Sections

RockYou to pay $250,000 in FTC settlement

After failing to protect the data of 32 million users, RockYou will pay a civil penalty

The Federal Trade Commission (FTC) has said that social gaming site RockYou has agreed to settle charges that it failed to protect the personal information of 32 million users. The FTC said that hackers accessed that information without sufficient data security in place on RockYou's part.

In addition, the FTC alleged that RockYou violated the Children's Online Privacy Protection Act (COPPA) Rule by collecting data from nearly 179,000 children. As part of the settlement, RockYou will pay a civil penalty of $250,000, implement a data security program, and will cease any further violations of the COPPA Rule.

The COPPA Rule requires that site operators obtain parent consent before storing or using the personal information of children under the age of 13. The FTC alleged that RockYou knowingly violated this rule by not having a clear disclosure policy of children's information, not receiving parent consent after a date of birth request showed users were under 13, and not maintaining "reasonable" security procedures to protect said information.

The settlement order requires RockYou to delete all personal data related to the COPPA violations within ten days. RockYou will also have to get a third-party security assessment one year after the original settlement order, and then subsequent assessments during years three and five.

Related stories

Microsoft, Epic sued over Gears of War character

Former football player and pro wrestler claims his likeness, voice were stolen for Cole Train

By Brendan Sinclair

Oculus VR condemns "wasteful litigation" as ZeniMax lawsuit begins

A Dallas court heard the opening statements yesterday, trial is expected to last three weeks

By Matthew Handrahan

Latest comments

Sign in to contribute

Need an account? Register now.