Epic Games, the creator of Fortnite, has been fined $520 million by the FTC for failing to comply with child privacy laws and employing “dark patterns.”
According to the Federal Trade Commission, Epic violated the Children’s Online Privacy Protection Act (COPPA) by collecting massive amounts of data without parental consent. What’s more, the company made it needlessly difficult for parents to request that any data regarding their children be deleted. Because the company licensed and marketed various Fortnite-inspired toys and merchandise, the company could not say it didn’t know that many of its users were children.
In addition, the FTC accused Epic of using so-called “dark patters” to trick children into unintentional purchases. As a result, the company was fined $275 million for the COPPA violations, and will pay another $245 million in refunds for dark pattern purchases. The company is also required to change Fortnite’s default settings to better protect children’s privacy.
“As our complaints note, Epic used privacy-invasive default settings and deceptive interfaces that tricked Fortnite users, including teenagers and children,” said FTC Chair Lina M. Khan. “Protecting the public, and especially children, from online privacy invasions and dark patterns is a top priority for the Commission, and these enforcement actions make clear to businesses that the FTC is cracking down on these unlawful practices.”
“The Justice Department takes very seriously its mission to protect consumers’ data privacy rights,” said Associate Attorney General Vanita Gupta. “This proposed order sends a message to all online providers that collecting children’s personal information without parental consent will not be tolerated.”