Site icon In JB's Humble Opinion


October 2017

What Can Voice-Activated Device Makers Legally Do With Recordings Of Kids’ Voices?

FTC has issued guidance exempting recordings used solely as a replacement for written words (e.g., perform search or execute verbal instructions) – as long as:
• audio file is held for a brief time (i.e. only long enough to complete that purpose and then immediately delete)
• use of audio file is strictly limited to that search/execution purpose

Under the exemption, a company must still provide clear notice in privacy policy of:
• collection and use of audio files
• audio file deletion policy

The exemption does not apply if a device asks or enables a child to provide personal information (e.g., name). In such cases, verifiable parental consent would be required before collecting an audio recording of the voice of a child under age 13.
jbho: Perhaps a bit helpful. However, if a device needs to store voiceprints for heuristics, does that mean it can’t be exempt? And if you want to distinguish between users, you probably can’t rely on the exemption.


October 2016

Texas AG Settles With Child Tracking App Maker

Texas v. Justa Labs
Justa Labs allegedly collected personal information in child directed apps – apps offering free children’s games – that generated revenue from advertisements and in-app purchases. Juxta Labs also collected personal information through its Jott App – a peer-to-per messaging App that did not rely on WiFi or carrier networks. Personal information collected included e-mail addresses, instant messaging identifiers, screen names, cookies, internet protocol addresses, and GPS coordinates.

Under the terms of the Assurance of Voluntary Compliance (AVC), Juxta Labs Must:

[District Court of Travis County; D-1-GN-16-004940]
jbho: make sure you know what information your apps (or web pages) are collecting – including cookies – on anything that could be considered child-directed – no matter how small a portion of the audience children would actually be.

The order includes in the definition of personal information: “A persistent identifier that can be used to recognize a user over time and across different Web sites or online services. Such persistent identifier includes, but is not limited to, a customer number held in a cookie, an Internet Protocol (IP) address, a processor or device serial number, or unique device identifier.” (emphasis added)

Exit mobile version