Xbox hit with $20M fine over child privacy violations
Microsoft will pay a $20 million fine after the U.S. Federal Trade Commission charged that it violated children’s privacy rights with its information collection practices of the Xbox Live service.
The FTC announced the penalty on Monday. The monetary settlement covers violations of the Children’s Online Privacy Protection Act of 1998 (COPPA), which involve “children who signed up to [the] Xbox gaming system without notifying their parents or obtaining their parents’ consent, and by illegally retaining children’s personal information,” the FTC said in a statement.
Further, Microsoft must take additional steps to strengthen privacy protections for minor children who use Xbox consoles and Xbox Live, subject to that order’s approval by a federal judge.
COPPA requires online services and websites to notify parents that they collect personal information about children under age 13, and to obtain verifiable parental consent before they do so. In this case, the violations stem from the fact that, even when an Xbox Live user “indicated that they were under 13, they were also asked, until late 2021, to provide additional personal information including a phone number.”
Additionally, as part of accepting Xbox Live’s terms of use, these children also consented to a pre-checked agreement allowing Microsoft to send promotional messages and share this data with advertisers. Microsoft then retained this data involving under-13 children, another violation of COPPA.
In a blog post Monday, Dave McCarthy, Xbox’s executive in charge of player services, called the matter a “data retention glitch found in our system” and said that “regrettably, we did not meet customer expectations.”
“We believe that we can and should do more,” McCarthy added,
Read more on polygon.com
