The Federal Trade Commission (FTC) announced a settlement with online ad space seller OpenX Technologies Inc. on Wednesday, resolving allegations that the company improperly collected data from app users, purportedly opening the door to privacy violations on a huge scale, including against children. The agency’s press release said that the Department of Justice filed a complaint on its behalf against the California-based advertising platform for violations of the FTC’s Children’s Online Privacy Protection Act Rule (COPPA Rule).
According to the FTC, OpenX operates “a real-time bidding platform that monetizes websites and mobile apps by selling ad space.” Allegedly, OpenX reviewed hundreds of child-directed apps and passed the personal data it collected from those apps along to third parties that used it to target child audiences. “Because OpenX had knowledge that apps in the ad exchange were child-directed and that the company was collecting personal information from children under 13, the FTC alleged that it had violated the COPPA Rule,” the press release said.
The COPPA Rule requires that websites, apps, and online services that are child-directed or knowingly collect personal information from children notify parents and obtain their consent before collecting, using, or disclosing personal information from children under 13. The agency also accused OpenX of violating the FTC Act by lying about the fact that it collected geolocation data from users who opted out of that type of data collection.
In addition to the fine, OpenX must also delete the entirety of the ad request data it has collected to serve targeted ads, institute a privacy program to ensure COPPA Rule compliance, and end the collection and retention of personal data belonging to children under 13. The FTC unanimously approved both the filing of the complaint and the parties’ settlement in the Central District of California enforcement action.
OpenX posted a statement to their blog.