Published in Law360 on January 15, 2025. © Copyright 2025, Portfolio Media, Inc., publisher of Law360. Reprinted here with permission.

State attorneys general across the U.S. took bold steps in 2024 to address unlawful activities by corporations in several areas, including privacy and data security, financial transparency, children’s internet safety, and other overall consumer protection claims.

These efforts were not only about enforcement but also about setting new precedents and pushing the boundaries of existing laws to better protect consumers in an increasingly complex digital and financial landscape.

State attorneys general’s efforts to address these areas, and others, in 2024 included record-breaking settlements and aggressive litigation, focusing on interstate coalitions targeting specific legal issues. This dynamic strategy underscores a commitment to not only address immediate concerns, but also to lay the groundwork for stronger regulatory frameworks and more robust consumer protections in the years to come.

In this first of two articles, we walk through notable state attorney general litigation and settlements in these areas in 2024. In part two, we discuss where we expect state attorneys general to focus their attention in 2025.

Privacy and Data Security

This past year, the California and Texas attorneys general led the way on privacy and data security actions.

In February, California Attorney General Rob Bonta announced a settlement with DoorDash[1] —The People of the State of California v. DoorDash Inc., in the Superior Court of the State of California, County of San Francisco — to resolve allegations that the company violated the California Consumer Privacy Act and the California Online Privacy Protection Act by selling consumers’ personal information without proper notice or an opportunity to opt out.

Bonta’s investigation allegedly revealed that DoorDash participated in a marketing cooperative where businesses exchanged customer personal information for advertising purposes, without disclosing this practice within the company’s privacy policy.

Despite being notified of noncompliance before the California Consumer Privacy Act’s right-to-cure violations expired, DoorDash allegedly failed to rectify the situation as it could not restore affected consumers to their original position or identify which downstream companies had received the data. As part of the settlement, DoorDash agreed to pay a $375,000 civil penalty and adhere to injunctive terms.

In June, Texas Attorney General Ken Paxton announced[2] a new team within the Consumer Protection Division to enforce Texas’ privacy laws, including the Texas Data Privacy and Security Act, effective July 1, 2024. This team, the largest of its kind in the U.S., will handle cases under multiple laws, such as the Identity Theft Enforcement and Protection Act, the Data Broker Law, state laws like the California Online Privacy Protection Act, and federal laws like the Health Insurance Portability and Accountability Act.

The Texas Data Privacy and Security Act mandates consumer data access, editing, deletion and opt-out options, with violations penalized up to $7,500. This unit signifies a shift toward prioritizing privacy enforcement, reflecting the rapid growth of privacy laws and increasing data breaches.

In July, Paxton secured a record-breaking $1.4 billion settlement with Meta — in State of Texas v. Meta Platforms Inc., in the 71st District Court of Harrison County, Texas — over alleged biometric privacy violations. This landmark case focused on Meta’s collection of facial recognition data without proper consent, signaling a firm stance against misuse of consumer information.

Just two months later, Paxton turned his attention to artificial intelligence, securing what his office called a “first-of-its-kind” settlement with Pieces Technologies,[3] an AI healthcare technology company. In State of Texas v. Pieces Technologies Inc., in the 191st District Court of Dallas County, Texas, Paxton’s office alleged the company made a series of false and misleading statements, including those regarding a series of metrics the company created regarding the accuracy and safety of its products.

A big stake in the ground is what comes next with AI. Paxton’s generative AI settlement is the first dot in what is expected to be a kaleidoscope of dots related to attorneys general regulating AI, and it wasn’t surprising that the first settlement was related to healthcare, where privacy and potential consumer harms based on inaccurate data are significant concerns.

Financial Transparency and Consumer Protection

Several state attorneys general targeted deceptive pricing practices in 2024 that allegedly misled consumers about the true costs of products and services, often thanks to junk fees and drip pricing.

In 2024, state attorneys general concentrated significantly on issues related to pricing and the disclosure of pricing, particularly targeting hidden fees. This focus was evident in sectors such as ticketing, hospitality and the online economy.

Both federal and state levels emphasized the necessity for companies to disclose the total price, including any unavoidable fees. This emphasis was enforced through both legislation and litigation. States like California and Minnesota have enacted or are about to enforce new laws to ensure that consumers are fully aware of the total cost of products and services upfront. These issues have reemerged as potential enforcement trends.

In late July, District of Columbia Attorney General Brian L. Schwalb made a splash when he sued StubHub[4] — in District of Columbia v. StubHub Inc., in the Superior Court of the District of Columbia — alleging the company engages in a deceptive and unfair practice of not showing consumers mandatory fees until they’re near the end of their transactions, and then failing to provide accurate information about the purpose of those fees or how they are calculated. Thus, consumers are shown a deceptively low fee during a long transaction process and pressured into purchasing tickets out of fear they might lose out on them, thanks to a countdown clock that creates a false sense of urgency.

California’s Consumers Legal Remedies Act, which became effective July 1, 2024, aims to eliminate drip pricing, which is a practice where the advertised price is lower than the actual price a consumer pays. The law prohibits advertising an initial low price for a product and then adding mandatory fees during the checkout process. All mandatory fees must be included in the total advertised price. However, the advertised price does not need to include government taxes, such as sales tax or shipping costs for physical goods.

Environmental Concerns

State attorneys general increased their focus on single-use plastics and recycling last year. In September, Connecticut’s Attorney General William Tong led a conference addressing the problems and potential solutions associated with plastics use and waste.[5] Panelists at the conference urged attorneys general to combat “greenwashing” by plastic producers and recyclers who overstate environmental benefits. They advocated for stricter
regulations and greater accountability for plastic waste and pollution.

In June, California issued petitions[6] to enforce subpoenas against the Plastics Industry Association and the American Chemistry Council, seeking documents related to the feasibility of plastic recyclability and trade association-funded studies. Both organizations filed lawsuits — American Chemistry Council Inc. v. Bonta, and Plastics Industry Association Inc. v. Bonta, in the U.S. District Court for the District of Columbia — claiming the subpoenas violated their First Amendment rights by undermining their ability to engage in open discourse, share information and develop public policy positions.

Additionally, 11 state attorneys general supported further intervention and controls related to plastics use. In March, they signed a letter[7] backing a proposed amendment from the General Services Administration to reduce single-use plastic packaging in federal procurements. The attorneys general suggested expanding the rule to include all single-use plastic products procured by the federal government, and requested that federal agencies publicly report their consumption of single-use plastic and nonrecyclable paper products to increase transparency.

These measures could potentially extend to the state level, requiring contractors to implement changes in manufacturing or supply chains.

Litigation and Resolution Trends

In 2024, state attorneys general increasingly demonstrated a willingness to file lawsuits against companies —when the majority of state attorney general investigations occurred through confidential investigations and lawsuits were reserved for the worst actors. We expect this new trend to continue as state attorneys general’s continue to recruit attorneys that have — or are seeking — additional courtroom experience.

In 2024, multistate attorney general coalitions were still navigating the pathway forward, particularly in identifying areas where they could act on a bipartisan level. A notable trend was the formation of multistate coalitions composed predominantly of either Democratic or Republican states. Despite this, states were actively seeking common ground in areas such as privacy and Big Tech.

It will be interesting to see if Big Tech somewhat changes in light of the increasing role that certain sectors from Big Tech are having with the new administration and how that will trickle down to the attorneys general. Traditional multistate activities, often driven by staff,continued to occur where party affiliation complexities were less critical.

In the courtroom, state attorneys general have historically been afforded significant judicial deference, benefiting from consumer protection laws that explicitly provide state attorneys general with broad latitude regarding what constitutes the unfair or deceptive acts that violate state consumer protection laws. Further, because state attorneys general typically reserved litigation for companies perceived to be the worst actors, case law has developed in a manner such that there are few unfavorable decisions.

However, if state attorneys general continue to be willing to litigate, we expect that sophisticated companies — and their counsel — will vigorously defend companies, testing the bounds of state attorneys general’s statutory authority.

As one such example, in 2022, the Colorado Supreme Court ruled that Attorney General Phil Weiser’s lawsuit against an electronic cigarette manufacturer — State ex rel. Weiser v. JUUL Labs Inc. —could not include four of the company’s executives as personal jurisdiction did not exist over said executives, explaining that Colorado did not provide “facts supporting a conclusion that any of the defendants expressly aimed their conduct at Colorado.”

Regarding resolving investigations and litigation, we’ve seen state attorneys general favor consent decrees over traditional settlement agreements as a resolution tool in 2024. Unlike settlement agreements, which state attorneys general argue can be more difficult to enforce, consent decrees carry the authority of court approval, making them legally binding and easier to monitor. By securing a consent decree, state attorneys general believe they are ensured the terms of the decree are enforceable through the courts, reducing the risk of disputes or noncompliance from the parties involved.

This preference reflects a broader shift toward prioritizing accountability and systemic reform, as consent decrees often include detailed compliance obligations, regular reporting and third-party oversight. According to state attorneys general, these consents offer a powerful mechanism to achieve long-term enforcement objectives and to address public interest concerns more effectively than settlement agreements alone.

Conclusion

In part two of this series, we consult our crystal ball and discuss the areas state attorneys general may focus their attention on in 2025.

[1] https://oag.ca.gov/news/press-releases/attorney-general-bonta-announces-settlement-doordash-investigation-finds-company.
[2] https://www.regulatoryoversight.com/2024/06/texas-ag-launches-data-privacy-team/.
[3] https://www.regulatoryoversight.com/2024/09/takeaways-from-texas-ags-novel-ai-health-settlement/#more-20343.
[4] https://www.regulatoryoversight.com/2024/08/district-of-columbia-ag-sues-stubhub-for-alleged-dark-patterns-and-hidden-fees/.
[5] https://www.regulatoryoversight.com/2024/10/are-plastics-the-new-pfas/.
[6] https://www.regulatoryoversight.com/2024/06/california-ag-enforces-subpoena-plastic-lobbying-groups-respond-with-lawsuit/.
[7] https://www.regulatoryoversight.com/2024/03/11-ags-sign-letter-in-support-of-gsas-proposed-rule-on-plastic-packaging/.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Chris Carlson Chris Carlson

Chris Carlson represents clients in regulatory, civil and criminal investigations and litigation. In his practice, Chris regularly employs his prior regulatory experience to benefit clients who are interacting with and being investigated by state attorneys general.

Read more about Chris CarlsonChris's Linkedin Profile
Photo of Clayton Friedman Clayton Friedman

Clayton is a partner in the firm’s Regulatory Investigations, Strategy + Enforcement (RISE) Practice Group and co-leader of the State Attorneys General practice, multidisciplinary teams with decades of experience crafting effective strategies to help deter or mitigate the risk of enforcement actions and…

Clayton is a partner in the firm’s Regulatory Investigations, Strategy + Enforcement (RISE) Practice Group and co-leader of the State Attorneys General practice, multidisciplinary teams with decades of experience crafting effective strategies to help deter or mitigate the risk of enforcement actions and litigation.

Read more about Clayton Friedman
Show more Show less
Photo of Ashley L. Taylor, Jr. Ashley L. Taylor, Jr.

Ashley is co-leader of the firm’s nationally ranked State Attorneys General practice, vice chair of the firm, and a partner in its Regulatory Investigations, Strategy + Enforcement (RISE) Practice Group. He helps his clients navigate the complexities involved with multistate attorneys general investigations…

Ashley is co-leader of the firm’s nationally ranked State Attorneys General practice, vice chair of the firm, and a partner in its Regulatory Investigations, Strategy + Enforcement (RISE) Practice Group. He helps his clients navigate the complexities involved with multistate attorneys general investigations and enforcement actions, federal agency actions, and accompanying litigation.

Read more about Ashley L. Taylor, Jr.Ashley L.'s Linkedin Profile
Show more Show less
Photo of Michael Yaghi Michael Yaghi

Michael is a partner in the firm’s State Attorneys General and Regulatory Investigations, Strategy + Enforcement (RISE) Practice Groups, nationwide teams that advise clients on consumer protection enforcement matters and other regulatory issues. Based in the firm’s Orange County office, Michael represents high-profile…

Michael is a partner in the firm’s State Attorneys General and Regulatory Investigations, Strategy + Enforcement (RISE) Practice Groups, nationwide teams that advise clients on consumer protection enforcement matters and other regulatory issues. Based in the firm’s Orange County office, Michael represents high-profile clients in regulatory enforcement investigations involving all facets of their business, including but not limited to, advertising and sales practices, monthly membership programs, auto renewal programs, telemarketing and telephone solicitations, door-to-door sales practices, and endorsements. Having begun his career as a commercial litigator, he also supports clients throughout litigation, should an investigation move in that direction.

Read more about Michael Yaghi
Show more Show less
Related Posts
Reyes_Lu_168132
Troutman Pepper Locke Bolsters Regulatory Investigations, Strategy and Enforcement Practice Group With Highly Acclaimed Regulatory Partner Luis A. Reyes
February 4, 2025
 Washington AG Brown Leashes $3.75M Settlement With Puppyland Over Deceptive Advertising and Sales Practices
January 30, 2025
TPL_RegOversightBlog_StateAG_2024YIR_B
2024 State AG Year in Review
January 30, 2025