Microsoft fined $20 million in FTC settlement over illegal data collection from children

The US Federal Trade Commission found that Microsoft had illegally collected data from underage players on Xbox Live.

Image via Xbox

Microsoft is facing a major fine from the US Federal Trade Commission (FTC) this week over illegal data collection from children on Xbox Live. The FTC fined Microsoft $20 million USD and ordered that the company revamp child protections of its live services. For its part, Microsoft has conceded that its systems were not appropriately updated to ensure the safety of children on its online network and it will comply with the FTC’s fine and order.

The FTC published the results of the settlement with Microsoft on its website on June 5, 2023. According to the decision, the FTC found that Microsoft had insufficient protections in place to keep children from signing up for Xbox Live without their parents’ consent, therein which Microsoft also illegally collected data from said players.

“Our proposed order makes it easier for parents to protect their children’s privacy on Xbox, and limits what information Microsoft can collect and retain about kids,” said FTC Director of the Bureau of Consumer Production, Samuel Levine. “This action should also make it abundantly clear that kids’ avatars, biometric data, and health information are not exempt from COPPA.”

The FTC's statement on the Xbox and Microsoft children's data settlement
The FTC made it clear that Microsoft had violated COPPA with inadequate protections for Xbox Live in regards to underage players.
Source: FTC

COPPA is the Children's Online Privacy Protection Act, and it has been a particularly active bit of legislation when it comes to the gaming space, especially in regards to user data and platforms with online stores. Epic Games was also fined by the FTC over COPPA violations earlier this year, alleging that the company knowingly engaged in business practices meant to trick children and teens into uninformed purchases in games like Fortnite.

For its part, Xbox put out a press release in relation to the FTC fine, recognizing its systems were inadequate for the safety and data protection of underage players. The company signaled compliance with the fine and announced an update to its account creation process that will require children under 13 to have a legal and verified parent or guardian provide consent for the account’s creation. Moreover, underage players that created an account before May 2021 will require a parent or guardian to provide consent to re-verify their account.

“Regrettably, we did not meet customer expectations and are committed to complying with the order to continue improving upon our safety measures,” Xbox Player Services CVP Dave McCarthy wrote. “We believe that we can and should do more, and we’ll remain steadfast in our commitment to safety, privacy, and security for our community.”

The FTC’s fine and order against Microsoft and Xbox, as well as the latter’s compliance should hopefully make Xbox Live a safer place for players of all ages.

Senior News Editor

TJ Denzer is a player and writer with a passion for games that has dominated a lifetime. He found his way to the Shacknews roster in late 2019 and has worked his way to Senior News Editor since. Between news coverage, he also aides notably in livestream projects like the indie game-focused Indie-licious, the Shacknews Stimulus Games, and the Shacknews Dump. You can reach him at and also find him on Twitter @JohnnyChugs.

From The Chatty
Hello, Meet Lola