Written by Stu Eaton
In the FTC’s first enforcement action involving mobile applications, W3 Innovations, LLC agreed to pay $50,000 to settle charges that it violated the Children’s Online Privacy Protection Act (COPPA) and the FTC’s COPPA Rule by collecting and disclosing the personal information from thousands of children under the age of 13 without parental consent. The settlement, which was announced August 15, also bars W3 Innovations from future violations of the COPPA Rule and requires the company to delete all personal information collected in violation the rule.
The FTC’s COPPA Rule requires operators of websites or online services directed at children to provide notice and obtain “verifiable parental consent” before “any collection, use, and/or disclosure of personal information” from children under the age of 13. The Rule also requires that website operators post a privacy policy that is clear, understandable and complete. In announcing the settlement, Chairman Jon Leibowitz said that “[c]ompanies must give parents the opportunity to make smart choices when it comes to their children’s sharing of information on smart phones.”
W3 Innovations, doing business as Broken Thumbs Apps, develops and distributes mobile applications for the iPhone and iPod touch that allow users to play games and share information online. The FTC alleged that several of the applications, such as Emily’s Girl World, Emily’s Dress Up, Emily’s Dress Up and Shop, and Emily’s Runway High Fashion, were directed at children and listed in the “Games-Kids” section of Apple, Inc.’s App Store. The applications, which were downloaded more than 50,000 times, encouraged users to email “Emily” their comments and submit blogs to “Emily’s Blog” via email. According to the FTC, W3 Innovations (1) collected and maintained thousands of email addresses from children using the “Emily” applications, and (2) allowed children to publicly post information, including personal information, via its message boards.
The FTC alleged that W3 Innovations violated its COPPA Rule by failing to provide notice of its information-collection practices and failing to obtain parental consent before collecting and/or disclosing the personal information of children. This action is reminder to all mobile application providers that they are not immune to FTC scrutiny. With a growing number of children downloading mobile applications, the FTC is sure to take a closer look at whether application providers are complying with its COPPA Rule.