Xanga.com, a social networking and blog site, has been ordered to cough up $1 million in a settlement with the Federal Trade Commission for violating the Children’s Online Privacy Protection Act.
The FTC said in a statement Thursday that Xanga, which has been in operation since 1999, had been letting people create accounts even if the dates of birth they entered indicated that they were under the age of 13. The terms of the child-privacy act, enacted in 1998, stipulate that parental notification and consent are required in order for a commercial Web site, including a social networking service, to collect personal information from children under the age of 13.
In addition, the FTC alleged that Xanga’s policies regarding children were not sufficiently clear on its site and that parents were not provided a means to access and control their children’s information. It is estimated that over the past five years, a total of 1.7 million Xanga accounts had been registered with a birth date that implied the person was under 13. Overall, privately held Xanga has 25 million registered users.
The $1 million penalty is the largest fine ever imposed for a violation under the child-privacy act, the FTC said. Mitchell Katz, an FTC spokesman, said the highest fine previously was $475,000 collected in 2004 from UMG Recordings and Bonzi Software in a dual settlement. In that situation, personal information was similarly collected from people who registered with birth dates that indicated they were under 13, and no parental notification was given.
Xanga CEO John Hiler said in a statement in response to the settlement that many of the 1.7 million “under 13” birth dates may have actually referred to pet birthdays, engagement dates and “born-again” dates for religious bloggers. Nevertheless, Hiler’s statement also announced that Xanga is initiating new rules and standards to make the site better attuned to child safety.