Sections

RockYou to pay $250,000 in FTC settlement

After failing to protect the data of 32 million users, RockYou will pay a civil penalty

The Federal Trade Commission (FTC) has said that social gaming site RockYou has agreed to settle charges that it failed to protect the personal information of 32 million users. The FTC said that hackers accessed that information without sufficient data security in place on RockYou's part.

In addition, the FTC alleged that RockYou violated the Children's Online Privacy Protection Act (COPPA) Rule by collecting data from nearly 179,000 children. As part of the settlement, RockYou will pay a civil penalty of $250,000, implement a data security program, and will cease any further violations of the COPPA Rule.

The COPPA Rule requires that site operators obtain parent consent before storing or using the personal information of children under the age of 13. The FTC alleged that RockYou knowingly violated this rule by not having a clear disclosure policy of children's information, not receiving parent consent after a date of birth request showed users were under 13, and not maintaining "reasonable" security procedures to protect said information.

The settlement order requires RockYou to delete all personal data related to the COPPA violations within ten days. RockYou will also have to get a third-party security assessment one year after the original settlement order, and then subsequent assessments during years three and five.

Related stories

DoomRL creator says ZeniMax threatened legal action

Creator of Doom-inspired rogue-like told to remove trademark-infringing content from site

By Brendan Sinclair

Nolan North: "Their performance matters more than mine"

Veteran performer praises Naughty Dog's developers at the Game Awards, contradicting SAG-AFTRA's strike position

By Matthew Handrahan

Latest comments

Sign in to contribute

Need an account? Register now.