Breach, Compliance Management, Threat Management, Data Security, Privacy, Threat Management

FTC fines VTech toy firm over data breach

The Federal Trade Commission (FTC) fined toy firm VTech $650,000 as part of a settlement for violating a U.S. children's privacy laws.

The FTC alleged the toy company violated (COPPA) Children's Online Privacy Protection Rule by collecting personal information from hundreds of thousands of children without providing direct notice, without obtaining their parent's consent, and failing to take reasonable steps to secure the data it collected.

VTech allegedly collected personal information from parents on its Learning Lodge Navigator online platform and through a now-defunct web-based platform called Planet VTech. Parents were also required to register and provide personal information including their name, email address as well as their children's name, date of birth and gender in order to use VTech's Kid Connect or Planet VTech services.

“As connected toys become increasingly popular, it's more important than ever that companies let parents know how their kids' data is collected and used and that they take reasonable steps to secure that data,” Acting FTC Chairman Maureen K. Ohlhausen said in a Jan. 8 press release. “Unfortunately, VTech fell short in both of these areas.”

VTech is also permanently prohibited from violating COPPA in the future and from misrepresenting its security and privacy practices as part of the proposed settlement and is required to implement a comprehensive data security program

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds