Sections

RockYou to pay $250,000 in FTC settlement

After failing to protect the data of 32 million users, RockYou will pay a civil penalty

The Federal Trade Commission (FTC) has said that social gaming site RockYou has agreed to settle charges that it failed to protect the personal information of 32 million users. The FTC said that hackers accessed that information without sufficient data security in place on RockYou's part.

In addition, the FTC alleged that RockYou violated the Children's Online Privacy Protection Act (COPPA) Rule by collecting data from nearly 179,000 children. As part of the settlement, RockYou will pay a civil penalty of $250,000, implement a data security program, and will cease any further violations of the COPPA Rule.

The COPPA Rule requires that site operators obtain parent consent before storing or using the personal information of children under the age of 13. The FTC alleged that RockYou knowingly violated this rule by not having a clear disclosure policy of children's information, not receiving parent consent after a date of birth request showed users were under 13, and not maintaining "reasonable" security procedures to protect said information.

The settlement order requires RockYou to delete all personal data related to the COPPA violations within ten days. RockYou will also have to get a third-party security assessment one year after the original settlement order, and then subsequent assessments during years three and five.

Related stories

FCC votes to dismantle net neutrality

ESA "disappointed" as US governing body votes 3-2 to abandon rule preventing service providers from blocking traffic

By Brendan Sinclair

Crytek sues Star Citizen developers

Alleges Cloud Imperium is still using CryEngine, but studio will "defend vigourously" against "meritless lawsuit"

By James Batchelor

Latest comments

Sign in to contribute

Need an account? Register now.