Amazon has agreed to resolve federal claims that it violated a children's internet privacy statute by keeping sensitive information about children for years, including their exact whereabouts and voice recordings, by paying a $25 million civil penalty. It was the most recent legal action in a growing regulatory campaign to get some of the biggest internet companies in the world to properly protect their underage customers. The Federal Trade Commission and the Justice Department filed the lawsuit, which focuses on how Amazon handled the personal information it obtained from kids who spoke with Alexa, the company's voice-activated virtual assistant.
Regulators charged the tech giant with breaking the federal Children's Online Privacy Protection Act by retaining kids' Alexa voice recordings forever and exploiting the information for commercial reasons, such as developing its algorithm to comprehend kids. The Western District of Washington U.S. District Court received the complaint. This law, known as COPPA, requires that internet services intended for users under the age of 13 obtain parental consent before collecting a child's personal information and that parents be given the opportunity to request the erasure of their child's data. Authorities said that despite parental requests to have their children's voice recordings deleted, Amazon did not delete the transcripts of those conversations from all of its databases.
According to Samuel Levine, head of the FTC's Bureau of Consumer Protection, "Amazon's history of misleading parents, keeping children's recordings for an extended period of time, and ignoring parents' deletion requests violated" the children's internet privacy statute and "sacrificed privacy for profits." "COPPA prohibits businesses from keeping children's data forever, and especially not to train their algorithms," Amazon was accused of misleading customers, particularly parents, by frequently informing users that they could remove data, such as their Alexa voice recordings, but failing to properly honor users' deletion requests. Amazon said it disagreed with the F.T.C.'s allegations and denied breaking the children's legislation, even though it agreed to resolve the accusations.
The business said in a statement that "Alexa was built with strong privacy protections and customer controls." The company said in the statement that it had worked with the F.T.C. before extending the children's content service to include Alexa and that Amazon Kids, a service that allows parents to manage games, books, and other content for their children, was designed to comply with the children's online privacy law. Amazon would be compelled to remove any dormant Alexa accounts belonging to minors as well as their voice recordings, exact location data, and other information under the terms of the proposed settlement deal. Additionally, according to the proposed deal, Amazon may not mislead how it manages user voice recordings, exact location data, and children's data. The settlement order needs to be approved by a federal court.
The Amazon issue arises at a time when public anxiety over how several well-known social networks, video game services, and technology manufacturers handle their young users is at an all-time high. It draws attention to the Federal Trade Commission's stepped-up attempts to get major internet companies to strengthen security measures for sensitive data, such as exact location or health information, whose publication might endanger both children's and adults' privacy or their physical safety. The creator of Fortnite, Epic Games, agreed to pay $520 million in December to resolve F.T.C. charges that it had improperly collected data from players under the age of 13 and, separately, had persuaded millions of users to make unwelcome payments.
To resolve complaints that it had breached children's privacy on YouTube from the F.T.C. and the attorney general of New York, Google agreed to pay a $170 million fine in 2019. There is a growing regulatory movement worldwide to safeguard children's internet safety. Irish regulators said in September of last year that they will punish Meta with $400 million for how it handled children's data on Instagram. Meta declared it disapproved and that it would appeal. The FTC charged Ring, a company that provides home security cameras, with "egregious violations" of users' privacy on Wednesday, claiming that the company's privacy and security flaws allowed employees to illegally snoop on customers and allowed hackers to take over users' accounts.
Regulators said that Amazon's acquisition of Ring in 2018 was a result of "unreasonable" data security and privacy practices from at least 2016 until January 2020. For instance, the company claimed in a lawsuit filed in the U.S. District Court for the District of Columbia that one Ring employee saw thousands of recordings shot by dozens of female customers in 2017, including private spaces like the women's toilets and beds. Amazon would have to implement strict security measures, pay $5.8 million in refunds to customers, and destroy any algorithms or other data products that were obtained from the unauthorized watching of customers' films, according to the proposed settlement order. The ring had already resolved the security and privacy concerns, according to a statement from Amazon, before the F.T.C. started its investigation.
© Copyright 2023. All Rights Reserved Powered by Vygr Media.
