The claim is that a number of Disney’s apps, many that target kids under the age of 13, are being married to industrial strength behavioral analysis programs used to better target kids with marketing messages.
According to Jeffrey Chester, from the Center for Digital Democracy:
“These are heavy-duty technologies, industrial-strength data and analytic companies whose role is to track and monetize individuals.”
The chief complaint centers around COPPA compliance, which is the Children’s Online Privacy Protection Act. This act requires that companies obtain explicit permission from parents before a child’s personal information is collected, disclosed or used, and there are additional provisions relating to kids under thirteen years of age. According to testimony from several parents involved in the suit, a number of Disney apps do not disclose that they’re collecting information, and no attempt was ever made to get explicit permission from the parents.
The company has formally responded, insisting that they’ve done nothing wrong, saying that “the complaint is based on a fundamental misunderstanding of COPPA principles, and we look forward to defending this action in court.”
Those are bold words, and even if the company spokespeople believe them, they could well be missing the point.
Disney, as a company, lives and dies by its reputation. If parents lose faith and trust, then they’re simply going to turn away from the brand. It would seem, then, to be in Disney’s best interest to go so far above and beyond the minimum necessary to be COPPA compliant that it’s never even an issue. The fact that the suit is even being filed at all will hurt Disney, even if they emerge victorious.
The lesson here is simple. Compliance is a big deal, and even a hint of non-compliance can cost you. A giant corporation like Disney has the means to ride out the storm, but most smaller firms simply don’t. If you’re a small business owner, don’t take chances where compliance is concerned. It’s always best to err on the side of caution.