FTC Fines Tech Giants for Violating Kids' Privacy

Yelp is the latest tech heavy to admit that it violated federal policy by not screening kids when they register for the site.

Privacy advocates and the FTC are putting pressure on a number of major tech companies, including Apple, Amazon and Yelp, for allowing children to register on their sites. What's the big deal? It's not about kiddie porn or fears that a child will hook up with a molester. It's something a lot less dramatic, but still very important.

When children register on certain sites they can buy stuff without the approval of their parents. Kids' email addresses, and other potentially sensitive information, are passed on to third parties that might try sell them even more stuff. Spam bots and other mechanisms can also pick up email addresses, leading to a barrage of messages that parents would not want their kids to receive.

This is an ongoing issue and you've got to wonder if the fines that the government is levying against tech companies are enough to convince these super rich outfits to get their acts together.

Earlier this week, Yelp agreed to pay a $450,000 fine to the FTC, and TinyCo, a toy maker, will also fork over $300,000 as part of a settlement. The FTC accused both companies of violating privacy rules by not properly screening minors in its registration process.

Those two companies are hardly alone. In July, the FTC sued Amazon after it received thousands of complaints from parents regarding in-app charges incurred by their kids without permission.

Amazon's Appstore is preloaded on the company's Kindle tablets and is available for download on an array of Android smartphones and tablets. In a complaint filed in U.S. District Court in Seattle, the FTC said, "Amazon controls the billing process for in-app charges and retains 30 percent of all revenue from in-app charges, amounting to tens of millions of dollars to date."

The FTC recently settled similar charges with Apple. In that case, the FTC charged Apple with "billing consumers for millions of dollars of charges incurred by children in kids' mobile apps without their parents' consent." Under the terms of the settlement, Apple must provide a refund for affected consumers and must change its billing practices to ensure that it has obtained express, informed consent from consumers before charging them for items sold via mobile apps.

Google agreed to settle similar charges with the FTC and repay $19 million to consumers whose children were allegedly deceived into making mobile purchases through the Android app store.

It doesn't look like Yelp was making big bucks by allowing minors to sign up. But the FTC's complaint against the company  alleges that, from 2009 to 2013, it collected personal information from children through the Yelp app without first notifying parents and obtaining their consent.

According to the complaint, several thousand registrants provided a date of birth showing they were under 13 years old, but Yelp still collected personal information, including names, email addresses and locations.

Yelp commented on the settlement in a blog post, saying "Yelp doesn't promote itself as a place for children, and we certainly don't expect or encourage them to write reviews about their plumbers, dentists, or latest gastronomic discoveries. We're glad to have been able to cooperate with the FTC to get to a quick resolution and look forward to continuing our efforts to protect our users."

Sounds good, but I think there needs to be a more concerted effort on the part of the tech giants to stop such exploitive practices.

Join the CSO newsletter!

Error: Please check your email address.

Tags yelpAppleamazon.comsecurityprivacy

More about AppleFTCGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Bill Snyder

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts