Privacy rules could trap app developers

The Federal Trade Commission is expected to issue stricter online child privacy rules this week, making data sharing complicated, costly, and potentially dangerous for developers.

The proposed changes will strengthen the existing ban on collecting a child’s private information, including location and email address, through mobile devices. Although the rules are designed to make the Internet more safe, software developers say routine transfers of data from mobile devices, which pose no threat, could be punished along with improper data collection. Responsible developers will err on the side of caution, leaving the Internet with less child-friendly content.

To many app and software developers, like Dan Russell-Pinson, creator of the popular cell phone game for kids, “Stack the States,” the rules will create a major roadblock to business growth. In addition to stifling creativity, the regulations will saddle small businesses with legal and technical costs to ensure mobile apps don’t break the rules.

Russell-Pinson would like to improve his 99-cent U.S. geography game, which gets rave reviews from parents, by adding a feature that allows children to play online against one another. But because of the new regulations, he’s not even considering it.

“It would require all kinds of data sharing,” said Russell-Pinson, the founder and sole employee of Freecloud Design in Charlotte, N.C. “I would be kind of afraid to do that.”

The cost of the changes to developers just selling educational apps for children on Apple's iTunes store could be as high as $271 million—nearly 100 times what the FTC has projected for all the businesses it expects to be covered under the rules, according to the Association for Competitive Technology, a Washington-based trade group that represents small and midsize software development companies. The FTC's estimate is "laughable," said Morgan Reed, the association's executive director.

Andy Russell, co-founder of San Francisco’s Launchpad Toys, fears the rules will put many smaller developers, who can’t afford to make modifications to their programs, out of business.

"I can't speak for other developers, but I think there are a lot of people out there who would say: 'You know what, that's OK. I'm just going to fold up shop,'" he said.

Under the proposed changes, permission from the parent of a preteen who wants to use an app must be verifiable. That requirement alone could pose a major hurdle, Russell said. What will qualify as proof that the consent is legitimate? A driver's license number? A form that is signed and faxed by a parent?

"Verification is a wonderful thing,” he said. “But to date there just hasn't been a good way to do so.”

An outlay of several thousand dollars to design the required privacy policy for an app is small change for larger, established companies. But for the bulk of developers, that's a lot of money. Most have only a few employees and operate on tight profit margins, Reed said.

But FTC Chairman Jon Leibowitz defended the government's approach last week on Capitol Hill, saying safety should come first: "When you are talking about children, you have to give the benefit of the doubt to privacy.”