There always seems to be news developing around how companies deal with the Children’s Online Privacy Protection Act of 1998. The latest bit of drama comes to use from the app field where Apple, Amazon and potentially Google are wrestling with the FTC over the sale of apps to kids.
Apps and Kids
It goes without saying that apps are all the rage these days. They turn tablets and smartphones into so much more. Ah, but how does a business meet its compliance obligations when kids under 13 years old desire to purchase these software programs? In fact, how do you avoid the compliance burden of COPPA?
Large companies such as Apple and Amazon have developed a simple, but ingenious approach. These companies require parents to open accounts with their stores. Since the stores tend to have apps directed at adults in far larger numbers than those directed at kids, the companies can argue the sites are general audience in nature and COPPA compliance is not required. The companies then take one additional step to avoid COPPA issues by requiring parents to add any information regarding their kids to the account.
How does this approach eliminate concerns about COPPA? An online operator must only comply with COPPA if the platform in question is directed at children under 13 or it has actual knowledge of such kids participating on the site. In this case, the “directed at children” requirement is already dealt with, but what about “actual knowledge?” The FTC has indicated COPPA compliance is not required where the information about the child is provided directly by a parent. By requiring parents to open accounts and add information about their kids, Amazon, Apple and Google arguably avoid the need to comply with COPPA.
It can be argued, however, that it is the kids in these plans that are providing the key personal information. After all, companies can track these children online across multiple websites to gather information and build marketing profiles. This data is considered “personal information” under the new COPPA Rule issues in 2013. Doesn’t this suggest COPPA compliance is required? Technically the answer is yes, but the practical situation suggests the answer is no.
The purpose of COPPA is essentially to give parents more control over the information collected from their kids online. If the FTC filed suit over alleged COPPA violations in this instance, the Agency would face an uphill battle in proving its case. If the point of the law is to provide parents with information control, what greater control can there be than requiring the parents to establish the account and provide a payment method for purchases through it? This is far more than is required under COPPA if the child opens an account directly.
Litigation attorneys are famous for using time-tested tactics that are still useful arguing cases today. One tactic concerns the use of common sense by a jury. Counsel will address the jury and state, “You are going to be instructed regarding the law applicable to this case by the judge. At no point will his Honor ever tell you to ignore common sense when deciding this case.” The fact parents open these accounts and provide payment mechanisms is a common sense indication of control the FTC is going to have difficulty arguing around. In fact, the FTC appears to have abandoned all COPPA claims in pursuing Apple and Amazon.
The actual question in these disputes is how much notice should companies be required to give parents regarding purchases by kids through these accounts and, if the parent objects, how hard should it be to get a refund?
The FTC asserts companies should be required to get the explicit approval of parents before allowing purchases. Companies have responded differently to this assertion. To be blunt, Apple caved. It agreed to $32 million dollars in refunds and implemented new notification procedures. Amazon, in turn, has given the FTC the proverbial “your number one” finger and suggested the company is more than happy to pursue the matter in court.
Can Amazon win? I tend to think so. The problem the FTC faces is Amazon met the key compliance points the FTC required of Apple when that company settled its dispute with the Agency. As a matter of equity, how can the FTC require more of Amazon? You can bet this will be a point of emphasis for the defense in the case.
What does Google have to do with anything? Google runs its own app store, but the FTC has not looked into it…as of yet.
Apple aims to change this…by tattling on Google. Politico used a Freedom of Information Act request to get a copy of a very interesting email message sent by Apple. In it, the general counsel for Apple, Bruce Sewell, wrote to FTC Chairwoman Edith Ramirez and Democratic Commissioner Julie Brill alerting them to the fact the type of unauthorized purchases that got Apple into trouble were also a problem with the Google app store.
Put another way, Apple “told on” Google. No doubt the powers that be at Google were pleased to learn of this tactic. Whether they will respond by pulling the hair of a few Apple executives during recess is as yet unclear. The FTC has not taken the bait at this point, but one can imagine Google will be receiving a notice letter in the near future.
The FTC puts an emphasis on legal issues involving kids. While the current apps disputes are not necessarily COPPA matters, they do evidence the thinking process of the Agency. The FTC will undoubtedly pursue Amazon and Google moving forward, so make sure to keep an eye on how the dispute plays out. If you develop apps for kids, the ultimate result will impact your business model.
Richard A. Chapo, Esq.