TikTok Settles FTC
COPPA Case for $5.7M
February 28, 2019
operators of the video social networking app Musical.ly, now known as
TikTok, have agreed to pay $5.7 million to settle Federal Trade
Commission allegations that the company illegally collected personal
information from children. This is the largest civil penalty ever
obtained by the Commission in a children’s privacy case.
The FTC’s complaint, filed by the Department of Justice on behalf of the
Commission, alleges that Musical.ly violated the Children’s Online
Privacy Protection Act (COPPA), which requires that websites and online
services directed to children obtain parental consent before collecting
personal information from children under the age of 13.
“The operators of Musical.ly—now known as TikTok—knew many children were
using the app but they still failed to seek parental consent before
collecting names, email addresses, and other personal information from
users under the age of 13,” said FTC Chairman Joe Simons. “This record
penalty should be a reminder to all online services and websites that
target children: We take enforcement of COPPA very seriously, and we
will not tolerate companies that flagrantly ignore the law.”
The Musical.ly app allowed users to create short videos lip-syncing to
music and share those videos with other users. To register for the app,
it required users to provide an email address, phone number, username,
first and last name, a short biography, and a profile picture. Since
2014, more than 200 million users have downloaded the Musical.ly app
worldwide, while 65 million accounts have been registered in the United
In addition to creating and sharing videos, the app allowed users to
interact with other users by commenting on their videos and sending
direct messages. User accounts were public by default, which meant that
a child’s profile bio, username, picture, and videos could be seen by
other users. While the site allowed users to change their default
setting from public to private so that only approved users could follow
them, users’ profile pictures and bios remained public, and users could
still send them direct messages, according to the complaint. In fact, as
the complaint notes, there have been public reports of adults trying to
contact children via the Musical.ly app. In addition, until October
2016, the app included a feature that allowed users to view other users
within a 50-mile radius of their location.
The operators of the Musical.ly app were aware that a significant
percentage of users were younger than 13 and received thousands of
complaints from parents that their children under 13 had created
Musical.ly accounts, according to the FTC’s complaint.
The complaint alleges that the operators of the Musical.ly app violated
the COPPA Rule by failing to notify parents about the app’s collection
and use of personal information from users under 13, obtain parental
consent before such collection and use, and delete personal information
at the request of parents.
In addition to the monetary payment, the settlement also requires the
app’s operators to comply with COPPA going forward and to take offline
all videos made by children under the age of 13.
Commission vote to authorize the staff to refer the complaint to the
Department of Justice and to approve the proposed consent decree was
5-0. Commissioner Rohit Chopra and Commissioner Rebecca Kelly Slaughter
issued a separate statement.
The DOJ filed the complaint and proposed consent decree on behalf of the
Commission in the U.S. District Court for the Central District of
California. NOTE: The Commission authorizes the filing of a complaint
when it has “reason to believe” that the law has been or is being
violated, and it appears to the Commission that a proceeding is in the
public interest. Consent decrees have the force of law when approved and
signed by the District Court judge.
The FTC would like to thank the Better Business Bureau’s Children’s
Advertising Review Unit (CARU) for helping to bring attention to this