The US Federal Trade Commission (FTC) on Monday said it has reached a $520 million settlement with Epic Games, creator of the popular video game Fortnite, over allegations that the company violated the Children's Online Privacy Protection Act (COPPA) and deployed design tricks, known as dark patterns, to dupe millions of players into making unintentional purchases.
Fortnite made over $9 billion during its first two years in existence.
Epic will pay a $275 million penalty for violating children's privacy law, change default privacy settings, and pay $245 million in refunds for tricking users into making unwanted charges.
"As our complaints note, Epic used privacy-invasive default settings and deceptive interfaces that tricked Fortnite users, including teenagers and children," said FTC Chair Lina M. Khan.
"Protecting the public, and especially children, from online privacy invasions and dark patterns is a top priority for the Commission, and these enforcement actions make clear to businesses that the FTC is cracking down on these unlawful practices," Khan said in a statement.
Also read | Epic Games not planning for Fortnite VR
Epic's video game Fortnite is generally free to download and play but charges users for in-game items such as costumes and dance moves.
The game has more than 400 million users worldwide. The FTC alleged in two separate complaints that North Carolina-based Epic engaged in several unlawful practices.
In a complaint filed in a federal court, the FTC alleged that Epic violated the COPPA Rule by collecting personal information from children under 13 who played Fortnite, a child-directed online service, without notifying their parents or obtaining their parents' verifiable consent.
Epic also violated the FTC Act's prohibition against unfair practices by enabling real-time voice and text chat communications for children and teens by default.
"The Justice Department takes very seriously its mission to protect consumers' data privacy rights," said Associate Attorney General Vanita Gupta. "This proposed order sends a message to all online providers that collecting children's personal information without parental consent will not be tolerated."
In addition to paying the record civil penalty, which goes to the US Treasury, for violating the COPPA Rule, the order will prohibit Epic from enabling voice and text communications for children and teens unless parents (of users under 13) or teenage users (or their parents) provide their affirmative consent through a privacy setting.
Also read | Fortnite's new season brings chrome-powered abilities, more
In a separate complaint, the FTC alleged that Epic used dark patterns to trick players into making unwanted purchases and let children rack up unauthorised charges without any parental involvement.
"Epic put children and teens at risk through its lax privacy practices, and cost consumers millions in illegal charges through its use of dark patterns," said Samuel Levine, Director of the FTC's Bureau of Consumer Protection.
Under the proposed orders, the company will be required to change its default settings, return millions to consumers, and pay a record-breaking penalty for its privacy abuses, Levine added.
