AOL Agrees to Pay Largest Ever Settlement Under Children's Privacy Law
The violations have to do with several ad exchanges that AOL operates and other exchanges the company used to place ads.
December 04, 2018 at 12:38 PM
5 minute read
AOL, now known as Oath Inc., has agreed to pay $4.95 million in penalties under violations of a federal law intended to protect the personal data of children on the internet—the largest settlement under that statute in U.S. history.
New York Attorney General Barbara Underwood said in a news release announcing the settlement that AOL violated the Children's Online Privacy Protection Act by conducting billions of auctions for ad space on hundreds of websites that it knew were aimed at young children.
The company, according to Underwood, collected, used and disclosed the personal information of individuals who used those websites. That allowed advertisers to place targeted ads to young children. The practice of collecting the personal data of children younger than 13 years old is a violation of COPPA, Underwood said.
“COPPA is meant to protect young children from being tracked and targeted by advertisers online. AOL flagrantly violated the law—and children's privacy—and will now pay the largest-ever penalty under COPPA,” Underwood said. “My office remains committed to protecting children online and will continue to hold accountable those who violate the law.”
Oath, which is owned by Verizon, is the main brand name for a conglomerate of internet companies, including AOL and Yahoo. A spokesman for the company said they were pleased to have the matter be resolved.
“We are pleased to see this matter resolved and remain wholly committed to protecting children's privacy online,” the spokesman said.
The violations have to do with several ad exchanges that AOL operates and other exchanges the company used to place ads.
Those exchanges conduct what could be described as a virtual auction. When a user opens a web page, information that's stored in their web browser is immediately sent to entities that can place a bid on ad space on behalf of an advertiser. The exchange collects several bids, selects a winner, and then allows the advertiser to serve an ad to the user. That entire process happens in a fraction of a second, allowing ads to be immediately placed based on a user's information.
Those ad exchanges are not allowed to use browser data, a user's Internet Protocol address, or other identifiers for advertising purposes on websites covered under COPPA, according to Underwood's office. Despite that rule, Oath is alleged to have done just that.
The company used its ad exchange to conduct billions of auctions for ad space on websites that it knew to be targeted toward users under the age of 13 and therefore subject to COPPA, Underwood's office said. Until recently, the company's exchange was apparently not capable of conducting a COPPA-compliant auction because its systems would collect information from users and disclose it to third parties.
Several AOL clients had informed the company that their websites were subject to the law. AOL had also determined on its own that certain websites were subject to COPPA. The company also had a policy prohibiting the use of its exchange to auction ad space on COPPA-covered websites to third parties, Underwood's office said.
Despite that policy, AOL continued to conduct at least 2 billion ad display auctions on those websites, according to Underwood's office.
The company also violated COPPA when it participated in auctions conducted by other ad exchanges. AOL operates a business that places bids through those exchanges, which are able to auction space in a manner compliant with COPPA. When information is passed to bidders through one of those auctions, the advertisers are expected not to use it when serving ads on COPPA-covered websites.
The systems at AOL, instead, ignored information that those websites were covered under COPPA and served ads like they usually would, Underwood's office said. A manager at the company based in New York is also said to have intentionally configured a client's account in a way that would violate COPPA in order to increase ad revenue. The manager also falsely told the client on more than one occasion that AOL's ad exchange could be used to sell ad space to third parties in a COPPA-compliant manner, Underwood's office said.
AOL has since agreed to destroy any personal information it's collected from children that is either in its possession or that it controls unless its required to be maintained by law. The company will also have to establish a new program to ensure its compliance with COPPA under the settlement, according to Underwood's office.
The settlement was handled within the internet and technology bureau at the Attorney General's Office by Assistant Attorney General Jordan Adler and Deputy Bureau Chief Clark Russell, under the supervision of Bureau Chief Kim Berger.
READ MORE:
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllAttorneys 'On the Move': Structured Finance Attorney Joins Hunton Andrews Kurth; Foley Adds IP Partner
4 minute readNY Civil Liberties Legal Director Stepping Down After Lengthy Tenure
Former Top Aide to NYC Mayor Is Charged With Bribery Conspiracy
Trending Stories
- 1Senate Judiciary Dems Release Report on Supreme Court Ethics
- 2Senate Confirms Last 2 of Biden's California Judicial Nominees
- 3Morrison & Foerster Doles Out Year-End and Special Bonuses, Raises Base Compensation for Associates
- 4Tom Girardi to Surrender to Federal Authorities on Jan. 7
- 5Husch Blackwell, Foley Among Law Firms Opening Southeast Offices This Year
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250