Jam City Settles with California AG Over CCPA Violations
Jam City, a mobile game developer,โ recently reached a settlement withโฃ the California Attorney General (AG) regarding alleged violations of the California Consumer โPrivacy Act (CCPA). The complaint centered on deficiencies in the company’s handling of consumerโฃ data, particularly concerning opt-out โคmechanisms โfor โtargetedโ advertising and protections for โฃminors.
Details ofโฃ the Allegations
The AG’s complaint highlighted two primary areas of concern.first,โ Jam โcity’s method for โขallowingโ consumers to โขopt-out of targeted advertising – via email – was deemed insufficient under CCPA requirements. The law mandates a more robust andโ easily accessible opt-out process.
Second,โค the complaintโ focused on theโ handling of personal facts belonging to โคusers under the ageโฃ of 16. While Jam โคCity implemented an age gate to collect user age data,โ it allegedly failedโค to consistently apply appropriate protections based โขonโฃ this information. Specifically,six of Jam City’s games did not automatically direct users aged 13-16โค to a “child โexperience” version of the game,which blocked the “sale” of their personal โinformation,resulting in the unauthorized “sale” ofโ their data.
Legal Violations โcited
the complaint alleged jam City violated โboth the โCCPA (Cal. Civ. Code ยง โข1798.100 et seq.) and โCalifornia’s Unfair Competition Law (Cal. Bus. & Prof. Code ยง 17200 et โขseq.). Theโ CCPA violations stemmed fromโ “selling” and “sharing” โคconsumer information without a compliant opt-out process and “selling” the data of minors (ages 13-16) without obtaining necessaryโฃ consent. The Unfair Competitionโ Law violationโ was alleged as a โconsequence ofโค the CCPA breaches.
Terms โขof the Settlement
As part of the settlement judgment, Jam City agreed to the following:
* โ Civil Penalty: Pay a $1.4 โฃmillion civil penalty to the state of California.
* Improved Opt-Out Mechanisms: Implement clear and conspicuous โฃopt-out links for targeted โadvertising on both its mobile โคapplicationsโฃ and website, ensuring compliance with legal requirements.
*โ Enhanced โขAge Screening: Implement age screening methods that do not defaultโข to โฃages 16 or โover and avoidโฃ suggesting limited functionality โforโค usersโ who identify โคas underโข 16.The company will provideโฃ “child versions” of its applications to all users under 13 and to those between 13 and 16 who do not โconsent to the sale of their personal information.
* Compliance Program: Establish a extensive compliance โขprogram to regularly assess and monitorโ theโ effectiveness of its opt-out mechanismsโ and ensure adherence to obligationsโ regarding minor users.
* โข Monitoring and Reporting: โSubmit to โขthree years of monitoring and reporting requirements, including regular compliance reports to the California AG’s office.
Key Takeaways
Thisโค settlement underscores the California AG’s continued focus on fundamental CCPA compliance,โ particularly regarding accessible opt-out mechanisms. The $1.4 million penalty demonstratesโ the โAG’s โwillingness to pursueโฃ substantialโ monetary settlementsโข when businesses fail โขto implement required data privacy controls.
The case also highlights the importance of properly implementing โขand utilizingโ age screening features. โRegulators may โขassume a business is aware of a consumer’sโ age if an age gate is used, and failure to thenโฃ apply appropriate โฃCCPA-required controls based on that information can lead to increased scrutiny.
Disclaimer: This summary is for informational purposes only โandโ does not constitute legal advice. consult with legal counsel for advice tailored to your specific situation.