The operator of social game site RockYou has agreed to settle charges that it failed to protect user privacy, allowing hackers to access the e-mail addresses and e-mail passwords of 32 million users, including children.
According to the Federal Trade Commission, many consumers used RockYou to make slide shows from their personal photos. To save the slides, they had to enter an e-mail and e-mail password.
The Children's Online Privacy Protection Act Rule requires that website operators notify parents and obtain consent before they collect, use, or disclose personal information from children under 13. The FTC alleged that RockYou knowingly collected approximately 179,000 children's email addresses and passwords during registration, without their parents' consent. The company asked for childrens' date of birth, and so accepted registrations from children under 13.
For tips on how you can best protect your privacy while online see our guide to online security. Plus our security software Ratings (available to subscribers).
Previously: New FTC privacy proposal unveiled today calls for added consumer protection online
FTC Charges That Security Flaws in RockYou Game Site Exposed 32 Million Email Addresses and Passwords [FTC]