TinyCo Violated COPPA with Its Kids’ Mobile Apps

TinyCo, Inc. got into big trouble with the Federal Trade Commission for collecting email addresses from children under 13 who used the company’s kid’s mobile apps.

tinyThe company, which offers mobile apps for free download from Apple’s App Store, Google Play, and the Amazon Appstore, agreed to delete the improperly collected data and pay a $300,000 civil penalty.  The emails were collected from August 2011 to October 2013.

The apps were directed at children and included Tiny Pets, Tiny Zoo, Tiny Village, Tiny Monsters, and Mermaid Resort.  “TinyCo’s kids’ apps appeal to children by containing brightly-colored, animated characters from little animals or zoo creatures to tiny monsters, and by involving subject matters such as a zoo, tree house, or resort inspired by a fairy tale,” the FTC TinyCo Complaint said.

Within the apps, TinyCo “invites users to provide their email address,” the FTC noted.  In one app, if the child provided his email address, he received free in-app currency.  When the company received complaints from parents, “TinyCo did not take steps to determine whether it had collected personal information from these children, or if it had, to delete such information, provide the required notices, or obtain the required parental consent.”

Under the Children’s Online Privacy Protection Act (COPPA), it is illegal for a commercial website directed at children to collect, use, or disclose personal information from children under 13 without having obtained parental consent and providing complete notice of its collection practices.

TinyCo agreed to a permanent injunction, will delete the information it collected from children under 13, and will pay the civil penalty.

United States of America v. TinyCo, Inc., N.D. Calif. No. 14 cv 4164, entered September 17, 2014.