Playbooks & Whitepapers

Blog

Last update: September 2020

5 mins to read - 2020/09/18

openback edge computing coppa gdpr hipaa compliant

Keep Your Mobile App COPPA Compliant and Kid-Friendly with OpenBack

Every year our smart devices become more and more ingrained in our daily lives. In 2019, 3.2 billion people used smartphones, a number projected to increase to 3.8 billion by 2021. And when you add in gadgets such as smart speakers, smart cars, smart fridges and other pieces of the vast ecosystem of the Internet of Things, it can seem like every aspect of our lives has gone online. The advantages of this are clearer than ever. Especially during this past year, when our devices and digital platforms kept us connected, entertained, and attending work or school remotely. However, when it comes to keeping children safe and their personal data (PII) secure, things can become more worrisome. Mobile apps targeting a child user base find themselves performing a delicate dance. How can you make your mobile app COPPA compliant and child-friendly… while still offering a fun and engaging user experience?

Download OpenBack’s whitepaper outlining our unique approach to data privacy and regulation compliance:

child mobile apps coppa compliant

What Is COPPA and How Does It Apply to Mobile Apps?

The US data privacy regulation COPPA, or Children’s Online Privacy Protection Act, dates back to 1998. The FTC passed it in an attempt to protect minors from identity theft and other crimes related to personal data that’s readily available online. Back in the late ’90s, our concept of personal identifying information (PII) was pretty straightforward. Children’s data protected by COPPA included:

  • first and last name
  • home or physical address, including street name and name of city/town
  • email address
  • phone number
  • social security number

There are various steps to ensuring your mobile app is COPPA compliant if your user base are primarily minors. For users younger than 13, you will have to obtain their parents’ consent before collecting their personal data. You will also have to be totally transparent in how you intend to use that data. Write a clear description of your company privacy policy, and make sure it’s easily accessible from both your mobile app and website homepage. And always make sure that you delete the PII you collect from children as soon as you finish using it. Or as soon as the parents request the deletion.

Mobile App COPPA Compliance Today

Of course, the original COPPA regulation was passed over 20 years ago. Our understanding of what construes personal identifiable data – and the prevalence of our internet usage and ensuing digital footprints – has changed so much that it’s barely recognizable compared to what is explicitly covered by COPPA. We no longer define “personal information” solely by our phone number, mailing address, and credit card number. Every action we take on a device, whether it’s watching a video or sending a Tweet, we leave a digital trace. These can be used to piece together a profile of who we are. Devices even collect our data without our knowledge… such as when a phone tracks our geolocation, or how many steps we take, or even our heart rate.

Various scandals and data breaches over the years, many of them from mobile apps targeted at children, have forced us to rethink how much of our personal data we’re comfortable giving out. Moreover, over the years COPPA has had to review its guidelines and update them to keep with the times. As cloud servers what extent mobile app developers are responsible for protecting their users’ PII.

child mobile apps coppa compliant

OpenBack’s Unique, COPPA-Compliant Take on Push Notifications

OpenBack’s patented, hybrid push notification platform lets your mobile app be fully COPPA compliant by default. (As well as compliant with GDPR, HIPAA, CCPA, and other regional data privacy regulations.) Traditional push notifications work by transporting user data off-device to app backend servers, and then to centralized cloud servers. (Firebase for Android, or APNS for Apple devices.) Using this archaic, three-prong structure, many other push notification providers sell users’ personal data to third-party advertisers as part of their business model. This means mobile app users get solicited with targeted ads. This is regardless of whether they are younger than 13, which COPPA specifies as the age of digital consent.

OpenBack’s innovative use of edge computing leverages all data directly on the user’s device. This means user data never has to leave the device. Data remains securely in their possession at all times, without being exposed to third parties. User’s personal data is only accessed by the mobile app’s backend server. Also, the cloud server is cut out of the equation altogether.

This means that your mobile app is able to access users’ personal data for the purpose of personalizing notifications, sending them at times that are beneficial to users, and so on, while abiding by COPPA. Our default compliance mode is a real game-changer for mobile app developers who aren’t sure of which regulations they fall under, and what they need to do to be compliant. It also simplifies the process for apps that target users of varying different ages, and who aren’t sure what their due diligence is to ensure that minors are using their app safely.

OpenBack’s Edge Computing Advantages: Data Security and More!

OpenBack’s edge computing method provides the safest, most ethical means of sending users personalized push notifications. Moreover, it also eradicates the time lag resultant from sending user data in the form of push tokens to the app’s backend and onward to the Firebase or APNS server. With OpenBack, your notifications deliver in true real-time, with the highest levels of reliability in the industry. What’s more, your OpenBack account provides you all the methods you need to optimize your push campaign. These include delivery rate, app open rate, and whether the user ignored the notification, swiped it away, or clicked on it.

For more information about how your children’s mobile app can ensure data privacy for your users, take a look at the following links:

To learn more about how OpenBack uses edge computing to create hyper-personalized push notifications while protecting users’ personal information, read our blog post: The Radical Evolution of Data Privacy in Push Notifications.

Or, get in touch with one of our experts for a breakdown of our product!

Calculate how much your revenue would increase per month using OpenBack:

Leave a Reply

Your email address will not be published.

18 + seventeen =

Data Security and Privacy: OpenBack's Innovative Approach

Submitting...