Mobile app developers will likely bear the brunt of the impending crackdown by the U.S. Federal Trade Commission for illegally collecting data on children and violating the federal Children’s Online Privacy Protection Act, or COPPA.
That’s the assertion of Jules Polonetsky, executive director of the Future of Privacy Forum, a Washington, D.C.-based think tank focused on responsible data practices. Polonetsky studies the burgeoning mobile space and interacts regularly with FTC attorneys.
“If you’re tracking kids across sites, like data analytics and ad network companies, for example, you are collecting personal information on children — and you’re doing it without parental consent,” Polonetsky told VentureBeat.
As VentureBeat first reported, the FTC declared in March that it will begin moving aggressively against tech companies violating COPPA. So far the crackdown hasn’t materialized, but the rumor mill is awash with speculation on who will take the first hits — which are likely to result in large fines.
The purported crackdown comes after the FTC tweaked COPPA last year, giving online advertisers, gaming outfits, and others a grace period to adapt to the rapidly changing online mobile advertising space — or face the consequences.
Last year’s revision to COPPA broadened the act, extending the definition of children’s personal information to include “persistent identifiers such as cookies that track a child’s activity online, as well as geolocation information, photos, videos, and audio recordings.”
“The FTC laid out a double flag approach to help mobile ad networks be sure they’re following COPPA and not using kids’ data beyond what COPPA allows, Polonetsky said.
But many in the mobile advertising market aren’t getting the message.
As it stands now, mobile ad marketers, ad retargeters, and app developers caught selling information or otherwise violating COPPA statutes will be fined up to $16,000 per infraction. That translates into $16,000 for each app download or each login where COPPA is being violated.
FTC spokesman Jay Mayfield is saying very little.
“I can neither confirm nor deny” any possible investigations, he said.
While big players like Facebook and Twitter have worked to make sure they’re in compliance with COPPA, many mobile app developers and ad companies are clueless when it comes to knowing whether they violate the law or not.
That’s because they often have no idea that children are downloading their apps meant for kids 13 and older and adults.
“There’s a wide swath of app developers that haven’t figured out what they need to do to comply with COPPA. Many who believe they’re not collecting names and emails of children believe they’re exempt from COPPA,” and that’s just not true, Polonetsky said.
What we’re seeing here is the FTC playing catch-up to the chaotic and extremely complicated mobile space, which includes approximately 500 marketing firms, mobile ad networks, virtual gaming outfits, and mobile analytic players all vying for their part of a space that did $17.9 billion in business last year.
Analysts told VentureBeat the market will climb to $34 billion by the end of 2014.
The FTC has made it clear it has little patience on the issue of behavioral ads (known as BAs) that are targeted at children and compiled by advertisers using data culled from kids’ online behavior.
“The FTC is worried about them. Mobile is a specific priority, and kids are a specific priority. I’m hearing this frequently at public and private events,” Polonetsky said.
According to the COPPA revision:
COPPA mandates that website operators or online providers directed at kids 13 and under obtain verifiable consent from the parents or guardians before disseminating the information. The law says that without the verification, companies are on the hook for any information obtained from children [to] be distributed or sold for marketing or other purposes. The law was formed in the early days of the Internet, and much has changed since then.
As it stands now, many players in the mobile space don’t even know they have a target on their back. And it’s not just in the U.S. A ranking French politician declared this week he would personally download every app just to see if it violated French Internet law and go after scofflaws.
The feds have already sent warning letters to a multitude of mobile app developers as a precursor to levying serious fines, Polonetsky said.
“The smaller mobile players have their heads in the sand, and mobile app developers are the most vulnerable. What [the FTC] have told us is that mobile apps and kids are a major focus,” he added.