Microsoft is set to pay Federal Trade Commission $20 million as a settlement over charges for illegally collecting personal information from children without their parent's consent, violating the Children's Online Privacy Act.
Facing $20 Million FTC Settlement
The Federal Trade Commission charged Microsoft with $20 million settlement, violating the United States Children's Online Privacy Protection Act for collecting the personal information of children who signed up for its Xbox gaming system without notifying their parents or guardians. According to a report from The Verge, Microsoft will have to make some changes as an order aside from the settlement.
When a user created a Microsoft account, the company asked for certain personal information before asking a parent of an under-13 player to get involved. FTC alleges that the company retained the personal data for years even if the parent did not finish the signup process, hence the COPPA violation.
FTC's charge became the latest settlement of the agency with a video game company over an alleged violation of COPPA. Microsoft joins the ranks of other companies, including Amazon, Alphabet's Google, and ByteDance TikTok, who faced penalties from the FTC for collecting data on children without consent from their parents.
Also read : Xbox App for PC: April Update Feature Helps Determine a Game's Accessibility, Playtimes for Your Sorting
FTC Bureau of Consumer Protection Samuel Levine stated this action aims to clarify that children's avatars, biometrics, data, and health information are not exempted. "Our proposed order makes it easier for parents to protect their children's privacy on Xbox, and limits what information Microsoft can collect and retain about kids," he added.
Proposed Changes
The proposed order was filed by the Department of Justice on behalf of the FTC. Bloomberg reported that the changes include notifying parents that a separate child account comes with additional privacy protections, requiring parents to give consent for a child account made before 2021, deleting data necessary to get consent, and telling publishers when disclosing a child's personal information.
This effort is important because Microsoft is a big corporation, and the proposed changes for children's security are valid. For instance, company-owned Minecraft has 141 million active players worldwide. This game caters to children to create 3D worlds with blocks similar to Legos.
Microsoft's Response
In an Xbox Blog Post, Xbox Player Services CVP Dave McCarthy stated that they regret to inform their customers of not meeting their expectations but remain committed to complying with the order to continue improving their safety measures.
McCarthy added, "We believe that we can and should do more, and we'll remain steadfast in our commitment to safety, privacy, and security for our community." While the account creation data was not deleted due to a technical glitch, he clarified that it was never used, shared, or monetize.
Related Article: Microsoft Activision-Blizzard Deal FTC Fiasco: Not Anti-Competition, Offered Sony 10-Year Contract for 'Call of Duty'