The Federal Trade Commission is trying to stick its finger in the dike to keep the North Sea of privacy concerns back.  The FTC recently issued a staff report “Mobile Apps for Kids: Current Privacy Disclosures are Disappointing” (.pdf) demonstrating that, besides having a sense of humor, the FTC thinks mobile app developers are skirting the edges of the Children’s Online Privacy Protection Act (COPPA).  Perhaps some of you remember the days of signing onto the AOL homepage, using dial-up of course, hearing “You’ve Got Mail!” and being directed to “children’s only” websites. Of course, what I personally didn’t realize when I was 11 was that all I had to do was type in URLs to the address bar and I could escape the kid-friendly confines.  Congress did, and in 1998, they passed COPPA as a way to protect children under 13 and their personal information from data-mining.  Websites must ask for parental permission before collecting data on children under 13.  This law is the reason we’re constantly asked if we are over 13.  Most websites find it easier to simply deny access to children covered by COPPA.  iTunes, for example, will not create an account for anyone under 13, since it must gather their personal information for billing purposes.  That does not mean that children under 13 are not using the apps iTunes sells.  And the FTC’s report seems to think that Apple and Google could be more careful when dealing with COPPA’s requirements.

There’s no question that children under 13 are using our mobile apps.  We’ve all seen videos of babies trying to use magazines like iPads.  (If you haven’t, here’s a compilation.)  Apps are being advertised for children, even young children.  An app that reads “There’s a Monster at the End of This Book!” isn’t targeted to single young professionals.  (Although . . . .)  Generally, apps are able to gather personal information, such as your physical location and your address book.  While many app users recognize this data mining as, at best, a necessary evil, if it occurs in apps marketed for children under 13 without parental consent, it might violate COPPA.

Briefly, the  FTC’s report looked at both Android and iPhone apps.  The stores have different approaches to “sensitive capabilities,” like location-tracking or data-mining.  Android requires “permission” before an app can activate its sensitive capabilities.  76% of the 182 Android apps marketed for children required “permission”- 60% asking for full Internet Access.  Apple screens their apps beforehand, making sure that their apps do not target minors for data collection. However, this process happens before the apps are placed on the market, so the FTC staff was unable to evaluate the process.  The Staff report concluded that there was insufficient information available to parents about the potential for data-mining.

Sunlight is the best disinfectant, as the Justice Brandeis quote goes, so it isn’t surprising that the FTC concluded that more information is necessary.  But is another series of “I agree” prompts really going to solve what most parents are worried about with kids and apps: the bill?  Horror stories abound of the child who racks up an enormous bill streaming data or buying in app upgrades.  Parents need to keep a closer eye on their children, sure.  And there are other fixes, like changing the settings to require a password before purchases are authorized and not allowing children to have their own iTunes account.  But, even if everyone did use the strictest controls on their phones, it is not difficult for a child to nevertheless get around the controls.  As my peers and I learned at 12, you only need to say “Yes, I am over 13” and subtract a year or two from your birth date to get past the average Internet age restriction.  Is there any real way to ensure that children’s information is safe (and that they aren’t slowly draining their parents’ bank account) while maintaining the ease of access this blogger values in mobile apps?

— Caitlin Angelette

Image Source

Tagged with:

2 Responses to Ask Your Parents’ Permission Before Using iPhones

  1. Caitlin Angelette says:


    You may be right that the policy rationale from 1998 is less than persuasive today, but I think that the solution to the problem you highlight isn’t in legislation. It’s a problem that app makers need to address, since it’s a balance between ease of use of apps for those of us who can pay and preventing rampant in-app purchasing by children.

  2. Kevin Lumpkin says:

    I wonder if the policy rationale behind COPPA isn’t outdated in today’s age of apps. Let’s break down two scenarios. In one, Angry Birds is collecting a datamining 10-year-old for purposes of displaying more targeted ads. In the other, Angry Birds has shiny little buttons in the middle of the game that one can press to buy extra birds for a level.

    If I were the parent of an app-obsessed child, I would be a lot more worried about the latter scenario. I think most parents probably would. But that’s not where the dialogue largely is around privacy protections for children on the Internet, and that’s not where the law is.