When Worlds Collide
Global Payments Breach Affects 1.5 Million Consumers

Proposed Settlement Between FTC and Online Game Site RockYou

Last week, the U.S. Federal Trade Commission announced a proposed settlement (Adobe PDF) with online game website RockYou for alleged data security failures which exposed 32 million consumers' e-mail addresses and passwords. It its lawsuit, the FTC alleged that RockYou made data security claims it didn't provide, and that its collection of the sensitive personal information of 179,000 children violated the Children's Online Privacy Protection Act Rule (Adobe PDF):

"Defendant violated COPPA and the FTC Act by failing to provide notice to parents of its information practices, and to obtain verifiable parental consent prior to collecting, using, and or disclosing personal information from children online..."

Terms of the proposed settlement prohibit RockYou from deceptive claims in the future about privacy and data security, requires the company to implement and maintain a data security program, prohibits future violations of the COPPA Rule, and requires it to pay a $250,000 civil penalty.

In 2010, a class-action suit was filed against RockYou about data security failures. Network World listed RockYou on its 2009 data breach hall of shame list.


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.