The NJ attorney general recently announced that it settled with a Chinese entity over violations of COPPA. The company promotes itself as a “virtual beauty counter,” and makes a variety of apps that let consumers virtually try on makeup. These apps include facial recognition technology, as well as photo-editing tools that allow users to customize and touch up their photos (the apps include Beauty Plus, AirBrush, and Meitu). The apps, according to the AG, allowed children under 13 to submit personal information without first getting parental consent, in violation of the Children’s Online Privacy Protection Act.
The company has agreed to pay a $100,000 civil penalty as well as to block children under 13 from submitting information to the apps. The company further specifically agreed to provide notice of what information it collects from children, how it uses the information, and whether it discloses children’s information. The company also agreed to get parental consent as required under COPPA, and to give parents a way to reasonably review their children’s information.
The New Jersey settlement comes at almost the same time that the FTC warned two foreign companies (Chinese-based Gator Group Co., Ltd., and the Swedish company Tinitell, Inc.) that they needed to comply with COPPA when collecting children’s geo-locations. Both companies provide location services for watch-type devices. The companies allow users to track the child who is wearing the device. The FTC’s concern for both was that they appeared to collect precise location without notifying parents of this practice. The FTC was also concerned that the companies were not getting parental consent as required under COPPA.
Putting It Into Practice: These cases are a reminder that both the FTC and state AGs are looking at whether companies are complying with COPPA when creating devices or apps that are appealing to or intended for children.