, 2025. Those wishing to opt out must do so by August 28, 2025.
Privacy Lawsuits Targeting Connected TV Providers: A Growing Wave of Scrutiny
In the rapidly evolving landscape of connected television (CTV), where smart TVs and streaming devices blend entertainment with data-driven advertising, privacy lawsuits have surged as consumers and regulators push back against unchecked data collection. These cases often revolve around allegations that CTV providers secretly track viewing habits, device information, and personal identifiers, sharing them with advertisers without adequate consent. A landmark example is the Vizio Smart TV class-action lawsuit, which highlighted how manufacturers embed tracking software into devices to monetize user data. Filed in 2015, the suit accused Vizio of using its “Smart Interactivity” feature to capture second-by-second viewing data from over 11 million TVs, including IP addresses, zip codes, and content details, then selling this information to third parties for targeted ads. Plaintiffs claimed violations of the Video Privacy Protection Act (VPPA), Wiretap Act, and state privacy laws, arguing that Vizio failed to disclose the extent of surveillance in its privacy policies. The case settled for $17 million in 2018, providing cash payments and injunctive relief to affected owners, while a separate FTC action fined Vizio $2.2 million for deceptive practices. This dual resolution underscored the dual threats of civil litigation and regulatory enforcement, forcing Vizio to overhaul its data practices and obtain explicit user opt-ins.
Beyond Vizio, similar suits have targeted other CTV giants, reflecting broader industry trends. For instance, Samsung faced scrutiny in 2015 when reports revealed its smart TVs were listening to users via voice recognition features, potentially transmitting audio data to servers without clear consent, though no major settlement ensued. LG Electronics encountered a class action in 2014 alleging that its TVs collected file names from connected USB devices and sent them to servers, violating privacy expectations; the case settled quietly with policy changes. More recently, Roku has been embroiled in VPPA lawsuits, with plaintiffs claiming the platform shares viewing histories with advertisers through tracking pixels and cookies, enabling personalized ads across devices. In one 2023 filing, users accused Roku of disclosing personally identifiable information (PII) like email addresses tied to watched content, potentially exposing sensitive habits. Tubi, a free ad-supported streaming service, faced parallel claims in 2024 for using Meta Pixels to track video interactions and share data without VPPA-compliant consent, part of a wave exceeding 250 VPPA suits that year—up from 137 in 2023.
These lawsuits stem from the VPPA, a 1988 law originally aimed at video rental privacy but now applied to digital streaming, prohibiting unauthorized disclosure of viewing records. CTV providers argue that anonymized data or opt-out options suffice, but courts increasingly side with plaintiffs, emphasizing the need for transparent consent. The economic stakes are high: with CTV ad revenue projected to hit $30 billion by 2025, data is the lifeblood, yet breaches can lead to massive liabilities. For example, potential damages under VPPA reach $2,500 per violation, ballooning class actions into billions. Broader implications include insurance coverage disputes, as seen in a 2020 Fourth Circuit ruling that CGL policies might cover privacy claims from data incidents. Providers like Samba TV and Alphonso have also faced criticism for syncing TV data with mobile ads, prompting feuds and calls for better privacy models. As smart TVs become ubiquitous over 80% of U.S. households own one—lawsuits highlight inherent conflicts between advertiser demands for granular data and user privacy rights. Regulators, including the FTC, advocate for investigations into data harvesting, urging opt-in defaults and clear disclosures. This litigation wave signals a pivotal shift, compelling CTV companies to prioritize ethical data use or risk escalating legal and reputational costs.
Video Game Privacy Litigation: Emerging Battles Over Data and Consent
The video game industry, valued at over $200 billion globally, has become a hotbed for privacy litigation as developers collect vast amounts of player data through online features, apps, and websites. These cases often invoke laws like the VPPA, Children’s Online Privacy Protection Act (COPPA), and state statutes, accusing companies of unauthorized data sharing, inadequate consent mechanisms, and targeting minors. A notable example is the 2024 settlement involving Tilting Point Media LLC, a mobile game developer behind titles like “SpongeBob: Krusty Cook-Off.” The California Attorney General and Los Angeles City Attorney alleged violations of COPPA and the California Consumer Privacy Act (CCPA) for collecting personal information from children under 13 without verifiable parental consent, using deceptive age screens, and allowing third-party SDKs to sell or share kids’ data for targeted ads—including inappropriate ones for marijuana. Tilting Point settled for $500,000, committing to enhanced compliance measures like neutral age gates, annual SDK audits, and just-in-time privacy notices, deeming SpongeBob games as child-directed.
Ubisoft, a major studio, successfully defended against a class action in Lakes v. Ubisoft, Inc. (2025), where plaintiffs claimed VPPA and California Invasion of Privacy Act breaches via Meta Pixels on its website, disclosing PII like viewing histories from game trailers. The Northern District of California dismissed the suit with prejudice, ruling that users consented through cookie banners, Privacy Policy acceptance, and account creation terms. However, Ubisoft faced another complaint from privacy firm noyb in 2025 over Assassin’s Creed: Mirage, alleging excessive data connections to external servers (150 in 10 minutes) and forced online play for single-player modes, potentially violating EU GDPR.
GameFly, a video game rental and streaming service, is under investigation for VPPA violations, with claims it embedded tracking pixels in cut-scenes and shared subscribers’ viewing histories with third parties like Facebook without explicit consent. Eligible users from the last two years may join class actions for compensation. Epic Games’ 2023 FTC settlement of $520 million addressed COPPA lapses in Fortnite, including default voice chat for kids and unauthorized charges, highlighting exploitation of minors. VPPA trends in 2024 show courts expanding its scope to games with “cut scenes” as video content, qualifying developers as “video tape service providers” if PII links to viewing behavior. Cases like those against online casinos clarify boundaries, but subscription models (e.g., newsletters tied to game videos) broaden liability. Overall, these suits emphasize robust privacy policies, consent banners, and child protections, amid rising class actions blending privacy with addiction claims.
Fubo’s Privacy Violation Legal Settlement and Industry Trends
This settlement arrives amid a turbulent period for Fubo. In early 2025, the company reached a deal with The Walt Disney Company for a 70% acquisition stake, potentially merging with Hulu’s live TV offerings by mid-2026. This followed Fubo’s antitrust lawsuit against Disney, Fox, and Warner Bros. Discovery over their now-abandoned Venu Sports venture, which Fubo claimed stifled competition—a case resolved as part of the acquisition agreement. Additionally, Fubo has expanded partnerships, such as with DAZN for sports content and Weigel Broadcasting for networks, while growing its subscriber base through features like over-the-air sports streaming in U.S. markets.
The case reflects a surge in privacy enforcement within the streaming sector. Over 250 VPPA lawsuits were filed in 2024 alone, up from 137 the previous year, targeting platforms like Viki, Roku, and Tubi for similar data without consent. Experts highlight the necessity for enhanced data controls, including real-time audits of tracking tools and consent mechanisms across platforms, to mitigate risks associated with sensitive information like viewing histories. For consumers, it serves as a cautionary note on how streaming services handle personal insights, urging greater attention to privacy policies.
As Fubo moves to put this behind it, the settlement not only provides redress for users but also signals the escalating accountability tech companies face in safeguarding data privacy.
For more information on privacy compliance and to learn how we can help with your privacy needs book a demo below.