Where in the world? Warning letters address geolocation and COPPA coverage

Share This Page

Remember that public service announcement: “It’s 8:00. Do you know where your children are?” Technology has given parents tools for answering that question. But under the Children’s Online Privacy Protection Rule, online services touted as ways to keep kids connected need to comply with key parental notice and consent provisions of COPPA – especially when they’re collecting children’s geolocation. That’s the message of two warning letters just sent by FTC staff. But the letters send another important message about the reach of COPPA.

Gator Group Co., Ltd., is a company based in China that advertises a device and an app called the Kids GPS Gator Watch, marketed as a “child’s first cell phone.” Among other things, it gives a user the capability to track the child wearing the watch, enable remote voice monitoring, and set an alarm if he or she leaves a geo-fenced safe zone.

Stockholm, Sweden-based Tinitell, Inc., markets a mobile phone and app “designed for kids, with calling and smart location features.” Also worn like a watch, the product lets users locate the child, call the child, add contacts, etc.

Even if parents choose to use products designed to provide their kids’ geolocation, it’s important that they have a clear picture upfront of how companies will use that information. And it’s just as important for companies to get parents’ verifiable express consent in advance and to provide the other protections guaranteed by COPPA – for example, to maintain reasonable procedures to secure kids’ personal information.

But according to the letters from FTC staff, both Gator Group and Tinitell appeared to collect children’s precise geolocation, but may not have provided direct notice to parents of their information collection practices. What’s more, it doesn’t look like the companies comply with the COPPA requirement that they get verifiable parental consent before collecting, using or disclosing children’s personal information.

If your clients have websites or online services outside the U.S., take particular note of two sentences in the letters:

The COPPA Rule applies to foreign-based websites and online services that are involved in commerce in the United States. This would include, among others, foreign-based sites or services that are directed to children in the United States, or that knowingly collect personal information from children in the United States.

Also cc:ed on the letters are the Apple iTunes and the Google Play Store, which make the apps available to consumers in their stores.

The FTC has resources to help companies streamline their COPPA obligations. If you work with businesses covered by COPPA, is it time for a compliance check?

Comments

This type of tracking technology is a double edged sword, it can work for you or against you, just depends on the character of the program overseer and or hackers.

Add new comment

Comment Policy

Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system (PDF), and user names also are part of the FTC’s computer user records system (PDF). We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.