While the Skid-e-Kids website asserted that parents would be contacted by email prior to their child’s use of the site, the FTC found numerous instances where parental notice was not provided and consent was not received. As a result, the site allowed children to create profiles, post personal information, upload pictures, and send messages to other users, resulting in the unauthorized collection of user names, birth dates, email addresses, and cities of residence.
In addition to barring any future COPPA violations and deceptive privacy claims, the operator of Skid-e-Kids agreed to: (i) destroy all information collected from children in violation of COPPA; (ii) provide online educational material about privacy, retain an online privacy professional, or join a FTC-approved safe harbor program; and (iii) pay a $100,000 civil penalty. All but $1,000 of the penalty will be waived if the operator complies with the settlement’s oversight requirements and supplies accurate financial information to the FTC. The settlement remains subject to court approval.
The settlement is further evidence of the FTC’s recent efforts to step up enforcement on a variety of privacy-related issues. On the same day as the Skid-e-Kids settlement, the FTC reached another settlement with an online advertising company for misleading customers regarding the use of tracking cookies. Less than a month ago, the FTC settled a privacy case against a mobile application developer for alleged COPPA violations. The FTC has specifically emphasized online privacy protections for children, recently launching a website promoting safe use of social networking sites by tweens and teens.