The Federal Trade Commission (FTC) modified guidelines it issues to developers who make apps specifically for children. App developers have taken advantage of the soaring lucrative app market aimed at a younger audience that not only enjoys the fast-paced adrenaline rush of modern technology, but actually relies on technology for educational development, as more school districts have introduced the use of tablets in the classroom. The trouble is, however, with increasing and constant presence of adolescent online activity comes a greater degree of parental concern for their privacy.
The Children’s Online Privacy Protection Act (COPPA) was created primarily to protect children under the age of 13 from the collection of their personal data online for commercial use. The goal of COPPA is to keep parents in control of what their children under 13 are viewing and disclosing on the Internet. The FTC’s recent changes to a list of guidelines not only ensures that app developers and app stores notify parents of how their children are using apps, they also reaffirm these entities’ obligation to obtain verifiable parental consent before collecting personal information from children.
The FTC initially provided that charging a parental credit card was sufficient to satisfy parental consent, as the parent, at the very least, would see the charge on the monthly statement, and would have notice of the child’s activity on the website. In its revisions, the FTC now clarifies that a credit card need not be charged to obtain parental consent, so long as the collection of the credit card is supplemented with other effective safeguards, such as questions to which only parents would know the answer.
The FTC also revised its guidelines to establish that the developer of a child-related app may use a third party, such as an app store, to obtain parental consent on its behalf. In that instance, if the app store provides the required notice and consent verification prior to or at the time of the purchase of a mobile app for children under 13, the mobile app developer may rely on that consent.
Finally, the FTC suggested that it supports the creation of “multiple-operator” methods or common consent mechanisms – app stores that assist developers operating on their platform with providing a verifiable consent mechanism will not be held liable under COPPA so long as they do not “misrepresent the level of oversight [provided] for a child-directed app.”