YouTube has been hit with a record-breaking $170m (£139m) fine by regulators in the US for breaking children’s data privacy laws. Authorities in New York will receive $34m of the landmark penalty.
The Federal Trade Commission reached the settlement with Google, YouTube’s owner, after the video-streaming site was deemed to have collected data on children under the age of 13 without parental consents being in place, leading to youngsters receiving targeted advertising online.
YouTube’s behaviour was in violation of a United States federal law known as Coppa, or the Children’s Online Privacy Protection Act 1998.
The news sits on top of a wave of government action against unethical data handling practices in the tech giant communities in the States.
As part of the deal, YouTube will henceforth require all users to self-identify whether the videos they upload are meant to be viewed by children. The channel will also have to obtain parental consent before the private data of children can be collected, while staff working at YouTube will have to receive annual training on compliance with children’s privacy law.
Google and YouTube have agreed to stop using previously collected personal data of minors.
Federal Trade Commission Chairman and Republican Joe Simons, and Republican party Commissioner, Christine Wilson issued a joint statement, saying:
“This settlement achieves a significant victory for the millions of parents whose children watch child-directed content on YouTube. It also sends a strong message to children’s content providers and to platforms.”
PrivSec reported last week that YouTube’s fine could range from anywhere between $150m and $200m. The eventual $170m fine illustrates how regulators in the US are cracking down on the ways in which Silicon Valley’s biggest names have been dealing with consumers’ private data. In the summer, the FTC hit Facebook with a $5bn fine following an official investigation into “years of data privacy violations that deceived and undermined user choices.
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/