Microsoft will pay the FTC $20 million to settle charges over collecting children's data
engadget.comMicrosoft will have to pay $20 million to settle charges brought by the Federal Trade Commission (FTC) that the company violated the Children's Online Privacy Protection Act (COPPA). In the complaint filed by the DOJ on behalf of the FTC, the department accused the tech giant of collecting its underage Xbox users' information and retaining their data even without their parents' consent. To be able to play Xbox games and use services like Xbox Live, users have to sign up for an account and provide their personal information, including their full name, email address and place of birth.
Until 2021, users were also asked for their phone number and to agree to Microsoft's advertising policy. The FTC found that Microsoft only asked users under 13 to get their parents to complete their account creation after they had already provided their personal information. And apparently, from 2015 until 2020, Microsoft collected and retained data from underage users, even if their parents didn't complete the registration process. Under COPPA, online services and websites must obtain verifiable parental consent before using any personal information from children.
The FTC also explained that Microsoft combines a user's gamertag with a unique persistent identifier that it could share with third-party developers, even for accounts owned by underage users. In a blog post, Dave McCarthy, the CVP Xbox Player Services, said Microsoft didn't intentionally keep child accounts that weren't completed by their parents. The company found a technical glitch that caused data retention during its investigation, he said, and its engineering team deleted affected children's data after fixing the issue. "The data was never used, shared, or monetized," he
Read more on engadget.com
