Iconix Brand Group, Inc. will pay a $250,000 civil penalty to settle Federal Trade Commission charges that it violated the Children’s Online Privacy Protection Act (COPPA) and the FTC’s COPPA Rule by knowingly collecting, using, or disclosing personal information from children online without first obtaining their parents’ permission.
Iconix owns, licenses, and markets – both offline and online – several popular apparel brands that appeal to children and teens, including Mudd, Candie’s, Bongo, and OP. Iconix required consumers on many of its brand-specific Web sites to provide personal information, such as full name, e-mail address, zip code, and in some cases mailing address, gender, and phone number – as well as date of birth – in order to receive brand updates, enter sweepstakes contests, and participate in interactive brand-awareness campaigns and other Web site features. Since 2006, Iconix knowingly collected and stored personal information from approximately 1,000 children without first notifying their parents or obtaining parental consent, according to the FTC’s complaint. On one Web site, MyMuddWorld.com, Iconix also enabled girls to publicly share personal stories and photos online, according to the complaint.
“Companies must provide parents with the opportunity to say ‘no thanks’ to the collection and disclosure of their children’s personal information,” said FTC Chairman Jon Leibowitz. “Children’s privacy is paramount, and Iconix really missed the boat by denying parents control over their kids’ information online.”
The settlement order requires Iconix to pay a $250,000 civil penalty. The order also specifically prohibits Iconix from violating any provision of the FTC’s COPPA Rule, and requires the company to delete all personal information collected and maintained in violation of COPPA. The company is required to distribute the order and the FTC’s “How to Comply with the Children’s Online Privacy Protection Rule” to company personnel. The order also contains standard compliance, reporting, and record-keeping provisions to help ensure the company abides by its terms.
To provide resources to parents and their children about COPPA and about children’s privacy in general, the order requires the company to link to the Commission’s www.OnGuardOnline.gov Web site on any Iconix Web site that collects or discloses children’s personal information, and on any Iconix site that offers the opportunity to upload writings or images, to create publicly viewable user profiles, or to interact online with other Iconix site visitors.
The Commission vote approving the complaint and consent order was 4-0. On behalf of FTC, the Department of Justice is filing the complaint today in the U.S. District Court for the Southern District of New York, and submitting the consent order for the court’s approval.
NOTE: The Commission authorizes the filing of a complaint when it has “reason to believe” that the law has or is being violated, and it appears to the Commission that a proceeding is in the public interest. A complaint is not a finding or ruling that the defendant has actually violated the law. A consent order is for settlement purposes only and does not constitute an admission of a law violation. Consent orders have the force of law when signed by the judge.