US FTC fines VTech toy firm over data breach

News by Robert Abel

The Federal Trade Commission (FTC) fined toy firm VTech US$ 650,000 (£482,000) as part of a settlement for violating a US children's privacy laws.

In the US, the Federal Trade Commission (FTC) fined toy firm VTech US$ 650,000 (£482,000) as part of a settlement for violating a US children's privacy laws.

The FTC alleged the toy company violated (COPPA) Children's Online Privacy Protection Rule by collecting personal information from hundreds of thousands of children without providing direct notice, without obtaining their parent's consent, and failing to take reasonable steps to secure the data it collected.

VTech allegedly collected personal information from parents on its Learning Lodge Navigator online platform and through a now-defunct web-based platform called Planet VTech. Parents were also required to register and provide personal information including their name, email address as well as their children's name, date of birth and gender in order to use VTech's Kid Connect or Planet VTech services.

“As connected toys become increasingly popular, it's more important than ever that companies let parents know how their kids' data is collected and used and that they take reasonable steps to secure that data,” Acting FTC Chairman Maureen K. Ohlhausen said in a 8 January press release. “Unfortunately, VTech fell short in both of these areas.”

VTech is also permanently prohibited from violating COPPA in the future and from misrepresenting its security and privacy practices as part of the proposed settlement and is required to implement a comprehensive data security programme.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Webcasts and interviews 

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop