
Iconix Brand Group
has agreed to pay $250,000 to settle a Federal Trade Commission complaint that the company violated a federal law banning collection of data about children without their parents' consent.
The
FTC alleged that since 2006, Iconix collected personal information from children on sites for youthful clothing and accessory brands like Candies, Mudd and Bongo. The complaint and proposed settlement
were made public Tuesday.
In its complaint, the FTC alleges that Iconix collected registration information, including birthdates, of at least 1,000 children age 12 and under and then sent them
newsletters and enrolled them in sweepstakes. The FTC also alleged that Iconix allowed users under 13 to upload their photos and post personal information about themselves.
The commission said
these alleged practices violated the Children's Online Privacy Protection Act, or COPPA, which bans marketers from amassing or spreading personal data about children without their parents' permission.
In addition to promising to pay $250,000, Iconix agreed to destroy data collected in violation of federal law and to comply with the privacy law in the future. Iconix didn't admit wrongdoing as
part of the settlement. The company said in a statement that it "believes that any non-compliance was inadvertent and did not result in any harm to children or other users of its sites," but agreed to
the settlement to avoid a protracted dispute.
The case marks the 14th time that the FTC has brought an action to enforce the Children's Online Privacy Protection Act. Most recently, Sony BMG
Music agreed last December to pay $1 million for allegedly collecting names and other personal
information from at least 30,000 children.
Overall, the FTC has collected $3 million in civil penalties since the law went into effect in 2000.
Phyllis Marcus, a senior staff attorney with
the commission, attributes the alleged violations more to inattentiveness than a deliberate attempt to market to children. "Often the companies intend to comply with COPPA, but then build out
functionalities that don't comport with their privacy policies and don't test how the sites are actually functioning," she says.