New Jersey Attorney General Jeffrey S. Chiesa and the state Division of Consumer Affairs have filed suit in federal court in Newark to stop an educational mobile app developer from collecting personal information from children, then passing on the information to marketers without telling parents.
The lawsuit — the first lawsuit filed by the state under the federal Children’s Online Privacy Protection Act (COPPA) — names 24x7digital, LLC, the Los Angeles-based developer and operator of the “TeachMe” series of 99-cent apps for the iPhone, iPad and iPod Touch.
Read more on Cliffview Pilot. The AG issued a press release on the case:
Attorney General Jeffrey S. Chiesa and the New Jersey Division of Consumer Affairs have filed suit in federal court against a mobile app developer whose educational games allegedly collect personal information from children, then transmit the information to a third-party company without notifying parents or obtaining their consent.
The lawsuit is the first filed as a result of the Division’s ongoing initiative against Internet privacy violations and acts of cyber-fraud. It is also the first lawsuit filed by the Division pursuant to the federal Children’s Online Privacy Protection Act (COPPA).
“Mobile devices can capture and transmit a wealth of personal information about users, including their identities and even their geographic location. When we find that companies are using this ability to transmit information about children without their parents’ knowledge or consent, we will take immediate action,” Attorney General Chiesa said. “Due to the broad capabilities of these devices and the potential for abuse, we are proactively investigating mobile apps to ensure their compliance with privacy and consumer protection laws.”
The State filed suit on June 6, 2012 in U.S. District Court, District of New Jersey, against Los Angeles-based 24x7digital, LLC, the developer and operator of the “TeachMe” series of apps for the iPhone, iPad and iPod Touch. The series includes “TeachMe: Toddler,” “TeachMe: Kindergarten,” “TeachMe: 1st Grade,” and “TeachMe: 2nd Grade,” educational games targeted to children of those age groups.
“We appreciate the educational component of these apps, but under no circumstances is it acceptable to transmit identifying information about toddlers or first and second graders without the informed consent of their parents,” Eric T. Kanefsky, Acting Director of the New Jersey Division of Consumer Affairs, said.
24x7digital promotes the “TeachMe” apps as having a “simple and intuitive” interface that “allows children to play without help from an adult,” according to the State’s complaint. The “TeachMe” apps are among the top-selling applications in the education category of Apple’s App Store. As of June 5, 2012, “TeachMe: Kindergarten” is currently the 12th most popular education app; “TeachMe” 1st Grade” is number 21, “TeachMe: 2nd Grade” is number 25, and “TeachMe: Toddler” is number 32, according to Apple’s App Store website. Apple reported in July 2011 that more than 15 billion apps have been downloaded by more than 200 million iPhone, iPad and iPod Touch users worldwide. A significant portion are apps geared toward children.
Children who use the “TeachMe” apps are encouraged by 24×7 to provide their first and last names, and a picture of themselves, when creating player profiles. Division of Consumer Affairs investigators found that the apps allegedly transmitted personal information – including the first and last names provided by users, as well as the unique device identification number (UDID) that identifies the specific mobile device a player is using – to a third-party data analytics company.
The State alleges that, by collecting personal information from children and transmitting it to a third party, without providing notification of this policy on its website and without obtaining consent from the young players’ parents, 24×7 is in violation of COPPA.
Attorney General Chiesa noted that the Division of Consumer Affairs is continuing its investigation into other mobile applications and their possible unlawful sharing of users’ private information.