Increasingly, children are accessing mobile applications via cell phones and tablets at younger ages. Recent Pew Internet studies find that 68% of children aged 12-13 own a cell phone and 71% access the Internet via a mobile device (phone, tablet, or other mobile device). Within this age group, 66% report downloading a mobile app. These apps can collect demographic, personally identifiable, behavioral and location data, though the types and combinations of data collected vary. In an effort to protect children’s privacy online, in 2000, the Children’s Online Privacy and Protection Act (COPPA) was enacted in the United States to provide mechanisms for parents to control the information collected from their children online. The legislation stipulates that websites actively collecting information from children under age 13 must seek written parental consent. While COPPA represents an effort to safeguard children’s digital privacy, many argue that it is difficult to implement, resulting in loopholes for children’s access and reduction in their information security. Central to this issue is COPPA’s requirement of written parental consent for their child’s participation. Many websites have enacted age-based bans to comply with COPPA, banning users under the age of 13 in their Terms of Service. Those that offer content to children and attempt to comply with COPPA guidelines, follow a model similar to that of Disney’s popular Club Penguin app. When creating an account, a user who is under 13 must provide an email address for their parent who is then sent an activation email. Yet the identity of an email user is difficult to confirm and as one mother demonstrated, aliases are easy to create. Further, age verification systems face technical and social challenges as young users attempt to subvert them for access.
Photo image credit: Claude Robillard