June 30, 2022

Volume XII, Number 181

Advertisement
Advertisement

June 30, 2022

Subscribe to Latest Legal News and Analysis

June 29, 2022

Subscribe to Latest Legal News and Analysis

June 28, 2022

Subscribe to Latest Legal News and Analysis

Smart Watch Maker Settles with CARU Over Privacy Policy and Parental Consent

The Children’s Advertising Review Unit recently settled with TickTalk Tech, LLC over its information collection practices. CARU, a self-regulatory body that reaches voluntary settlements with companies, conducts regular audits of privacy practices by companies in the child space. During one such audit, it identified concerns over TickTalk Tech’s kids smart watch, TickTalk4.

In particular, CARU was concerned that the product privacy policy was not prominent and did not explain in an easy-to-understand way how children’s information would be used. While parents were told in on-screen advertising that the watch had geo-location tracking services, the privacy did not clearly explain, for example, what information would be passively gathered from children. CARU’s noted that while the company worked to obtain consent during the product registration process, the consent was meaningless because parents couldn’t tell from the privacy policy what its practices were. The lack of valid consent and the unclear disclosures constituted, according to CARU, a violation of both its guidelines and COPPA. To resolve the matter, the company has agreed to:

  • ensure that its privacy policy clearly discloses its data collection practices regarding children;

  • ensure that the privacy policy is conspicuous and not hidden or difficult for parents to find;

  • explain its data retention and deletion policies are regarding children’s data;

  • explain how parents can limit use of their children’s data; and

  • obtain verifiable consent from parents before collecting children’s information.

Putting it into PracticeThis settlement is a reminder that companies should take care to describe their information collection practices clearly and accurately in their privacy policies. This is particularly true for products directed towards children. This settlement is also a reminder that CARU is actively looking at connected devices for compliance with its guidelines and COPPA. Both require, among other things, obtaining (informed) parental consent before collecting information online from children.

Copyright © 2022, Sheppard Mullin Richter & Hampton LLP.National Law Review, Volume XII, Number 105
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Snehal Desai, attorney, Sheppard Mullin
Attorney

Snehal Desai is an associate in the Intellectual Property Practice Group in the firm's San Francisco office. She is a member of the Privacy and Cybersecurity Team, the Advertising Team and the Technology Transactions Team.

Areas of Practice

Advertising: Snehal advises clients in conducting advertising campaigns, contests and sweepstakes, and brand marketing campaigns. 

Technology and Commercial Transactions: Snehal drafts and negotiates...

415-774-2960
Liisa Thomas, Sheppard Mullin Law Firm, Chicago, Cybersecurity Law Attorney
Partner

Liisa Thomas, a partner based in the firm’s Chicago and London offices, is Co-Chair of the Privacy and Cybersecurity Practice. Her clients rely on her ability to create clarity in a sea of confusing legal requirements and describe her as “extremely responsive, while providing thoughtful legal analysis combined with real world practical advice.” Liisa is the author of the definitive treatise on data breach, Thomas on Data Breach: A Practical Guide to Handling Worldwide Data Breach Notification, which has been described as “a no-nonsense roadmap for in-house and...

312-499-6335
Advertisement
Advertisement
Advertisement