FarmViller player runs up £900 debt, could be sued by mother?

The Guardian reports “a mother has warned of the risk of children spending hundreds of pounds on ‘free’ online games available through Facebook after her 12-year-old son ran up bills of more than £900 without her knowledge“.  This raises interesting issues about the extent to which she could recover her losses: in a nutshell, only if she sues her son.  (Which she won’t, obviously, but it let me write a slightly more interesting headline than usual.)

But seriously – the issue of recovering loss suffered through inadvertant spending on a social game is an interesting one and I think this case is just a taste of things to come.  The facts according to the Guardian are that “last month [the mother’s] son…spent more than £900 on FarmVille. He had emptied his own savings account of £288 and had used her credit card to the tune of £625 to pay the bills“.  She apparently tried to obtain redress from Zynga, who refused.  Facebook has disabled her son’s account.  She tried to call HSBC to ask for a refund, but she was “told she would only qualify for a refund if she reported her son to the police and obtained a crime number“.

Sounds rather sensationalist, I know, but HSBC were right: under consumer credit legislation, a credit card company is only obliged to offer a refund to a consumer if the card has been used fraudulently/for criminal purposes, so the mother would have to report her son to the police in order to be able to claim that refund.  Which, obviously, she didn’t want to do as it would involve her son being given a criminal caution!

There might be a bit more of an argument over Zynga’s receipt of the money, but I imagine they may argue that they’re right to have refused a refund on the basis that, while in fact they may have received the money without the authorisation of the owner of the money, they accepted that money in good faith without knowledge that the son did not have his mother’s authorisation to use her credit card.  Is that sufficient?  Hmm. One to think about…

Anyway.  The Guardian article goes on to say:

She does not blame Facebook, Zynga or HSBC, saying that her son was the one using the card and is entirely at fault. But she added: “I do think they need to shoulder some responsibility in this business and put systems in place to stop this happening again. The fact that he was using a card in a different name should bring up some sort of security and the online secure payment filter seems to be bypassed for Facebook payments.”

A spokeswoman for HSBC said that had the credit card been used on a gambling site it would have started alarm bells ringing for “unusual usage”. But because the card had been used to buy Facebook credits HSBC did not consider the transactions to be suspicious, even though £625 was spent in just two weeks

The idea that Facebook’s social games platform did not put adequate safeguards in place to ensure that a child cannot use a card in another person’s name is an entirely valid parental consideration, but is that really Facebook’s responsibility?  Perhaps the mother is right that there should have been some additional security involved which the son could not breach but ultimately, no matter how many levels of security you impose, if a child obtains all the relevant details from his/her parent then it it’s difficult to see why the games company/web site should be at fault.

This incident also may have implications for banks and other consumer finance providers – is it right that spending substantial and unusual amounts of money on social games in a short period of time should not qualify as “unusual usage“?  Looking at it another way, if your card is used to spend a lot of money on social games currncy in a short period with no prior record of such purchases, should your bank give you a friendly call to make sure you authorised the payments?  Answers on a postcard please…


Bottom line: money is pouring into social games companies, but it’s just a matter of time before they have to deal with real issues of consumer credit liability and fraud.  Best for everyone to get the proper safeguards in place now.


[Image credit: Zynga]

Follow us at http://www.twitter.com/gamerlaw or subscribe to our weekly email newsletter here

1 comment

  1. I think it's only reasonable for banks to keep an eye on unusual activity, especially online. A few years ago when I moved house my parents were constantly having to take security checks in shops due to their buy a lot for the house in a new location. It got a bit ridiculous after a while, but there's no reason that they can't do this online as well.

    It also lies with the parents to ensure their kids don't get hold of their details. I know when the time comes that I become a parent, my card and bank details will be kept in a safe place, well out of reach (not that they aren't anyway). Letting your children get hold of your credit card details is nothing short of irresponsible, and this just goes to show why.

Comments are closed.