Microsoft has been hit with a $20 million fine by the Federal Trade Commission (FTC) for violating regulations pertaining to children’s online privacy.
The company was found to have collected personal information from children under the age of 13 without obtaining consent. The FTC investigation revealed that Microsoft gathered various details, including names, email addresses, dates of birth, gamertags, gamer scores, and Xbox Live activity histories, without proper authorization.
The personal data collected by Microsoft was utilized for tracking children’s gaming patterns, targeted advertising, and selling to third-party firms. In response to the incident, Microsoft will be required to enhance privacy measures specifically for children using the Xbox platform.
Furthermore, the order will extend the scope of Children’s Online Privacy Protection Act (COPPA) safeguards to encompass third-party gaming publishers who receive children’s data from Microsoft.
The software company blames the issue on a software glitch they apparently overlooked. Microsoft has fixed this technical glitch “where our systems did not delete account creation data for child accounts where the account creation process was started but not completed”.
Here is Microsoft’s statement on the matter:
Regrettably, we did not meet customer expectations and are committed to complying with the order to continue improving upon our safety measures. We believe that we can and should do more, and we’ll remain steadfast in our commitment to safety, privacy, and security for our community.