Signaling its growing concern about children’s privacy, the Federal Trade Commission on Wednesday updated the Child Online Privacy Protection Act to cover web and mobile apps. The commission instituted new rules that state app makers have to get parental consent when it comes to sharing the personal information, like photos and location. But the commission also ruled that it is not holding app store owners responsible.
From the FTC’s update of the rules:
The definition of an operator has been updated to make clear that the Rule covers a child-directed site or service that integrates outside services, such as plug-ins or advertising networks, that collect personal information from its visitors. This definition does not extend liability to platforms, such as Google Play or the App Store, when such platforms merely offer the public access to child-directed apps.
The Wall Street Journal reports that Apple(s AAPL) and Google(s GOOG) lobbied heavily to get that exemption written into the rules, and that the iOS App Store owner “made that point in five meetings with FTC officials in the fall.”
The FTC first proposed updates to the act this summer. Then last week, it released a report in which it looked at 400 apps across both Apple and Google’s mobile ecosystems. Among other things, it found that 59 percent of apps made for kids transmitted information to third parties, 58 percent contained advertising without any notice, while 80 percent didn’t even have privacy policies posted.
The new rules announced Wednesday are intended to strengthen kids’ privacy and give parents more control over the services their kids or using. Among other tweaks to the rules, the FTC also announced that “persistent identifiers” like Apple’s UDID or IFA, along with location and photos, videos or audio files that contain a kid’s picture or voice are now classified as personal information.