Robert Botkin, Sarah Hutchins, and Madelyn Candela wrote an article for Law.com and the Cybersecurity Law & Strategy newsletter about new state laws creating children's privacy obligations for general audience apps. 

"A growing set of state 'app store accountability' and age assurance laws shifts age verification upstream, from individual apps to the app store or device operating system (OS) layer," they wrote. "As a policy matter, that shift is meant to reduce the number of places where minors and parents repeatedly provide age and consent information. As a compliance matter, it changes how developers may acquire knowledge of a user’s age. That can create new, and in some architectures effectively unavoidable, Children’s Online Privacy Protection Act (COPPA) consequences even for general audience services that historically avoided collecting age directly."

"The practical change is that developers may receive an age range or supervision or parental status signal from the platform," they continued. "Once age becomes a platform-provided attribute, an app may 'know' (or be deemed to know) a user is under 13 years old even if the app never asked. While the Federal Trade Commission (FTC) has issued a policy statement indicating the agency will not bring an enforcement action related to age-verification technology under certain circumstances, it should not be treated as a safe harbor."

Subscribers can click here to read the full article.

Law.com is one of the world's leading media platforms focused on legal news. Cybersecurity Law & Strategy is one of its top three newsletters in terms of reach and traffic.