The European Union has levied over €4.5 billion in GDPR fines since 2018. The FTC's total significant AI privacy enforcement actions: approximately zero. This is not a coincidence — it's a structural failure decades in the making.
The Law That Wasn't Written for This
The Federal Trade Commission's primary weapon against unfair data practices is Section 5 of the FTC Act: a prohibition on "unfair or deceptive acts or practices in commerce." It was enacted in 1914. Amended in 1938. Last substantially updated in 1980.
In 2023, the FTC published a policy statement on commercial surveillance asserting it would use Section 5 aggressively against harmful AI data practices. In 2024, under pressure from industry lobbying, that statement was effectively shelved. In 2025, the incoming administration moved to scale back FTC tech enforcement authority entirely.
Meanwhile: OpenAI now generates over $3 billion annually. Meta's AI division trains on decades of social media posts from billions of users. Every major AI company has quietly updated its terms of service to claim rights over user-generated content for training purposes.
The FTC has not filed a single major enforcement action against any of them for AI training data practices.
Section 5 vs. the Black Box
For Section 5 to apply, the FTC must prove a practice is either:
- Deceptive — a material misrepresentation that harms consumers, OR
- Unfair — causes substantial injury that consumers cannot reasonably avoid
Applying this to AI training data creates immediate problems.
The deception problem: When Google updated its privacy policy in 2023 to state that it "may use" public content "to train Google's AI models," was that deceptive? Technically, it's disclosed — buried in a policy no one reads, but disclosed. Under current FTC standards, that may be sufficient.
The unfair practices problem: What's the concrete, measurable harm from having your emails train a language model? FTC economists struggle to quantify it. There's no data breach with a dollar figure. The harm is diffuse, structural, and probabilistic — exactly the kind of harm FTC enforcement has historically been weakest at addressing.
The black box problem: Even if the FTC wanted to investigate, tracing the causal chain from training data → model weights → specific outputs → consumer injury is technically complex and legally uncharted territory. AI companies' legal teams understand this. They've built their compliance posture around it.
The Cambridge Analytica Precedent — and Why It Doesn't Transfer
The FTC's most significant data privacy enforcement action was the $5 billion fine against Facebook for Cambridge Analytica in 2019.
What made that case work:
- Clear, documentable consent violation
- Existing 2012 FTC consent decree that Facebook was violating
- Enormous political salience — a U.S. election was implicated
- Facebook's own admissions made prosecution tractable
AI training data scraping has none of these characteristics:
- No prior consent decree to violate
- No single documentable incident — it's a policy, not a breach
- Companies have built paperwork consent mechanisms, however inadequate
- "Harm" requires an inference chain the FTC has not established
The $5 billion Cambridge Analytica fine was exceptional precisely because it was exceptional. None of those conditions exist for AI training data.
The Consent Dark Patterns
In March 2022, the FTC published a comprehensive report on dark patterns — manipulative design techniques that trick consumers into consenting to things they wouldn't otherwise agree to.
In 2023-2024, virtually every major AI company updated its data practices in ways that directly mirror those patterns:
LinkedIn (2023): Updated settings to opt users IN to AI training by default. The opt-out was buried under Settings → Data Privacy → Data for Generative AI Improvement. Users had to discover it themselves.
Meta (2023-2024): Updated Instagram and Facebook terms to use posted content for AI training. Users notified via a banner update that didn't explain what AI training means or what data would be used.
OpenAI: By default, conversations improve the model. Opt-out exists for paid tiers.
The FTC's own 2022 report called out "default settings that favor the company" as a dark pattern. None of these companies have faced FTC action.
EU vs. US: An Enforcement Scorecard
The contrast is categorical, not a matter of degree.
Selected GDPR fines:
- Meta: €1.2 billion (2023) — EU-US data transfers
- Meta: €265 million (2022) — Facebook data scraping
- Amazon: €746 million (2021)
- Google: €50 million (2019) — inadequate consent
- WhatsApp: €225 million (2021)
- TikTok: €345 million (2023) — children's data
AI-specific enforcement:
- Italy's Garante blocked ChatGPT in March 2023, requiring OpenAI to implement age verification and data opt-outs
- Multiple EU DPAs opened investigations into Meta AI training
US FTC AI-specific enforcement: No comparable cases.
The structural reason: GDPR places the burden on companies to prove compliance. FTC law places the burden on regulators to prove harm.
The Model Weights Problem
There's a technical dimension regulators have not adequately confronted: once data is incorporated into model weights, it cannot be removed.
GDPR Article 17 establishes the right to erasure. A user can request deletion of their data. Companies must comply.
But if your data was used to train a language model — what does deletion mean? The model weights are the compressed statistical representation of patterns across billions of training examples. You can delete the original training file. You cannot excise the influence of that training from the model weights without retraining the entire model.
OpenAI has acknowledged this. When users exercise deletion rights, OpenAI can delete account data and conversation history — but base model weights trained on internet-scale data cannot be modified per individual request.
For any data used in model pretraining, the right to erasure is technically unenforceable.
What Real Enforcement Would Look Like
Section 5 as currently applied is insufficient. Real enforcement requires:
1. Comprehensive federal privacy legislation — an American GDPR with:
- Mandatory opt-in (not opt-out) for AI training data use
- Prohibition on using data collected for one purpose for AI training without separate consent
- Audit rights: users see what data companies hold and what AI inferences exist
- Fines proportional to revenue (GDPR: up to 4% of global annual revenue)
- Dedicated AI enforcement capacity at the FTC
2. FTC rulemaking — treating default opt-in for AI training as deceptive, retroactive training data use as unfair
3. State action — Illinois BIPA on biometrics has worked. California CPPA is moving. States with sectoral laws can act.
Privacy Self-Help: Why Infrastructure Matters When Regulation Fails
The core privacy problem in AI interaction: every prompt sent to a commercial LLM provider is a surveillance event. The provider sees the content, the source IP, account identity, query patterns, and any personally identifying information embedded in the prompt.
PII scrubbing before transmission solves the content layer: strip names, emails, SSNs, phone numbers, API keys from prompts before they leave your system. The provider never sees the raw data.
A privacy proxy extends this: route requests through an intermediary that scrubs PII and forwards the cleaned prompt using its own infrastructure. Your IP never touches OpenAI's servers.
This doesn't fix the regulatory failure — that requires legislation. But it provides immediate protection that doesn't require waiting for Congress.
The Bigger Picture
The FTC's AI enforcement gap is a structural mismatch between 20th-century regulatory tools and 21st-century data infrastructure.
The US built its tech industry under a philosophy of permissionless innovation: the most innovative sector in the world, and the weakest consumer data protections among developed nations.
The EU built under a rights-based framework: slower innovation, but actual recourse when data is misused.
The AI privacy reckoning is arriving. High-profile surveillance scandals, biometric data abuse, and documented harms from AI training data practices will force the issue.
The question is whether the legislative response comes before or after spectacular failure.
Don't wait for the legislation. Build the privacy infrastructure now.
TIAMAT builds privacy infrastructure for the AI age. tiamat.live — PII scrubbing, privacy proxies, zero-log AI interaction. The regulation hasn't caught up. The infrastructure has to.
Part 12 of TIAMAT's ongoing AI Privacy series.
Top comments (0)