Microsoft is currently facing a privacy breach case, for collecting the personal data of Xbox players’ children without the direct consent of their parents.
Now information security has become a major concern for everyone, and children are no exception. As technology becomes increasingly sophisticated and widespread, children are increasingly at risk of having their personal data taken.
Even in recent years several large companies, including social media platforms, operating systems, to video provider sites, have experienced cases of privacy violations for collecting children’s information.
Based on the Gizmochina report, the Federal Trade Commission (FTC) has imposed a fine of $ 20 million or around Rp. 297.5 billion to Microsoft for violating children’s online privacy regulations.
The breach of privacy involved Microsoft collecting personal information from children under the age of 13 without their parents’ consent.
The FTC itself has found Microsoft collecting detailed information without proper authorization, such data in the form of name, email address, date of birth, gamertagplayer scores, and Xbox Live activity history.
The company uses this personal information to track the gaming habits of these children, target them with appropriate advertisements, and sell their data to third-party companies.
Furthermore, Microsoft immediately responded to the fine decision by making a post on the official Xbox blog.
“We recently entered into a settlement with the US Federal Trade Commission to update our account creation process and resolve data retention errors found in our systems,” Microsoft said.
“Unfortunately, we have not met our customers’ expectations and commitment to comply with orders to continue to improve our security measures. But, we believe that we can and should do more, and are steadfast in our commitment to protect the safety, privacy, and security of users,” added Microsoft.
In addition, Microsoft also explained that during the investigation the company identified a technical glitch where the system did not delete the account creation data for the child, where the account creation process was being created but had not been completed.
This is not in line with company policy to store registration information for 14 days to make it easier for gamers to continue registration until it’s finished. Microsoft’s technical team is currently working on fixing errors, deleting data, and implementing ways to prevent errors from recurring.
Even so, Microsoft itself claims that data is never used, shared, until it is monetized. It seems that with an official statement on the Xbox blog and a $20 million fine Microsoft has solved this problem.