California Regulators Settle With Kids Gaming App

Timothy Bado, Christopher Carlson, Blake Christopher, Samuel Fishel, Clayton Friedman, Natalia Jacobo, Judith Jagdmann, Namrata Kang, Michael Lafleur, Susan Nikdel, Stephen Piepgrass, John Sample, Whitney Shephard, Trey Smith, Ashley Taylor Jr., Daniel Waltz, Michael Yaghi
Troutman Pepper
Contact
LinkedIn
Facebook
X
Send
Embed

Troutman Pepper

[co-author: Stephanie Kozol]*

California Attorney General (AG) Rob Bonta and Los Angeles City Attorney Hyde Feldstein Soto recently settled a lawsuit with Tilting Point Media, LLC (Tilting Point) related to a SpongeBob Square Pants-themed app. In the complaint, Tilting Point is accused of collecting, using, and sharing the personal information of children in violation of the Children’s Online Privacy Protection Act (COPPA).

In addition to the alleged COPPA violations, the company’s privacy policies were also at issue with respect transparency. The issue related to certain third-party Software Development Kits (SDKs) that Tilting Point allegedly improperly configured, which resulted in the collection of children’s personal information without disclosure or consent. The California Consumer Protection Act (CCPA) mandates parental consent for users under 13 and affirmative “opt-in” consent for users aged 13 to 16 before their personal information can be sold or shared. The regulators also asserted that the company’s privacy policy was noncompliant with the CCPA because it was ambiguous and incomplete, and failed to sufficiently disclose the collection, sale, or sharing of personal information in violation of the CCPA.

Tilting Point agreed to pay $500,000 in civil penalties. Additionally, Tilting Point must implement a robust privacy policy that clearly outlines its data collection, use, and sharing practices, especially concerning children. This includes:

  • Providing direct notice to parents and obtaining verifiable parental consent before collecting, using, or disclosing children’s personal information;
  • Conducting annual assessments of its compliance with these requirements, including the use of age screens and data minimization efforts; and
  • Establishing an SDK governance framework to monitor and control the use of SDKs within its apps.

Why It Matters

This settlement is representative of the evolution of California’s data privacy enforcement efforts, including those under the CCPA. Whereas early enforcement efforts primarily related to compliance with satisfying notice and opt-out rights, AG Bonta is now looking into compliance with data privacy requirements in practice — especially when it comes to the data of minors.

*Senior Government Relations Manager

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Troutman Pepper | Attorney Advertising

Written by:

Troutman Pepper
Troutman Pepper
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Troutman Pepper on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide