During a White House Roundtable on 8/15/2023, CFPB Director Chopra announced that the CFPB will be developing rules to prevent misuse and abuse by data brokers that track, collect, and monetize information about people. Many of these firms assemble data to feed “artificial intelligence” (AI) that makes decisions about our daily lives. After conducting a public inquiry into data brokers and assessing today’s uses of AI that are often powered by data from the surveillance industry, the CFPB will be issuing proposed rules under the Fair Credit Reporting Act to address business practices used by companies that assemble and monetize our data.For more information, check out:
When consumers buy products from online marketplaces, the identity of the seller is often unclear. The goal of the INFORM Consumers Act is to add more transparency to online transactions and to deter criminals from acquiring stolen, counterfeit, or unsafe items and selling them through those marketplaces. The Act also makes sure online marketplace users have a way to report suspicious conduct concerning high-volume third party sellers. To learn more, check out: Informing Businesses about the INFORM Consumers Act | Federal Trade Commission (ftc.gov)
The proposed order will require Microsoft to bolster protections for children and makes clear that avatars, biometric and health data are protected under COPPA.
Microsoft will pay $20 million to settle Federal Trade Commission charges that it violated the Children’s Online Privacy Protection Act (COPPA) by collecting personal information from children who signed up to its Xbox gaming system without notifying their parents or obtaining their parents’ consent, and by illegally retaining children’s personal information.
“Our proposed order makes it easier for parents to protect their children’s privacy on Xbox, and limits what information Microsoft can collect and retain about kids,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “This action should also make it abundantly clear that kids’ avatars, biometric data, and health information are not exempt from COPPA.”
As part of a proposed order filed by the Department of Justice on behalf of the FTC, Microsoft will be required to take several steps to bolster privacy protections for child users of its Xbox system. For example, the order will extend COPPA protections to third-party gaming publishers with whom Microsoft shares children’s data. In addition, the order makes clear that avatars generated from a child’s image, and biometric and health information, are covered by the COPPA Rule when collected with other personal data. The order must be approved by a federal court before it can go into effect.
The COPPA Rule requires online services and websites directed to children under 13 to notify parents about the personal information they collect and to obtain verifiable parental consent before collecting and using any personal information collected from children. According to a complaint also filed by DOJ, Microsoft violated the COPPA Rule’s notice, consent and data retention requirements.
Microsoft’s Xbox gaming products allow users to play and chat with other players through its Xbox Live service. To access and play games on an Xbox console or use any of the other Xbox Live features, users must create an account, which requires users to provide personal information including their first and last name, email address and their date of birth. Even when a user indicated that they were under 13, they were also asked, until late 2021, to provide additional personal information including a phone number and to agree to Microsoft’s service agreement and advertising policy, which until 2019 included a pre-checked box allowing Microsoft to send promotional messages and to share user data with advertisers, according to the complaint.
It wasn’t until after users provided this personal information that Microsoft required anyone who indicated they were under 13 to involve their parent. The child’s parent then had to complete the account creation process before the child could get their own account. According to the complaint, from 2015-2020 Microsoft retained the data—sometimes for years—that it collected from children during the account creation process, even when a parent failed to complete the process. COPPA prohibits retaining personal information about children for longer than is reasonably necessary to fulfill the purpose for which it was collected.
After a child makes an account, they can create a profile that will include their “gamertag,” which is the primary identifier visible to the user and other Xbox Live users, and can also upload a picture or include an avatar, which is a figure or image that represents the user. According to the complaint, Microsoft combined this information with a unique persistent identifier it creates for each account holder, even children, and could share this information with third-party game and app developers. Microsoft allowed—by default—all users, including children to play third-party games and apps while using Xbox Live, requiring parents to take additional steps to opt out if they don’t want their children to access them.
According to the complaint, Microsoft failed to fully comply with COPPA’s notice provisions. For example, Microsoft failed to disclose to parents all the information it collected, such as a child’s profile picture.
In addition to the monetary penalty, Microsoft will be required under the proposed order to:
The Commission voted 3-0 to refer the complaint and proposed federal order to the Department of Justice. The DOJ filed the complaint and stipulated order in the U.S. District Court for the Western District of Washington state.
NOTE: The Commission authorizes the filing of a complaint when it has “reason to believe” that the named defendant is violating or is about to violate the law and it appears to the Commission that a proceeding is in the public interest. Stipulated orders have the force of law when approved and signed by the District Court judge.
The lead FTC attorneys on this matter are Megan Cox and Peder Magee from the FTC’s Bureau of Consumer Protection.
This is the Commission’s third COPPA action within the last few weeks, following an announcement in mid-May against ed tech provider Edmodo and one last week involving Amazon.
The Federal Trade Commission works to promote competition and protect and educate consumers. Learn more about consumer topics at consumer.ftc.gov, or report fraud, scams, and bad business practices at ReportFraud.ftc.gov. Follow the FTC on social media, read consumer alerts and the business blog, and sign up to get the latest FTC news and alerts.
This week, the Oregon Department of Revenue decided to reject Comcast’s tax con — and you helped make that happen!
The Coalition for Corporate Responsibility — a group of consumer and tax policy organizations that includes the Oregon Consumer League, Tax Fairness Oregon, The Oregon Center for Public Policy, and OSPIRG — submitted a petition that you, and about 2,000 other Oregonians, signed, urging the Department of Revenue to reject Comcast’s appeal.
The Director of the Department heard you loud and clear — this week’s ruling declared that Comcast’s “Gigabit Pro” service does not qualify for a tax break meant to bring affordable, high-speed internet service to Oregonians. We want to thank you for making this decision happen, and for making sure that large and out-of-state corporations like Comcast pay their fair share!
Now that the Department of Revenue has rejected Comcast’s latest attempt to avoid paying taxes, it’s time for Comcast to pay what it owes for the last tax break it tried to evade:
For years, Comcast convinced the state that it did not provide “data transmissions services,” which allowed them to avoid paying millions of dollars in property taxes in Oregon. In 2009, the state finally wised up and ruled that of course, Comcast’s internet and VOIP services did constitute “data transmissions services” and they would have to pay “centrally assessed” property taxes, just like every other telecom company in the state. Comcast appealed that ruling and for five years has been fighting in the courts to avoid paying its fair share. Since 2009, Comcast has accrued more than $120 million in unpaid property taxes!
Imagine what Oregonians are being deprived of, all because Comcast won’t pay what it owes. Think of what $120 million could fund, think of all the teachers or public safety officers who could be hired, the seniors who could finally access the services that they rely on, the bridges and roads that could be improved. Comcast made $8.2 billion in profits last year; it doesn’t need any more subsidies. But Oregon needs Comcast to pay its fair share.
We’ve stopped the Comcast con. Now we need to tell Comcast, it’s time to PAY WHAT YOU OWE
Oregon Consumer League Warns Consumers About CenturyLink’s Deceptive Billing Practices
CenturyLink appears to have a pattern of fraudulently billing customers in two ways:
CenturyLink customers are finding charges on their bills for services they did not request. This came to light earlier this year when a former CenturyLink employee claims she was fired for blowing the whistle on the telecommunications company’s high-pressure sales culture that led to customers paying millions of dollars for accounts they didn’t request.
The second scheme is tied to CenturyLink’s aggressive rollout of its new high-speed fiber internet service in Oregon. Several customers are being billed at over twice the amount that CenturyLink’s door-to-door salespeople are promising. A lawsuit was just filed against CenturyLink in the United Stated District Court of Oregon for the company’s deceptive practices.
The Oregon Consumer League is encouraging CenturyLink customers to look closely at their billing statements and if they see services or charges that they didn’t agree to, they should contact CenturyLink customer service to have the services/charges removed.
If CenturyLink is not cooperative, consumers can file a complaint with the Oregon Attorney General’s office at 877-877-9392 or online at https://justice.oregon.gov/consumercomplaints/OnlineComplaints/OnlineComplaintForm/en.
Consumers can go to oregonconsumerleague.org or like us on Facebook for more information.
For more information about the pending Oregon class action against CenturyLink, visit CenturyLink-Fraud.com
