The US Federal Trade Commission has fined Epic Games, the creator of the widely popular Fortnite video game, which has over 400 million users worldwide, $520 million for violating children’s privacy rules and engaging in deceptive practices.
Epic Games has agreed to pay a $275 million fine for collecting personal information from children under the age of 13, including their names, email addresses, and identifiers used to keep track of players’ progress, purchases, settings, and friends lists. However, Epic Games failed to inform parents that it was collecting children’s personal information and to obtain verifiable parental consent for that collection, as required by the Children’s Online Privacy Protection Act (COPPA), the US Department of Justice said.
This is the largest penalty ever obtained for violating an FTC rule.
Additionally, the company will be required to adopt strong privacy default settings for children and teens, ensuring that voice and text communications are turned off by default. It has also been ordered to delete all the data it previously collected in violation of the COPPA Rule.
On top of this, the video game maker will also pay $245 million for employing so-called “dark patterns” to trick millions of players into making unwanted in-game purchases.
“Epic put children and teens at risk through its lax privacy practices, and cost consumers millions in illegal charges through its use of dark patterns,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “Under the proposed orders announced today, the company will be required to change its default settings, return millions to consumers, and pay a record-breaking penalty for its privacy abuses.”