Microsoft to pay $20M for violating children’s privacy laws
Microsoft has agreed to pay $20 million to settle Federal Trade Commission (FTC) charges that it illegally collected personal information from children under the age of 13 without parental consent. The FTC’s complaint alleges that Microsoft violated the Children’s Online Privacy Protection Act (COPPA) by collecting data from children during the account creation process from 2015 to 2020 and disclosing this information to third parties, even when a parent failed to complete the consent process. The order filed by the FTC requires Microsoft to amend its privacy protections for child Xbox users and ensure that COPPA protections extend to third-party gaming publishers with whom Microsoft shares children’s data.
In addition to paying $20 million in penalties, Microsoft must obtain parental consent for accounts created before May 2021 if the account holder is still a child and delete collected data within two weeks from collection date if parental consent has not been obtained. The proposed order must be approved by a federal court before it can go into effect.
The settlement comes shortly after the European Union approved Microsoft’s $69 million bid to acquire video gaming firm Activision Blizzard. UK regulators had initially blocked the deal over competition concerns, while the FTC raised antitrust concerns in the US last December. However, after Microsoft agreed to ensure rival companies continued to have access to Activision-developed games, European regulators gave the green light in mid-May.
FAQs:
What is the Children’s Online Privacy Protection Act (COPPA)?
COPPA is a federal law that requires online services and websites that cater to children under 13 to notify their guardians of the personal information being collected. Parental consent is also required before those online services and sites use any child’s personal information.
What was Microsoft charged with?
Microsoft was charged with violating COPPA by illegally collecting personal information from children under the age of 13 without parental consent and disclosing this information to third parties.
What is the settlement between Microsoft and the FTC?
As part of the settlement, Microsoft agreed to pay $20 million in penalties, amend its privacy protections for child Xbox users, and ensure that COPPA protections extend to third-party gaming publishers with whom Microsoft shares children’s data.
What else does the proposed order require Microsoft to do?
Under the proposed order, Microsoft must obtain parental consent for accounts created before May 2021 if the account holder is still a child and delete collected data within two weeks from collection date if parental consent has not been obtained. The order must be approved by a federal court before it can go into effect.
What else has happened with Microsoft recently?
Microsoft’s $69 million bid to acquire video gaming firm Activision Blizzard was approved by the European Union shortly before the settlement with the FTC was announced. The deal had initially been blocked by UK regulators over competition concerns, while the FTC voiced antitrust concerns in the US last December. However, European regulators approved the deal after Microsoft agreed to ensure that rival companies continued to have access to Activision-developed games.
Microsoft Violates Children’s Privacy Laws and Ordered to Pay $20 Million.
Microsoft has agreed to pay $20m to settle accusations from the US Federal Trade Commission (FTC) that it illegally gathered personal information from children without parental consent. The firm was found to have breached the Children’s Online Privacy Protection Act, which mandates that services and websites aimed at under-13s should inform guardians if personal data is collected, and seek their consent before using it. Between 2015 and 2020, Microsoft gathered such data during account creation, even when a parent failed to complete the consent process. The FTC has ordered the corporation to overhaul its privacy practices for Xbox users aged under 13, and protect the data of any third-party gaming publishers with which it shares information.