Epic Games, owner of the massively popular online game Fortnite will pay two separate settlements, totaling $520 million for violating a federal act related to online protections for kids. This is the largest FTC administrative settlement ever.
FTC Chair Lina M. Khan stated in a press release that “Epic used privacy-invasive default settings and deceptive interfaces that tricked Fortnite users, including teenagers and children.”
Epic will pay a $275 million civil penalty for alleged violations of the Children’s Online Privacy Protection Act (COPPA). The company will turn over an additional $245 million for allegedly using dark patterns to dupe millions of Fortnite players into making unintentional purchases.The $245 million settlement will be used for customer refunds to those who fell victim to those deceptive sales techniques.
COPPA covers operators of child-directed sites and online services – a determination made by evaluating the subject matter, visual content, use of animated characters or child-oriented activities and incentives, and other factors – and operators of sites and online services who have actual knowledge they’re collecting or maintaining personal information from a child under 13. If a company is covered by COPPA, it must (among other things) get verifiable parental consent before collecting, using, or disclosing personal information from children under 13.
According to the FTC, a substantial number of the 400 million people who play Fortnite are kids under 13, and through its registration process, Epic collected kids’ personal information – including their full names, email addresses, and usernames – without getting their parents’ consent. The complaint cites a number of factors to establish that Fortnite is a “child-directed” service.
North Carolina-based Epic Games had a valuation of about $31.5 billion as of April 2022.