Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Children's Data. Show all posts
Personal Data
Children's Data Cyber Security Data collection Data Consent data security Disney fine settlement FTC Online Privacy Personal Data

Disney to Pay $10 Million Fine in FTC Settlement Over Child Data Collection on YouTube

 

Disney has agreed to pay millions of dollars in penalties to resolve allegations brought by the Federal Trade Commission (FTC) that it unlawfully collected personal data from young viewers on YouTube without securing parental consent. Federal law under the Children’s Online Privacy Protection Act (COPPA) requires parental approval before companies can gather data from children under the age of 13. 

The case, filed by the U.S. Department of Justice on behalf of the FTC, accused Disney Worldwide Services Inc. and Disney Entertainment Operations LLC of failing to comply with COPPA by not properly labeling Disney videos on YouTube as “Made for Kids.” This mislabeling allegedly allowed the company to collect children’s data for targeted advertising purposes. 

“This case highlights the FTC’s commitment to upholding COPPA, which ensures that parents, not corporations, control how their children’s personal information is used online,” said FTC Chair Andrew N. Ferguson in a statement. 

As part of the settlement, Disney will pay a $10 million civil penalty and implement stricter mechanisms to notify parents and obtain consent before collecting data from underage users. The company will also be required to establish a panel to review how its YouTube content is designated. According to the FTC, these measures are intended to reshape how Disney manages child-directed content on the platform and to encourage the adoption of age verification technologies. 

The complaint explained that Disney opted to designate its content at the channel level rather than individually marking each video as “Made for Kids” or “Not Made for Kids.” This approach allegedly enabled the collection of data from child-directed videos, which YouTube then used for targeted advertising. Disney reportedly received a share of the ad revenue and, in the process, exposed children to age-inappropriate features such as autoplay.  

The FTC noted that YouTube first introduced mandatory labeling requirements for creators, including Disney, in 2019 following an earlier settlement over COPPA violations. Despite these requirements, Disney allegedly continued mislabeling its content, undermining parental safeguards. 

“The order penalizes Disney’s abuse of parental trust and sets a framework for protecting children online through mandated video review and age assurance technology,” Ferguson added. 

The settlement arrives alongside an unrelated investigation launched earlier this year by the Federal Communications Commission (FCC) into alleged hiring practices at Disney and its subsidiary ABC. While separate, the two cases add to the regulatory pressure the entertainment giant is facing. 

The Disney case underscores growing scrutiny of how major media and technology companies handle children’s privacy online, particularly as regulators push for stronger safeguards in digital environments where young audiences are most active.
Read more »
Student Data
Appscook Children's Data Data Breach Digital Ocea Personal Data Student Data

Appscook Data Breach: App Used by Hundreds of Schools Leak Children’s Data


In a recent investigation, a team of security researchers from cybersecurity firm Cybernews found that IT company Appscook – which develops applications used by more than 600 schools in India and Sri Lanka for academic management – leaked a startling quantity of private information, including birth certificates, home addresses, and images of minors.

Nearly a million confidential data were stored in a DigitalOcean storage bucket that was accessible to everybody without the need for authentication. Given that the majority of the compromised files reveal children, leaking private information online in this instance is extremely dangerous.

The stolen data included:

  • Students’ names
  • Names of parents
  • Pictures of students attending pre-primary, primary, and secondary schools
  • Names of the schools' children attend
  • Birth certificates
  • Fee receipts
  • Student report cards/exam results
  • Home addresses
  • Phone numbers

The company's 96 school-specific apps are designed to facilitate online learning and allow parents and schools to communicate directly about their child's daily activities and academic progress. Over a million parents and over half a million pupils use the platform, according to the company's website.

Cybernews attempted to contact Appscook over the issue, but did not receive any response. 

A Major Threat to Students

The data leak has raised concerns over the possible exploitation of the personal information by the cyber criminals. The disclosure of personal details, including home addresses and images, raises the unsettling possibility that unscrupulous individuals may try to coerce parents out of their children by taking advantage of their vulnerability.

According to Vincentas Baubonis, Information Security Researcher at Cybernews, “The leaked data about minors could have dire consequences, as this information can put children at physical risk by revealing their daily whereabouts. It can also be used by someone with malicious intent to impersonate school officials or manipulate children and parents.” 

Threat actors could use the compromised personal information for identity theft, fraud, and targeted phishing attacks against the parents of these children, even though children might not be as vulnerable to digital fraud as adults are.

However, in the worst-case scenario, this data breach can increase the risk of child abuse. The researcher claims that uploading photos of kids online can draw unwelcome attention, even from predators.  

Read more »
Subscribe to: Posts (Atom)