On Wednesday the FTC held a press conference to announce changes to the Children’s Online Privacy Protection Act, bringing it up to date with today’s mobile and social technologies. The original rule was created to obtain permission from parents before data about kids was collected from websites directed to children. The updates include more specific definitions on the types of services, data, and contexts where all of this is happening.
A summary of the changes are outlined on the Bureau of Consumer Protection. Most notable to me is the specified accountability of the app developer. The “operator that designs and controls the child-directed content” is the one on the hook, not the app store. This detail alone prompts me to abandon my dream of seeing a dedicated “kids app store” from Apple or Google, since that type of designation might increase their accountability in this area.
Also, any non-native services in the app (services not built by the developer but integrated from a 3rd party like an ad network or a social network), need to comply if they know kids are using the service. Developers of apps for kids may feel pressured to keep their apps simple and void of integrated services, if there is any doubt the service will trigger COPPA.
Upon processing all of this, I still feel optimistic about the marketplace and its potential opportunities. Kids’ App Developers aren’t wading in quicksand anymore. The law has been finalized, and this knowledge can be used as a catalyst to build COPPA-compliant tools. How about a data analytics company that uses and stores information according to FTC guidelines? Or how about a mobile version of parental consent, so everybody wins when a parent “opts in” to a cool new service to help understand their child’s learning patterns?
I believe there is so much waiting to be invented in the area of “child-privacy by design”. I hope that the serious developers, the ones it it for the long haul, are not deterred.
As a developer, I think that we need to take responsibility for any 3rd-party services that we integrate into our apps. This means doing our due diligence, researching the service, and asking hard questions… and not using the service if the 3rd-party is unwilling to provide transparency.
Hopefully, this will open up opportunities for agile start ups willing to provide 3rd-party services that comply with COPPA.
Hi @David, that is what I’m hoping, and trying to encourage.