We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Microsoft Fined $20M for Improper Data Collection of Children

Microsoft Fined $20M for Improper Data Collection of Children
Husain Parvez Published on 9th June 2023 Cybersecurity Researcher

Microsoft has agreed to pay $20 million to the Federal Trade Commission (FTC) to settle charges regarding the improper collection and storage of childrens’ data via Xbox Live. The FTC alleged that the tech giant collected childrens’ data without their parent’s consent. In some cases, this data was retained for years. These actions were found to be in violation of the Children's Online Privacy Protection Act (COPPA), which restricts data collection on children under the age of 13.

The FTC states that websites, online games, and services that knowingly serve children must legally obtain parental consent before gathering information from users below the age of 13. The consumer protection agency says that Microsoft's Xbox Live failed to comply with this requirement.

“The order mandates that Microsoft implement measures to enhance privacy safeguards for child users of its Xbox system. Additionally, it will expand the application of COPPA protections to third-party gaming publishers with whom Microsoft shares children's data," stated the FTC.

According to Reuters, a spokesperson from Microsoft expressed the company's commitment to complying with the order. The spokesperson further mentioned that improvements will be made to the account creation process, and a glitch that caused the improper long-term storage of childrens’ data will be resolved.

"Our proposed order makes it easier for parents to protect their children's privacy on Xbox, and limits what information Microsoft can collect and retain about kids," commented Samuel Levine, the Director of the FTC's Bureau of Consumer Protection. Levine added, "This action should also make it abundantly clear that kids' avatars, biometric data, and health information are not exempt from COPPA."

In a blog post, Microsoft's Dave McCarthy, corporate vice president of Xbox Player Services, confirmed Microsoft's acceptance of the FTC's settlement, stating, "Regrettably, we did not meet customer expectations and are committed to complying with the order to continue improving upon our safety measures. We believe that we can and should do more, and we'll remain steadfast in our commitment to safety, privacy, and security for our community."

About the Author

Husain Parvez is a Cybersecurity Researcher and News Writer at vpnMentor, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the vpnMentor Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address