Verizon’s Oath Settles AOL’s Violation of Children’s Online Privacy for $4.95M

Oath Settles Aol Violations

Oath, a Verizon subsidiary that manages a number of media, technology, and communication brands, agreed to pay $4.95 million to settle AOL’s alleged violation of children’s online privacy.

The media company reached the settlement agreement with the New York Attorney General’s office. The settlement is the largest penalty in an enforcement action against a company found in violation of the Children’s Privacy Protection Act (COPPA).

In a statement, New York Attorney General Underwood, said, “COPPA is meant to protect young children from being tracked and targeted by advertisers online. AOL flagrantly violated the law – and children’s privacy – and will now pay the largest-ever penalty under COPPA.”

“My office remains committed to protecting children online and will continue to hold accountable those who violate the law,” added Underwood.

The Attorney General’s office found that AOL’s ad exchanges have been violating COPPA until last year. The company conducted billions of auctions for ad space on hundreds of websites. It collected, used, and disclosed personal information from the website’s users and allowed advertisers to track and served targeted ads to children under the age of 13. AOL’s actions violate children’s online privacy.

Additionally, the Attorney General’s office determined that an AOL account manager in New York willfully violated COPPA to increase the company’s revenue.

AOL to adopt comprehensive reforms to protect children’s online privacy

The Attorney General’s office required AOL to adopt comprehensive reforms in its policies and procedures to protect children from improper tracking. Such reforms include the following:

  • Establishing and maintaining a comprehensive COPPA compliance program;
  • Annual COPPA training for relevant AOL personnel;
  • Identification of risks that could result in AOL’s violation of COPPA;
  • Design and implementation if reasonable controls to address the identified risks, and regular monitoring of the effectiveness of those controls;
  • Development and us
  • e of reasonable steps to select and retain service providers that can comply with COPPA
  • Hiring an objective, third-party professional to assess its privacy controls

AOL also agreed to destroy all the personal information of children in its possession.