informa
/
3 min read
article

Apple Tightens App Store Rules On Kids' Data

Faced with broader federal rules to protect children's privacy online, Apple requires developers to treat kids' data more carefully.
 6 Top iOS Photo Apps
6 Top iOS Photo Apps
(click image for larger view)
Following the addition of new rules to the Children's Online Privacy Protection Act (COPPA) in July, Apple has updated its App Store Review Guidelines to reflect the requirements.

Apple's revised guidelines provide stronger privacy protection for app users and limit the ways in which app developers can deal with user information.

The amended COPPA rules expand the definition of personal information with four new categories: geolocation information, photos or videos containing a child's image or audio files with a child's voice from a child, screen or user name and persistent identifiers. Developers of mobile apps or online services who have users under 13 should review the Federal Trade Commission's compliance guidelines carefully.

[ Is there really informed consent among Gmail users? Read Gmail Is Not A Privacy Problem. ]

Apple has added a new section to its review guidelines called Kids Apps, which lays out additional requirements for apps intended for children under the age of 13. Such apps must include a privacy policy, must be made specifically for kids in the age ranges of 5 and under, 6-8, or 9-11, and must obtain parental consent for any e-commerce, such as in-app purchasing.

In February, Apple settled a 2011 lawsuit alleging that it had allowed developers to make it too easy for children to spend large sums in games without authorization. As part of the settlement, Apple provided eligible plaintiffs in the class action suit with $5 iTunes gift cards.

The Kids Apps rules also state that apps intended for kids may not serve ads through behavioral targeting and that any contextual advertising be age-appropriate.

App Store rules related to privacy have also been amended to reflect changes to COPPA. Asking users for a date of birth may now be done only for the purpose of compliance, and any sharing of personal information -- which includes location data, photos, videos, drawings, persistent identifiers and chat capability -- must follow applicable children's privacy requirements.

The changes may prompt developers to reconsider the kinds of third-party advertising and analytics services they can include in their apps, particularly if these services rely on persistent identifiers or capture location data without adequate disclosure and consent.

In addition, Apple has added a rule banning apps that may lead to physical harm, possibly a formalization of the company's rationale for rejecting the phone tossing app CarrotPop, which Apple banned earlier this month for "encouraging behavior that could result in damage to the user's device," according to The Independent.

Rules were also added for apps associated with real-money gaming (i.e., gambling), requiring that such apps are free, function only in locations where real-money gaming is allowed and do not allow in-app purchasing.