Are you considering launching a mobile application (app) or game? While this can be a great way to extend your company's brand, make sure you understand the privacy protection laws that exist when engaging with children. This article is a good place to start.
What are the privacy laws in the United States
The Children’s Online Privacy Protection Act (COPPA) applies to any commercial website or online service that collects personal information from children under 13 years old. The collection of personal information from a child under 13 without prior parent approval will result in a COPPA violation of up to $16,000 per download. In 2014, Yelp paid a $450,000 fine to the FTC for improper collection of children’s information without explicit parental consent.
Are you liable?
COPPA applies to any commercial website or online service directed to children to under 13, but also applies to any general audience website that knowingly collects personal information from children. The FTC determines whether your website is directed to children based on subject matter, visual or audio content, the age of models used, language, the use of animated characters or child-oriented features. If your app looks like a kid might want to play it or use it, you should abide by COPPA rules to avoid violations.
What is considered personally identifiable information (PII)?
Personally identifiable information can be as little as a child’s username. COPPA covers a wide range of personal information such as full name, home address, email address, telephone number, hobbies, interests, and geolocation. Verifiable parental consent must be obtained before any personal information can be collected. Even publishing a child's user name to a public leader board with their high score can be a violation of COPPA.
How do I obtain verifiable parental consent?
COPPA allows five methods of obtaining verifiable parental consent.
- Getting a signed form from the parent via postal mail or facsimile.
- Accepting and verifying a credit card number in connection with a transaction.
- Taking calls from parents, through a toll-free telephone number staffed by trained personnel.
- Taking video-conference calls staffed by trained personnel.
- Email accompanied by digital signature.
Dynepic is here to help!
Dynepic's IoToys Services are not just for toys as they allow mobile developers to include the IoToys Verified Parent Login in their application to ensure verifiable parental consent is received before a child engages in the application where PII is collected. The plugin is much like a Facebook login but it is focused on helping app developers and toy companies meet COPPA regulations and it gives Parent's a single login to manage the permissions and monitor usage for their children's digital apps, games, and smart toys.
Have questions or want help developing your first app? Feel free to contact us.