Amazon to Pay $25 Million to Settle Children’s Privacy Charges
| Amazon to Pay $25 Million to Settle Children’s Privacy Charges | |
|---|---|
| Short Title | Amazon Settles for $25 Million Over Children's Privacy Violations |
| Location | Washington |
| Date | May 2023 |
| Solove Harm | Aggregation, Disclosure, Breach of Confidentiality, Exposure, Surveillance |
| Information | Identifying, Computer Device, Preference |
| Threat Actors | Amazon Inc |
| Individuals | |
| Affected | Children |
| High Risk Groups | Minors |
| Tangible Harms | Change of Behavior, Financial Cost |
Amazon has agreed to pay a $25 million civil penalty to settle charges brought by the Federal Trade Commission (FTC) and the Justice Department. The case revolves around Amazon's handling of children's personal information collected through interactions with Alexa, violating COPPA. The tech giant is accused of keeping children's Alexa voice recordings indefinitely, using the data for business purposes, and failing to delete transcripts even after parents' deletion requests. The settlement requires Amazon to delete children's voice recordings and precise location data, as well as inactive Alexa accounts belonging to children, and prohibits misrepresentation of data handling.
Description
The Amazon settlement, involving a substantial $25 million penalty, brings attention to a complex web of privacy violations with notable intersections in Data Handling, and Privacy Violation categories of the Solove Taxonomy. The Federal Trade Commission (FTC) and the Justice Department's legal action centers on the prolonged retention of children's data through Amazon's voice-activated virtual assistant, Alexa. This constitutes a clear instance of Privacy Violation, as Amazon is accused of keeping children's voice recordings indefinitely, a practice that not only breaches privacy but also aligns with the Surveillance category, reflecting the ongoing monitoring of individuals' activities without their explicit consent. The alleged use of such data for algorithm training further emphasizes the aggregation aspect, as various pieces of personal information are combined for business purposes, highlighting a multifaceted breach of confidentiality.
In response to the settlement, the Data Handling dimension takes prominence as regulatory bodies emphasize the necessity for Amazon to implement stricter privacy measures and delete specific data to rectify the violations. This case becomes a notable example of the growing regulatory scrutiny on major tech platforms, showcasing the imperative to establish robust safeguards to protect the online privacy of younger users, as mandated by laws like COPPA. As the digital landscape evolves, this settlement reinforces the importance of proactive measures to prevent not only data mishandling but also the potential exposure and disclosure of sensitive information affecting the youngest and most vulnerable users.
Laws and Regulations
Sources
https://www.nytimes.com/2023/05/31/technology/amazon-25-million-childrens-privacy.html