Privacy & Information Security Law Blog

On October 3, 2016, the Texas Attorney General announced a $30,000 settlement with mobile app developer Juxta Labs, Inc. (“Juxta”) stemming from allegations that the company violated Texas consumer protection law by engaging in false, deceptive or misleading acts or practices regarding the collection of personal information from children.

The Texas Attorney General alleged that Juxta, the developer of the “Jott” messaging app and other apps for gaming and social media, misled consumers regarding the company’s privacy practices and compliance with privacy laws. According to the Texas Attorney General, Juxta’s apps were previously easy for children of any age to access. Many of the company’s apps offered free children’s games, generating revenue from advertisements and in-app purchases. Personal information was transmitted over these apps, including IP addresses and GPS coordinates, which could be used to pinpoint a child’s location.

Under the terms of the Assurance of Voluntary Compliance (“AVC”), approved by the Travis County District Court, Juxta agreed not to misrepresent its privacy practices regarding the personal information it collects from children under the age of 13, and not to engage in such collection through its apps unless the apps are in compliance with the Children’s Online Privacy Protection Act (“COPPA”). The AVC adopts COPPA’s definition of “Personal Information,” which includes data such as online contact information (such as an instant message user identifier); a photograph, video or audio file that contains a child’s image or voice; geolocation information sufficient to identity street name and name of a city or town; and persistent identifiers that can be used to recognize a user over time and across different websites or line services (e.g., IP addresses or a customer number held in a cookie). Juxta must also develop and maintain an up-to-date and accurate privacy policy that is clear, conspicuous and understandable. This privacy policy must be made prominently available on each of its apps and websites, including a hyperlink to the policy in any areas of its apps or websites that collect personal information from children younger than 13.

Additionally, Juxta is required to develop, implement and maintain procedures to ensure its Jott app does not contain any networks that are likely to predominantly include children under the age of 13. In particular, Juxta must refrain from designating any of its networks as an “Elementary School” network within the State of Texas. In the event Juxta seeks to prevent children under the age of 13 from using its apps or providing personal information, Juxta must implement and maintain reasonable neutral age screening mechanisms that discourage children from falsifying their age. Juxta further agreed to delete within 30 days (1) all personal information of children under 13 in its custody or control, and (2) all personal information in its custody or control regarding members of its “Elementary School” networks.