The FTC Finalizes Epic Games' $245 Million Settlement Over Sketchy Video Game Billing Practices

The FTC Finalizes Epic Games' $245 Million Settlement Over Sketchy Video Game Billing Practices


On Tuesday, the Federal Trade Commission reached a $245 million settlement with Epic Games over their questionable billing practices. This payment follows their earlier $275 million fine which was also finalized last month.

Protecting young users' safety online while also granting them access to virtual spaces is a challenge faced by both gaming and social media companies. Unfortunately, protections that rely on users self-reporting their age are at best inadequate solutions.

Dark Patterns

In December, the FTC reached a $245 million settlement over Epic Games' use of dubious dark patterns to coerce players--particularly children--into making unintentional in-game purchases. This marks another step in their ongoing enforcement of children's privacy rights.

In accordance with the settlement, Epic must pay $245 million to refund customers for unauthorized in-game purchases and prohibit it from charging users without their express consent. It also prohibits it from using dark patterns to charge users and blocking those who dispute such charges.

In December, the FTC filed a complaint alleging Epic had misconfigured Fortnite's game buttons to enable users to make unauthorized purchases with credit cards. They claimed this was due to Epic's "counterintuitive, inconsistent, and confusing button configuration."

According to the FTC, Fortnite allowed children to purchase in-game items and services without parental authorization or consent. Furthermore, Epic blocked players from accessing their accounts and associated content in an effort to prevent them from disputing charges made against them.

Furthermore, the FTC asserts that Epic's billing practices were opaque and designed in such a way that made it difficult for users to determine if they were being charged for an in-game purchase. According to the agency, these actions violated both Children's Online Privacy Protection Act (COPPA) and federal regulations.

Another CPRA rule prohibits companies from asking for consent when processing personal information. However, the definition of "consent" under the law is vague. It states that consent is "a freely given, specific, informed, and unambiguous indication of the consumer's wishes which signifies agreement to the processing of his or her personal data for a narrowly defined particular purpose."

Furthermore, the CPRA requires businesses to include a prominent link on their website or app for customers to opt-out of collecting personally identifiable information for marketing purposes. Furthermore, businesses must guarantee that submitting an opt-out is simple and does not involve searching through text on their website or Privacy Policy.

Children’s Privacy

Children's Privacy

Child privacy is of utmost importance, and the Federal Trade Commission (FTC) has long placed emphasis on it. Thus, in 1998 COPPA was created to safeguard children's online safety. Under this law entities must give parents or guardians a privacy notice outlining how their personal data will be used and obtain parental consent prior to collecting and using such details. Furthermore, the FTC prohibits entities from sharing children's private information without parental approval or court orders.

Law requires entities to take reasonable steps to verify a parent or guardian's consent is valid. This could involve having them sign an agreement with the company, or asking them for video recording of themselves consenting to use of their child's personal information.

EPIC fully endorses COPPA and comprehensive federal privacy legislation that includes strong protections for children's personal information. We are currently advocating for a dedicated agency to fully safeguard children's online privacy, as well as legislation updating COPPA to reflect technological advancements and new data collection methods.

Despite these efforts, some social media and tech companies continue to violate COPPA. Many of these companies have also been caught breaking other federal laws.

Epic Games, creator of popular game Fortnite, has agreed to pay a $245 million settlement over deceptive data-collection practices that targeted gamers and caused them to make unintentional purchases. In addition to paying the fine, Epic will need to implement privacy settings designed to safeguard children's and teens' privacy rights.

These changes aim to prevent unauthorized charges from being applied to consumers' accounts, as well as offer users the chance to dispute those fees and receive refunds. Furthermore, the settlement forbids Epic from charging customers via dark patterns - user interface tricks which could entice players into making unwanted purchases or incurring unauthorized charges without their knowledge or consent.

The FTC stated it is working with parents to educate them about COPPA and other online privacy regulations, and Epic will have to take several measures in order to prevent future violations. Furthermore, the settlement requires Epic to create an internal policy outlining how it will handle children's personal information in accordance with COPPA guidelines.


Epic Games has reached a $245 million settlement regarding unethical practices in Fortnite, including charging consumers millions of dollars for purchases they didn't intend. The refunds go out to parents whose children used credit cards without permission between January 2017 and November 2018, as well as those players who were charged for unwanted items and locked out after disputing charges.

The Federal Trade Commission found that Epic Games "used dark patterns and other design features to deceive customers into making unauthorized purchases" in its popular game. Furthermore, it placed the link for requesting a refund in an inconvenient location and required customers to answer a series of questions before being able to claim their refund."

For instance, users had to go to a special website in order to dispute unauthorized charges; otherwise they'd be blocked from accessing all purchases. This created an atmosphere of fear around disputes as customers didn't want to risk losing their entire account and all the hours and money invested into it.

Another complaint the FTC filed against Epic related to its billing practices. According to the agency, Epic locked users' accounts if they attempted to dispute unauthorized charges and threatened them with permanent lockout if they didn't accept their requests.

These policies caused much friction between users and Epic. According to the agency, many people contacted customer support about unauthorized charges but were often denied a refund or given an inadequate response.

Consequently, the company faced many disgruntled customers. Despite this setback, they continued to make a healthy profit.

Overall, the settlement is a major victory for consumer protection. The FTC now requires video game companies to protect users' privacy and prevent their children from exposure to predatory tactics that could hurt them or others. Furthermore, this settlement includes the first-ever requirement to implement robust privacy default settings for children and teens that disable voice and text communications by default - setting an important precedent that other gaming and tech firms could follow.

Final Words

Final Verdict

Rarely does any video game developer ever envision their creation ending up in courtroom of the Federal Trade Commission (FTC). Yet that was exactly the outcome for Epic Games when two separate lawsuits were filed against them over Fortnite, a highly popular battle royale shooter game.

The complaints allege Epic violated the federal Children's Online Privacy Protection Act by collecting personal information about children without their parents' consent and by enabling voice chats in Fortnite without making it easy for kids to disable those features. Furthermore, billing and dispute processes created by Epic made it difficult for users to cancel or refund purchases made accidentally in-game.

In accordance with the settlement, the FTC has assessed Epic a $275 million fine for violating COPPA. Furthermore, they require Epic to create an extensive privacy program in response to FTC complaints and conduct regular independent audits.

In addition to the $275 million fine, Epic must also pay out $245 million in consumer refunds for using tactics that prompted customers to purchase in-game items they didn't want. It will also need to alter its billing and dispute systems so it no longer makes it difficult for players to cancel or refund purchases.

Another essential part of the settlement is that Epic must remove any personal information collected in violation of COPPA from all servers, helping ensure it does not continue collecting information from children under 13. In addition to this requirement, the FTC wants Epic to implement strong default settings for voice and text communications so all children under 13 cannot have these features enabled by default.

In the end, this settlement is a victory for consumers and the FTC. It marks one of the largest monetary penalties ever paid to the agency in a gaming case, as well as the first time that a game company has been ordered to develop a privacy program in response to an FTC complaint.

Related Articles