Blog maker

CARU orders smartwatch maker to fix breaches of children’s privacy rules

On March 8, the Children’s Advertising Review Unit (CARU) announcement that a smartwatch operator has agreed to take action to correct alleged violations of the Children’s Online Privacy Protection Act (COPPA) and CARU’s Self-Regulatory Privacy Guidelines children’s privacy online. According to the press release, CARU is the first FTC-approved COPPA Safe Harbor program and is responsible for monitoring online services’ compliance with COPPA and CARU privacy guidelines to ensure that the collection of children’s data is handled responsibly. CARU reviewed the company’s data handling and sharing practices and found that the company, among other things, “failed to provide a clear, comprehensive, and unconfusing view of data collection practices. information about its children in its Privacy Policy and has not provided a notice that would constitute direct notice to parents as required by COPPA, nor has the company offered any method for parents to provide verifiable consent to its data collection practices prior to its collection of information from children, CARU said, adding that the company’s privacy policy, terms of service and other online disclosures also include ” inconsistent information”. , confusing and/or contradictory statements regarding its collection, use or disclosure of children’s personal information.”

CARU noted that the company had submitted a “detailed plan” outlining steps to remedy the issues and agreed to correct the breaches to comply with CARU’s privacy guidelines and COPPA. The company will also update its privacy policy to include information on how parents can opt out of the use of their child’s data or have it deleted and obtain verifiable parental consent before completing the registration process. CARU also recommended the company revise its website and app to provide parents “direct notice of the personal information the Operator may collect from children through their use of the service, both passively and actively.” , and how that personal information may be used and disclosed, as well as a clear and prominent link to its privacy policy.