Skip to main content

After Review, CARU Finds Snapchat Compliant with COPPA



In a recent decision, CARU found Snap Inc.’s (Snap) Snapchat app to be compliant with both the CARU Guidelines and the Children's Online Privacy Protection Act (COPPA). 
“The company goes beyond minimal procedures to prevent under-age use” CARU stated. CARU determined that Snapchat is an app directed to a general audience, not intended for use by children. In reaching this conclusion, CARU considered that Snap’s Terms of Service clearly prohibit users under 13 years of age and makes no effort to market the app to children or provide them with an appealing user experience. 
With that understanding, Snapchat is permitted under the Guidelines and Children’s Online Privacy Protection Act (“COPPA”) to age-gate and block children under 13 from using its services, which it does. CARU then examined whether Snapchat does so effectively.
CARU observed that Snapchat utilizes age-gates and many safeguards to ensure that if children manage to breach the existing age-gates, they will not be able to remain active on the app. Additionally, all app features that touch personal data are vetted collaboratively through the legal team, product engineers, and trust and safety representatives to assure that children don’t use the app and that the company stays compliant with COPPA’s guidelines.
“Age-gates are one piece of the larger compliance scheme. The cost of doing business in the kids space is implementing privacy-by-design and having a robust plan in place. This is not to say that age-gates should not be implemented. On the contrary, what we are saying is that we can do better and we should try to do better than the minimum bar. We don’t want to eliminate the use of age-gates, we want to see them used as part of a larger system to keep children safe on the internet,” says Dona Fraser, CARU’s vice president. 
CARU believes companies that go beyond the low bar of age-gating to incorporate privacy-by-design and systematic procedures of trust and safety should be given due consideration regarding their efforts toward COPPA compliance. Where companies have a comprehensive culture of privacy, good faith efforts may outweigh strict adherence to principles that may have outlived their utility in certain instances.
For more information about CARU’s decision please visit the press release about CARU's decision regarding Snapchat.

Popular posts from this blog

CARU Speaks at Community Board in Manhattan

CARU staff attorney Andra Dallas gave a presentation to Community Board 1, serving lower Manhattan on Monday, December 7 th .  Andra spoke to the Board’s Youth Committee about the importance of teaching children about understanding advertising and safe online practices.  District Manager Noah Pfefferblit remarked, “thank you for your informative presentation to our Youth Committee members,” and offered the Board’s assistance if they “can be helpful to the important efforts at the Children's Advertising Review Unit.” Are you interested in having a CARU staff member visit your community board? Contact adallas@caru.bbb.org.

i-Dressup Shuts Down in Wake of Privacy Breach and COPPA Violation

I-Dressup, a fashion-themed social website for teens, has completely shut down as part of a settlement with the New Jersey Department of Consumer Affairs, following a massive privacy breach and violations of the federal Children's Online Privacy Protection Act (COPPA) and New Jersey state law. In September 2016, a hacker sent 2.2 million i-Dressup account credentials to technology blog Arstechnica as well as to haveibeenpwned.com, a searchable online database of data breaches. Responding to the news, New Jersey investigators discovered that 2,519 of the compromised accounts belonged to New Jersey children below age 13. I-Dressup, allegedly aware that it had child users, had violated COPPA by failing to obtain verifiable parental consent prior to collecting and processing personal information from the children, including first and last names and email addresses. In a consent decree with the New Jersey Attorney General Gurbir Gerwal, parent company Unixiz has closed i-Dressup,

Kids Internet Design and Safety Act Seeks to Protect Children from Harmful Online Content

United States Senators, Mr. Richard Blumenthal from Connecticut and Mr. Edward Markey from Massachusetts, introduced a new bill referred to as the Kids Internet Design and Safety Act (the “KIDS Act”). One of the Senator’s introducing the KIDS Act, Mr. Edward Markey, was the co-author of the Children’s Online Privacy Protection Act (“COPPA”). The KIDS Act seeks to include noteworthy advertising rules and create new protections for children online, specifically for online users under the age of 16. The proposed advertising rules within the KIDS Act are to ban websites from: (1) exposing young online users to advertisements “with embedded interactive elements”; (2) recommending any content involving alcohol, nicotine, or tobacco to young online users; and (3) recommending content that includes influencer marketing, like unboxing videos, or host-selling to young online users. Additionally, the KIDS Act seeks to prohibit certain online features to protect children, like prohibiting