Microsoft to Pay $20 Million to Settle US Charges – According to the U.S. Federal Trade Commission (FTC), Microsoft has agreed to pay $20 million to resolve charges that it unlawfully gathered personal data from minors without parental consent. The FTC stated that Microsoft violated the Children’s Online Privacy Protection Act (COPPA) by collecting personal information from children who registered for its Xbox gaming system without informing or receiving consent from their parents.
Additionally, the company was found to have retained the personal information of these children, as stated by the FTC in a press release. According to the FTC, Microsoft has been directed to implement measures aimed at enhancing privacy safeguards for children utilizing its Xbox system. The order will expand COPPA safeguards to encompass third-party gaming publishers who receive children’s data from Microsoft.
People Also Read: Twitter Head of Trust and Safety Says she has Resigned
In response, a Microsoft representative affirmed the company’s dedication to adhering to the order. The spokesperson further mentioned that updates will be made to the account creation process, and efforts will be made to address a data retention issue detected within the company’s system.
“Our proposed order makes it easier for parents to protect their children’s privacy on Xbox, and limits what information Microsoft can collect and retain about kids,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection. “This action should also make it abundantly clear that kids’ avatars, biometric data, and health information are not exempt from COPPA,” Levine added.
Under the law, online platforms and websites specifically catering to children under the age of 13 are obligated to inform parents about the collection of personal information and acquire verifiable parental consent prior to gathering and utilizing any personal data of these children. As per the complaint, Microsoft had been storing the data it obtained from children during the account creation procedure from 2015 to 2020, even in cases where parents did not finalize the process.
People Also Read: Facebook to be Fined £648m for Mishandling User Information
This implies that Microsoft was in violation of the legal requirement to obtain explicit parental consent and retain personal information solely within the boundaries of compliance with the law. The company’s practice of retaining children’s data, even without parental authorization, was brought to light in the above complaint.
