Microsoft is hit with $20M fine for collecting the personal information of children on Xbox


Microsoft has earned the ire of the US Federal Trade Commission and has been slapped with a $20M fine by the government agency for taking the personal information of children 13 years of age and younger via Xbox registration and keeping the data for longer than is needed.

The FTC points out that players who want to play games on the Xbox console have to first register by providing a name, date of birth, and email address; that’s part and parcel for most people nowadays, but the problem is that the console asked for parental consent to continue after this information was provided. In addition, the FTC says that Microsoft retained the data collected from children from 2015 to 2020 even if a parent failed to complete the process. Both of these are violations of the Children’s Online Privacy Protection Act (COPPA).

On top of the fine, Microsoft is being court-ordered to take measures to improve privacy protections for younger Xbox users, including extending COPPA protections to any third-party publishers that get user data from Microsoft. This order has to be approved by a federal judge before it goes into effect.

The settlement and FTC orders have prompted Microsoft to pen a fluffy blog post that notes players now have to provide their date of birth before registering on Xbox along with the promise to “test new methods to validate age and take feedback from our customers’ experience.” As for the noted saving of children’s data, the company attributes that to a “technical glitch” that has since been corrected and safeguarded against.

Previous articleMarvel’s Avengers coasts toward its end with a final patch that unlocks everything
Next articleAhead of Star Wars Galaxies’ 20th birthday, the Legends and Resto rogue servers are on the move

No posts to display

oldest most liked
Inline Feedback
View all comments