In the FTC’s first case involving mobile apps, the FTC announced on August 15 that a mobile app developer has agreed to pay $50,000 to settle FTC charges that it violated the Children’s Online Privacy Protection Act (COPPA) and the FTC’s COPPA Rule (16 C.F.R. § 312). The settlement also requires the defendants to refrain from future violations of the COPPA Rule and to delete all personal information collected in violation of the Rule.
The developer, W3 Innovations, LLC, doing business as Broken Thumbs Apps, as well as the company’s president and owner, Justin Maples, develop and market mobile apps for the iPhone and iPod Touch that allow users to play games and share information. Several of the apps were targeted to children and were listed in the “Games-Kids” section of Apple’s App Store.
The FTC charged that Broken Thumbs and Maples used a number of the apps to collect and disclose the personal information of tens of thousands of children under 13 without first obtaining verifiable consent from their parents. For example, the apps encouraged children to email comments and blog postings to “Emily”, a character featured in the apps. These included “shout-outs” to friends and requests for advice. As a result of these submissions, the defendants collected and stored thousands of email addresses from users of the apps. The apps also permitted children to publicly post information, including personal information, to online discussion groups. The FTC asserted that both practices violated its COPPA Rule, which requires the operators of websites to notify parents and obtain their consent before the collection, use or disclosure of children’s personal information. According to the FTC, the apps also violated the COPPA Rule by failing to post clear, understandable and complete notice of their information collection practices.
This settlement highlights the FTC’s increasing interest in and scrutiny of the data collection and use practices of mobile applications. The COPPA Rule as currently drafted applies to children’s personal information collected online, but the FTC is reviewing the COPPA Rule to determine, among other things, if it should also apply to mobile technologies. In the interim, it is clear from the Broken Thumbs settlement that the FTC is keeping an eye on the burgeoning use of mobile apps and is willing to use the COPPA Rule to enforce their compliance with COPPA.