Remember that public service announcement: “It’s 8:00. Do you know where your children are?” Technology has given parents tools for answering that question. But under the Children’s Online Privacy Protection Rule, online services touted as ways to keep kids connected need to comply with key parental notice and consent provisions of COPPA – especially when they’re collecting children’s geolocation. That’s the message of two warning letters just sent by FTC staff. But the letters send another important message about the reach of COPPA.
Gator Group Co., Ltd., is a company based in China that advertises a device and an app called the Kids GPS Gator Watch, marketed as a “child’s first cell phone.” Among other things, it gives a user the capability to track the child wearing the watch, enable remote voice monitoring, and set an alarm if he or she leaves a geo-fenced safe zone.
Stockholm, Sweden-based Tinitell, Inc., markets a mobile phone and app “designed for kids, with calling and smart location features.” Also worn like a watch, the product lets users locate the child, call the child, add contacts, etc.
Even if parents choose to use products designed to provide their kids’ geolocation, it’s important that they have a clear picture upfront of how companies will use that information. And it’s just as important for companies to get parents’ verifiable express consent in advance and to provide the other protections guaranteed by COPPA – for example, to maintain reasonable procedures to secure kids’ personal information.
But according to the letters from FTC staff, both Gator Group and Tinitell appeared to collect children’s precise geolocation, but may not have provided direct notice to parents of their information collection practices. What’s more, it doesn’t look like the companies comply with the COPPA requirement that they get verifiable parental consent before collecting, using or disclosing children’s personal information.
If your clients have websites or online services outside the U.S., take particular note of two sentences in the letters:
The COPPA Rule applies to foreign-based websites and online services that are involved in commerce in the United States. This would include, among others, foreign-based sites or services that are directed to children in the United States, or that knowingly collect personal information from children in the United States.
Also cc:ed on the letters are the Apple iTunes and the Google Play Store, which make the apps available to consumers in their stores.
The FTC has resources to help companies streamline their COPPA obligations. If you work with businesses covered by COPPA, is it time for a compliance check?
2 Comments
Read Our Privacy Act Statement
It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.
Comment Policy
This is a moderated blog; we review all comments before they are posted. We expect participants to treat each other and the bloggers with respect. We will not post comments that do not comply with our commenting policy. We may edit comments to remove links to commercial websites or personal information before posting them.
We won’t post:
Comments submitted to this blog become part of the public domain. To protect your privacy and the privacy of others, please do not include personal information. Also, do not use this blog to report fraud; instead, file a complaint.