1.6 C
Washington

Microsoft to pay $20 million FTC settlement over improperly storing Xbox account data for kids

Date:

Share:


Microsoft is set to pay the Federal Trade Commission (FTC) a $20 million settlement over charges that the company violated the Children’s Online Privacy Protection Act (COPPA). The company retained certain personal information of kids far longer than it should have when they made accounts, according to a press release.

Microsoft will also have to make some changes as part of a proposed order filed by the Department of Justice (DOJ) on behalf of the FTC. Those changes include telling parents that a separate child account comes with additional privacy protections, requiring parents to give consent for child accounts made before 2021, making systems to delete data about necessary to get parental consent for a kids’ account, and telling other publishers when it “discloses personal information from children that the user is a child,” the press release says.

This is just the latest FTC settlement with a video game company over alleged violations of COPPA. In December 2022, Fortnite developer Epic Games reached a $520 million settlement with the FTC, with $275 million of that over the COPPA violations. Earlier that month, Epic introduced for-kids accounts for Fortnite, Rocket League, and Fall Guys.

On Monday, the FTC said that until late 2021, when a user created a Microsoft account, the company asked for certain personal information before asking a parent of an under-13 player to get involved in making the account. But the FTC alleges that Microsoft retained that personal data “sometimes for years” even if the parent didn’t finish the signup process, which is something that’s prohibited by COPPA.

“Regrettably, we did not meet customer expectations and are committed to complying with the order to continue improving upon our safety measures,” Microsoft’s Dave McCarthy, CVP of Xbox Player Services, wrote in an Xbox blog post. “We believe that we can and should do more, and we’ll remain steadfast in our commitment to safety, privacy, and security for our community.”

In the post, McCarthy says that Microsoft wasn’t deleting account creation data for child accounts due to a “technical glitch,” and that the company has since fixed the glitch and deleted the data. “The data was never used, shared, or monetized,” according to McCarthy.



Source link

Subscribe to our magazine

━ more like this

What’s open and what’s closed on Good Friday 2024?

Good Friday is a conundrum for many people. Easter is such a major holiday in the Christian faith that it seems like it...

This niche employee benefit can actually pay for itself fourfold. Boston Consulting Group calls it ‘the easiest talent investment decision you’ll ever make’

But there’s one type of cost that, if treated right, can bring corporations a fourfold return, according to a new Boston Consulting Group...

How I Used Self-Help to Justify a Toxic Relationship and What I Now Know – Tiny Buddha

“You can ignore reality, but you can’t ignore the consequences of ignoring reality.” ~Ayn Rand The first person who introduced me to personal development...

Larry Summers, a ‘friend of China,’ warns Beijing that its actions are making it hard for people like him to push for stronger ties

This bipartisan sentiment makes it challenging for those trying to argue for a more cautious, less aggressive approach to the world’s second-largest economy,...

Developers at Elon Musk’s X test NSFW content and communities features

X, the social network formerly known as Twitter, is testing a feature that lets users create or join communities focused on “adult content”...