Microsoft Cops $30M Fine For Collecting Children’s Info
Microsoft has been hit with a A$30 million fine for illegally collecting and storing the personal information of children through its Xbox sign-up.
The FTC issued the fine, as well as a number of orders, after the tech giant was found in violation of the Children’s Online Privacy Protection Act (COPPA).
The fine targeted previous iterations of Xbox sign-up system, in which underage users would enter a slew of personal information before the system identified they were under 13 – only then would it request permission from a parent.
Even when this permission was denied, the information was stored, and in some cases, shared with advertisers.
“This action should make it abundantly clear that kids’ avatars, biometric data, and health information are not exempt from COPPA.” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection.
Microsoft blamed the breach on a glitch, which it says was remedied in 2021.
“We recently entered into a settlement with the U.S. Federal Trade Commission (FTC) to update our account creation process and resolve a data retention glitch found in our system,” a blog post by Microsoft reads.
“Regrettably, we did not meet customer expectations and are committed to complying with the order to continue improving upon our safety measures. We believe that we can and should do more, and we’ll remain steadfast in our commitment to safety, privacy, and security for our community.”