Microsoft Fined $20 Million for Illegally Collecting Children’s Personal Data

Microsoft has been slapped with a $20 million fine by the Federal Trade Commission (FTC) for violating regulations related to children’s online privacy. The company was found guilty of collecting personal information from children under the age of 13 without proper consent. The FTC investigation uncovered that Microsoft had gathered various details, including names, email addresses, dates of birth, gamertags, gamer scores, and Xbox Live activity histories, without obtaining the necessary authorization.

The personal data collected by Microsoft was utilized for tracking children’s gaming patterns, targeted advertising, and sold to third-party firms. As a result of this incident, Microsoft will be required to enhance privacy measures specifically for children using the Xbox platform.

Additionally, the order will extend the safeguards of the Children’s Online Privacy Protection Act (COPPA) to cover third-party gaming publishers who receive children’s data from Microsoft.

Microsoft attributes the issue to a software glitch that was apparently overlooked. The company claims to have fixed the technical glitch, which prevented the deletion of account creation data for child accounts where the account creation process was initiated but not completed.

In response to the fine, Microsoft issued a statement expressing regret for not meeting customer expectations and reaffirming its commitment to complying with the order and further improving safety measures. The company acknowledges the need to do more and remains dedicated to ensuring the safety, privacy, and security of its community.