Business Blog
Where in the world? Warning letters address geolocation and COPPA coverage
Remember that public service announcement: “It’s 8:00. Do you know where your children are?” Technology has given parents tools for answering that question. But under the Children’s Online Privacy Protection Rule, online services touted as ways to keep kids connected need to comply with key parental notice and consent provisions of COPPA – especially when they’re collecting children’s geolocation. That’s the message of two warning letters just sent by FTC staff. But the letters send another important message about the reach of COPPA.
Gator Group Co., Ltd., is a company based in China that advertises a device and an app called the Kids GPS Gator Watch, marketed as a “child’s first cell phone.” Among other things, it gives a user the capability to track the child wearing the watch, enable remote voice monitoring, and set an alarm if he or she leaves a geo-fenced safe zone.
Stockholm, Sweden-based Tinitell, Inc., markets a mobile phone and app “designed for kids, with calling and smart location features.” Also worn like a watch, the product lets users locate the child, call the child, add contacts, etc.
Even if parents choose to use products designed to provide their kids’ geolocation, it’s important that they have a clear picture upfront of how companies will use that information. And it’s just as important for companies to get parents’ verifiable express consent in advance and to provide the other protections guaranteed by COPPA – for example, to maintain reasonable procedures to secure kids’ personal information.
But according to the letters from FTC staff, both Gator Group and Tinitell appeared to collect children’s precise geolocation, but may not have provided direct notice to parents of their information collection practices. What’s more, it doesn’t look like the companies comply with the COPPA requirement that they get verifiable parental consent before collecting, using or disclosing children’s personal information.
If your clients have websites or online services outside the U.S., take particular note of two sentences in the letters:
The COPPA Rule applies to foreign-based websites and online services that are involved in commerce in the United States. This would include, among others, foreign-based sites or services that are directed to children in the United States, or that knowingly collect personal information from children in the United States.
Also cc:ed on the letters are the Apple iTunes and the Google Play Store, which make the apps available to consumers in their stores.
The FTC has resources to help companies streamline their COPPA obligations. If you work with businesses covered by COPPA, is it time for a compliance check?
It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.
The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.
We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.