How changes in US Internet law can make life difficult for Russian game developers and game platform operators
Habravchane, hello. The other day, by the nature of my professional activity, I was faced with a problem that is practically not covered in runet. We are talking about changes in the American Children's Online Privacy Protection Act (COPPA), which also affect foreign operators of web sites, especially gaming, if they are visited by users from the United States.
COPPA is not a new thing. This federal law came into force in 2000 and applies to the collection of personal information from children under 13 years of age. According to its main provisions, the operators of web sites and Internet services are not allowed to request and store the personal data of children without the formal consent of their parents or guardians. Despite the fact that the law provides for several ways to seek consent, most sites (for example, Facebook, Twitter and Google+) prefer to simply block access to users under the age of 13.
In July 2013, the law was tightened. What happened? The definition of the term “personal information” has been expanded. Now this includes:
')
• FULL NAME;
• Contact information, including residential address, phone number, E-Mail, ICQ or Skype number, and so on.
• username, virtual name
• Social Security number
• Photo and video of the child, recording his voice
• AHTUNG : cookie number, IP address, processor number, or serial number of the device that accesses the network
• Geolocation Information
The COPPA action extends not only to local companies, but also to operators of foreign sites, if they do business with the United States and attract American users. For example, mobile applications, gaming platforms, plug-ins, ad networks are hit.
At the same time, the Federal Trade Commission (FTC), which is responsible for overseeing the implementation of the law, makes a distinction between websites aimed at children and sites with a “wide audience”. The latter should follow COPPA only when they know that a certain percentage of their visitors have not turned 13 years old.
The irony is that the target audience of the site or mobile application for FTC does not matter. It is only important who actually visits this site, and what data about visitors to the site are recorded.
Since, as lucidly explained on the Commission’s website, Internet products and services designed for adolescents and young people are likely to be of interest to children, they also fall under COPPA. This is especially true for developers and operators of online and mobile games . Even when it comes to the medieval strategy created for the uncles over 25, there remains a certain amount of risk that the pre-schoolers will want to try it out. If the provisions of the law in such a game are not met, the FTC of this theoretically may be enough to file a claim.
Unpleasant examples already exist. In 2011, Playdom, by the way, was fined $ 3 million, although children under the age of 13 made up only 2% of its audience.
From the point of view of the FTC, the most elegant way to solve the problem is the introduction of the so-called age gating mechanism . It is understood that when registering on the site, users will need to enter information about the day, month and year of birth. Thus, children can be immediately filtered.
It is important to note that the registration page should not contain any instructions to close access for users under 13 years of age. Thus, the FTC expects to prevent the entry of deliberately false information.
The good news is, at least, that sites are not responsible for "giving false testimony" by users.
As already mentioned, age gating and user filtering have long been used by American social networks. Blizzard, Zynga, Playdom and EA also follow suit.
On June 13, EA asks you to specify the age of users when registering for mobile games. Battleship Free, Boggle, Monopoly, Pogo, Scrabble, Supreme Heroes, Surviving High School, Tetris, The Simpsons Springfield, Theme Park and some other apps have become unavailable for children.
While it is difficult to say how high the probability that the FTC will begin to pursue foreign sites for the fact that they collect information about American children. Most likely, the Commission simply will not notice the small bipods.
Another thing is if the imported mobile application is in the top of the local Apple App Store, the Google Play Store and the like, or the game portal suddenly begins to be actively advertised in the States. There is already a risk of catching your eyes.
What could be a violation of the law? For the time being, the “bad” sites got off with fines (16 thousand dollars for each child, by the way !!!). If you do not pay and do not fix it, I can block the URL. But the most unpleasant thing is the potential arrest of US assets. By them is meant not so much a dacha in California, as, for example, the freezing of iOS and Google Developer Accounts. For mobile game developers, this would not be funny at all.
Changes in COPPA and the consequences that follow are a new and unknown topic, as already noted. Foreign (European certainly) developers still wander in the dark and try to determine their position.
If someone from habravchan already have specific experience in this matter, I beg you to share them.
All the information in this post can be found on the FTC or COPPA website. I especially recommend to get acquainted with the FAQ and recommendations for operators of sites .
Enjoy reading!
What is COPPA
COPPA is not a new thing. This federal law came into force in 2000 and applies to the collection of personal information from children under 13 years of age. According to its main provisions, the operators of web sites and Internet services are not allowed to request and store the personal data of children without the formal consent of their parents or guardians. Despite the fact that the law provides for several ways to seek consent, most sites (for example, Facebook, Twitter and Google+) prefer to simply block access to users under the age of 13.
In July 2013, the law was tightened. What happened? The definition of the term “personal information” has been expanded. Now this includes:
')
• FULL NAME;
• Contact information, including residential address, phone number, E-Mail, ICQ or Skype number, and so on.
• username, virtual name
• Social Security number
• Photo and video of the child, recording his voice
• AHTUNG : cookie number, IP address, processor number, or serial number of the device that accesses the network
• Geolocation Information
Should I care?
The COPPA action extends not only to local companies, but also to operators of foreign sites, if they do business with the United States and attract American users. For example, mobile applications, gaming platforms, plug-ins, ad networks are hit.
At the same time, the Federal Trade Commission (FTC), which is responsible for overseeing the implementation of the law, makes a distinction between websites aimed at children and sites with a “wide audience”. The latter should follow COPPA only when they know that a certain percentage of their visitors have not turned 13 years old.
The irony is that the target audience of the site or mobile application for FTC does not matter. It is only important who actually visits this site, and what data about visitors to the site are recorded.
Since, as lucidly explained on the Commission’s website, Internet products and services designed for adolescents and young people are likely to be of interest to children, they also fall under COPPA. This is especially true for developers and operators of online and mobile games . Even when it comes to the medieval strategy created for the uncles over 25, there remains a certain amount of risk that the pre-schoolers will want to try it out. If the provisions of the law in such a game are not met, the FTC of this theoretically may be enough to file a claim.
Unpleasant examples already exist. In 2011, Playdom, by the way, was fined $ 3 million, although children under the age of 13 made up only 2% of its audience.
What should I do?
From the point of view of the FTC, the most elegant way to solve the problem is the introduction of the so-called age gating mechanism . It is understood that when registering on the site, users will need to enter information about the day, month and year of birth. Thus, children can be immediately filtered.
It is important to note that the registration page should not contain any instructions to close access for users under 13 years of age. Thus, the FTC expects to prevent the entry of deliberately false information.
The good news is, at least, that sites are not responsible for "giving false testimony" by users.
As already mentioned, age gating and user filtering have long been used by American social networks. Blizzard, Zynga, Playdom and EA also follow suit.
On June 13, EA asks you to specify the age of users when registering for mobile games. Battleship Free, Boggle, Monopoly, Pogo, Scrabble, Supreme Heroes, Surviving High School, Tetris, The Simpsons Springfield, Theme Park and some other apps have become unavailable for children.
Does it hurt?
While it is difficult to say how high the probability that the FTC will begin to pursue foreign sites for the fact that they collect information about American children. Most likely, the Commission simply will not notice the small bipods.
Another thing is if the imported mobile application is in the top of the local Apple App Store, the Google Play Store and the like, or the game portal suddenly begins to be actively advertised in the States. There is already a risk of catching your eyes.
What could be a violation of the law? For the time being, the “bad” sites got off with fines (16 thousand dollars for each child, by the way !!!). If you do not pay and do not fix it, I can block the URL. But the most unpleasant thing is the potential arrest of US assets. By them is meant not so much a dacha in California, as, for example, the freezing of iOS and Google Developer Accounts. For mobile game developers, this would not be funny at all.
Epilogue
Changes in COPPA and the consequences that follow are a new and unknown topic, as already noted. Foreign (European certainly) developers still wander in the dark and try to determine their position.
If someone from habravchan already have specific experience in this matter, I beg you to share them.
All the information in this post can be found on the FTC or COPPA website. I especially recommend to get acquainted with the FAQ and recommendations for operators of sites .
Enjoy reading!
Source: https://habr.com/ru/post/194778/
All Articles