Parents claim Disney gobbled up kids' info through mobile games

Disney has been sued in America for allegedly collecting children's personal information without getting parents' approvals.

A class-action lawsuit [PDF] filed Thursday in northern California accuses the unstoppable children's entertainment brand and three of its developer partners of violating privacy laws by tracking the locations and activities of kids who use their mobile games – without first asking parents to approve the activity.

Named plaintiff Amanda Rushing is suing on behalf of herself and a class of all parents whose kids played "Disney Princess Palace Pets" and 42 other Disney-branded smartphone and tablet games that allegedly run afoul of the Children's Online Privacy Protection Act (COPPA).

According to the suit, the Disney apps for both iOS and Android do not ask for parental permission before they use software development kits that assign unique identifiers to users and then use those identifiers to track the location of the users, as well as activities in-game and across multiple devices. The data is then fed to advertisers to serve up targeted ads.

"In other words, the ability to serve behavioral advertisements to a specific user no longer turns upon obtaining the kinds of data with which most consumers are familiar (email addresses, etc), but instead on the surreptitious collection of persistent identifiers, which are used in conjunction with other data points to build robust online profiles," the suit claims.

"Permitting technology companies to obtain persistent identifiers associated with children exposes them to the behavioral advertising (as well as other privacy violations) that COPPA was designed to prevent."

The class-action also names software developers Unity Technologies, Upsight Inc and Kochava Inc as defendants. In addition to damages, the suit seeks a cease and desist to stop the collection of data without permission.

Disney would not be the first mobile developer to face the possibility of penalties for violating COPPA. Going back to 2011, mobile app developers have been catching raps for tracking underage users without permission.

In 2014, Yelp had to pay out half a million dollars because of a bug in the code for its age verification tool, and more recently the warnings were extended to companies that make "smart" toys. ®