Amazon will pay $25 million for child privacy violation charges

Amazon has been charged with illegally collecting and keeping the voice recordings of children by the federal government.

Children need special protections online.

Take Action

Yesterday, Amazon agreed to settle federal charges that it had violated the Children’s Online Privacy Protection Act (COPPA). According to the FTC complaint, the company failed to delete young users’ voice and geolocation data collected through Alexa.

The complaint reports that parents were held responsible for deleting children’s voice recordings, since Alexa’s default settings saves transcripts indefinitely. In the event that parents asked that their children’s data be deleted, Amazon allegedly failed to honor such requests. The tech giant’s alleged deception and negligence puts thousands of children at risk, as more than 800,000 children younger than 13 have their own Alexa profiles.

Beyond the $25 million penalty, the proposed FTC order would mandate the deletion of data associated with inactive children’s profiles and parental requests for data erasure. The proposed order would also bolster transparency around data retention and deletion. 

Last year, PIRG’s investigation into the data harvesting practices of web-enabled smart toys found problems with Amazon’s recording gathering practices. 

A plush toy called the Fuzzible Friend could have conversations with kids thanks to a connection with an Alexa device. We found that the manufacturer of the software that enables the plush toy to talk could receive information about a child in the course of play from Amazon, including geolocation information and full transcripts of a child’s conversations. As a CBS Mornings investigation based off of our work found, this news disturbed some parents. 

Right now, it’s the norm for the vast majority of companies to gather a lot more information about you than they really need to, and use it in ways that have nothing to do with delivering the service you’re expecting to get. This violates our data privacy, and can cause real trouble for consumers – like making us more susceptible to having our info exposed in a breach and ending up in the hands of scammers and identity thieves.

Read more

Topics
Authors

R.J. Cross

Director, Don't Sell My Data Campaign, PIRG

R.J. focuses on data privacy issues and the commercialization of personal data in the digital age. Her work ranges from consumer harms like scams and data breaches, to manipulative targeted advertising, to keeping kids safe online. In her work at Frontier Group, she has authored research reports on government transparency, consumer debt and predatory auto lending, and has testified before Congress. Her work has appeared in WIRED magazine, CBS Mornings and USA Today, among other outlets. When she’s not protecting the public interest, she is an avid reader, fiction writer and birder. Though she lives in Boston, she will always consider herself a Kansan at heart.

Bess Pierre

Intern, Don't Sell My Data campaign

Bess is an intern on the Don't Sell My Data campaign.

Find Out More