Fortnite Developer Epic Games Agrees to Pay $275 Million for Alleged Violations of Children’s Privacy Law

The Department of Justice and the Federal Trade Commission announced Dec. 19 a settlement that’ll require Fornite developer Epic Games Inc. to pay $275 million in civil penalties to resolve alleged violations of the Children’s Online Privacy Protection Act, the COPPA Rule and the Federal Trade Commission Act. If the settlement is approved by a federal court, Epic Games will also be subject to a permanent injunction regarding children’s personal information it previously collected. 

In a complaint filed Dec. 19 in the U.S. District Court for the Eastern District of North Carolina, the government alleged Epic Games designed and marketed Fortnite for children. The government further alleged that Epic Games knew it collected personal information from children, including names, email addresses and identifiers used to keep track of players’ progress, purchases, settings and friends lists. Epic Games was accused of failing to notify parents it was collecting children’s personal information and failing to obtain verifiable parental consent for that collection, as required by the COPPA Rule. The government also alleged Epic Games maintained default privacy settings that were unfair under Section 5 of the FTC Act, in that the default privacy settings publicly broadcast child and teen Fortnite players’ display names and put children and teens in direct, real-time communication with adult players.


“The Justice Department takes very seriously its mission to protect consumers’ data privacy rights,” said Associate Attorney General Vanita Gupta in a press release. “This proposed order sends a message to all online providers that collecting children’s personal information without parental consent will not be tolerated.”

“Parents have a right to know and to consent before companies collect their children’s personal information,” said Principal Deputy Assistant Attorney General Brian Boynton, head of the Department of Justice’s Civil Division in a press release. “The department is committed to enforcing the protections against unauthorized collection of information from consumers, particularly children.” 

In a proposed stipulated order filed Dec. 19, Epic Games agreed to pay $275 million in civil penalties, the largest civil penalty ever imposed for a COPPA violation, according to the Department of Justice. 

If approved by the court, the order will prohibit Epic Games from collecting personal information from children in violation of the COPPA Rule. It’ll also prohibit Epic Games from using previously collected children’s personal information unless it obtains verifiable parental consent and imposes compliance reporting obligations upon Epic Games. The agreement also requires Epic Games to maintain default privacy settings that protect children’s and teens’ privacy, to delete certain personal information of children that it previously collected and to maintain a comprehensive privacy program that protects certain personal information.

“As our complaint notes, Epic used privacy-invasive default settings that harmed young Fortnite players,” said FTC Chair Lina Khan in a press release. “Protecting the public, and especially children and teens, from online privacy invasions is a top priority for the Commission, and this enforcement action makes clear to businesses that the FTC is cracking down on these unlawful practices.”

The Department of Justice noted the matter was handled by trial attorneys Michael Wadden and Josh Fowkes and Assistant Director Lisa Hsiao of the Civil Division’s Consumer Protection Branch. Andrew Hasty, James Trilling and Amanda Koulousias represented the FTC.

Previous article2022 Colorado 200
Next articleCourt Opinions: 10th Circuit Court of Appeals Opinion for Dec. 19

LEAVE A REPLY

Please enter your comment!
Please enter your name here