In a monumental verdict, the Federal Trade Commission (FTC) has levied a $20 million fine against Xbox for illegally storing children’s personal data without the necessary parental consent, a contravention of the Children’s Online Privacy Protection (COPPA) regulations.
The nature of data in question includes biometric details, phone numbers, and children’s avatars. Even more concerning is that Microsoft, Xbox’s parent company, stored this data for an extended period, irrespective of whether the account registration was fully completed.
This ruling sends a stark reminder about the crucial importance of data privacy in the rapidly evolving gaming industry. With the advancement of technology and an increase in the user base, the issue of data protection is becoming more pressing.
As part of the ruling, Microsoft is now required to implement various protective measures to boost privacy protection for its younger users. The scope of the COPPA ruling has also been expanded to include third-party game publishers.
Microsoft has responded to the ruling, claiming that the violation was due to a technical error, which they’ve since rectified. They also reassured users that the collected data was never shared or used.
Last year saw another gaming giant, Epic Games, facing similar issues, resulting in a whopping $550 million fine for COPPA non-compliance and other offences. These incidents show the essential need for gaming companies to uphold data privacy standards.