Firm Fined for Child Data Protection Breach

US clothing firm Iconix is to pay a $250k civil penalty to settle Federal Trade Commission (FTC) charges that it violated child privacy Act COPPA by knowingly collecting, using, or disclosing personal information from children online without first obtaining their parents' permission.

Iconix produces a number of apparel brands for children and teens. The firm required consumers on many of its brand-specific web sites to provide personal information such as full name, e-mail address, zip code, gender, phone number, and date of birth, in order to receive brand updates, enter competitions, and participate in brand awareness campaigns.

According to the FTC's complaint, since 2006, Iconix knowingly collected and stored personal information from around 1,000 children, without first notifying their parents or obtaining parental consent. On one web site - MyMuddWorld.com - Iconix also enabled girls to share personal stories and photos online, according to the complaint.

'Companies must provide parents with the opportunity to say 'no thanks' to the collection and disclosure of their children's personal information,' said FTC Chairman Jon Leibowitz. 'Children's privacy is paramount, and Iconix really missed the boat by denying parents control over their kids' information online.'

COPPA (the Children's Online Privacy Protection Act) requires operators of web sites that collect personal information about children under 13 years old to notify parents and obtain their consent before collecting, using, or disclosing any such information.

Web site: www.ftc.gov .