- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Adrianne Appel2023-06-26T15:58:00
The Federal Trade Commission’s (FTC) recent children’s privacy enforcement activity leaves no doubt businesses must make complying with the Children’s Online Privacy Protection Act (COPPA) a top priority.
COPPA, which took effect in 2000, prohibits commercial websites and online services from collecting, keeping, using, and disclosing the personal information of children under 13 years old, unless a parent approves.
Earlier this month, the FTC and Department of Justice (DOJ) fined Microsoft $20 million for allegedly violating COPPA through its Xbox video game platform. The agencies alleged from 2015-20 Microsoft collected children’s information, such as full names, email addresses, birth dates, and phone numbers, in the process of setting up their accounts prior to obtaining parental consent and held onto that information even when children didn’t complete the sign-up process.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Register for free
Access one free, non-premium article each month.
Complimentary CPE webcasts, resources, and e-Books.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
The Federal Trade Commission issued a notice of proposed rulemaking to strengthen data security requirements and modernize certain aspects of the Children’s Online Privacy Protection Act Rule.
The Federal Trade Commission is partnering with Chile, Colombia, Mexico, and Peru to fight cross-border fraud, with other consumer protection authorities invited to join in the future.
Microsoft agreed to pay $20 million as part of a settlement with the Federal Trade Commission addressing allegations its Xbox video game platform illegally collected and retained the personal information of children.
TikTok is suspending new features amid an inquiry by the European Commission into its compliance with the Digital Services Act, all while responding to a U.S. ban just signed into law.
The Czech Republic’s data protection authority issued a fine of 351 million Czech koruna (U.S. $15 million) against antivirus software vendor Avast for alleged violations of the General Data Protection Regulation.
Consolidated Nuclear Security agreed to pay $18.4 million to settle alleged False Claims Act violations regarding the submission of timecards for unworked hours to the National Nuclear Security Administration.
