Florida Attorney General James Uthmeier has issued a series of subpoenas in ongoing consumer protection investigations targeting technology and medical device companies over cybersecurity practices, data privacy issues and allegations of deceptive trade practices that could put Floridians’ personal information at risk.
The actions against TP-Link Systems Inc., Lorex and firms selling potentially compromised medical devices reflect a broad state effort to scrutinize how products entering Florida homes and healthcare facilities handle sensitive data and abide by state law.
Last month, Uthmeier’s office served an investigative subpoena duces tecum on TP-Link Systems Inc., a California-headquartered networking equipment manufacturer known for selling Wi-Fi routers that connect personal and business networks.
According to the subpoena issued under the Florida Deceptive and Unfair Trade Practices Act, TP-Link must produce extensive documents concerning its corporate structure, manufacturing and software development practices, data handling procedures and evidence supporting its claims about product security.
In the press release announcing the subpoena, Uthmeier noted that Floridians “deserve to know the truth about the security of the products they bring into their homes” and warned that companies must be accurate about cybersecurity and foreign relationship practices.
He stated that his office will “not allow Floridians to be misled into handing their personal data to the Chinese Communist Party,” reflecting concerns behind the investigation.
The subpoena to TP-Link also notes that U.S. Department of Commerce officials have proposed banning the company over concerns that its products pose risks due to handling sensitive American consumer data while potentially remaining subject to influence by the Chinese government.
The investigative action is ongoing and the issuance of the subpoena does not constitute a finding of wrongdoing.
Earlier this year, Uthmeier’s office issued a subpoena to Lorex, a provider of home security camera products, as part of a consumer protection and data privacy probe related to potential foreign surveillance risks and the company’s ties to Dahua Technology, a larger security equipment provider.
The Lorex subpoena seeks information on corporate ownership and structure, contracts with third parties involved in manufacturing and software updates, origins of components used in devices sold in Florida and records identifying where software updates originate and who has access to source code.
The subpoena also demands documents related to marketing claims about privacy and security, product FAQs, FCC filings, sales volume and contracts with U.S. and Florida retailers.
Uthmeier’s release noted that Florida families deserve “straight answers about who touches their data” and that the Chinese Communist Party “cannot be allowed to spy on American children,” underscoring the state’s focus on foreign connections in technology products.
In addition to the technology sector investigations, Uthmeier has pursued subpoenas in the healthcare space.
In mid-2025, the Attorney General’s office issued subpoenas to Contec, a Chinese manufacturer of patient monitors, and its U.S. reseller Epsimed, over concerns that devices sold in Florida may contain built-in vulnerabilities and automatically transmit patient data to an IP address in China.
According to the release, these devices allegedly include a “backdoor” that could allow unauthorized manipulation of data and may not meet FDA or international standards despite representations to the contrary.
Uthmeier asserted that medical devices “must be secure and should not send data to entities controlled by the Chinese Communist Party” and indicated that alleged violations of state consumer protection law are at issue in the investigation.
The subpoenas seek records relating to representations made about FDA approval, quality and security, as well as the extent of any patient information transmissions and steps taken by the companies to address vulnerabilities.
