Release of the apps for children: what are the requirements of the App Store and Google Play?

In the previous article, we looked at the key legal provisions governing the processing of children's personal data. However, in addition to the legal requirements, you should also consider the strict criteria of the platforms at the stage of publishing your app to the App Store and Google Play. It is essential to ensure that your app is fully compliant with these requirements to avoid possible blocking of the app until the breaches are rectified. 

In this article REVERA law group lawyers will tell you about the rules to follow to ensure that your children app meets the requirements of two major platforms – App Store and Google Play.

App Store Requirements.

Rule №1. Provide age-appropriate content for children

The essence of the requirement is to provide only age-appropriate content to children. It is important that parents entering the “Kids” category have confidence that the app provided will indeed be favourable to their children's development and entertainment.

Rule №2. When adding an in-app purchase, set parental gate

If your children app includes internal purchases or links to external resources, be sure to implement a parental gate mechanism.

Parental gate is a task that the user must complete in order to proceed. Its complexity must be high enough that it can only be solved by an adult (e.g. solving a maths problem, a logical sequence of numbers, etc.). 

App Store regulations require that apps in the “Kids” category use a parental gate that prevents children from engaging in commercial activities or clicking on links to websites, social networks or other apps without the permission of a parent or guardian.

Rule №3. Prohibition of transferring children's personal data to third parties

In accordance with App Store requirements, you may not share children's personal data and device information with third parties. This means that you cannot use third-party services that access such data when it relates to children's personal data in your app.

Rule №4. Limit data collection for analytics and in-app advertising

Apps categorised as "Kids" do not allow the use of external analytics services or the display of adverts. This rule is intended to provide a safe environment for children.

However, there are some exceptions to this rule: 

  1. Analytics
    Collecting analytics data using third-party services is only allowed to a limited extent. Processing of analytics data will be allowed if your app does not collect the following identifiers:
    • IDFA,
    • children's name,
    • date of birth,
    • accurate geolocation (location such as country, city can be collected),
    • IP address,
    • Device ID,
    • other unique identifiers. 
       
  2. Advertisement
    Contextual advertising using third-party services is only permitted where such third-party services have documented policies for “Kids” category apps, which includes, among other things, human verification of the adverts to be shown to children to ensure that they are age-appropriate. 

Google Play requirements

Google Play has slightly different requirements than those for apps in the App Store, but there are some similarities.

Rule №1. Provide age-appropriate content

A mandatory rule for children apps on Google Play is to provide age-appropriate content. This means that the app should not have ads that are not intended for children, as well as content related to alcohol, drugs, and simulated gambling.

That being said, depending on the content/features the app offers, additional requirements may be set. For example, if an app whose target audience is children uses augmented reality, the following additional requirements are set:

  1. remind the user of the importance of parental supervision,
  2. draw the user's attention to the potential dangers of the world around them,
  3. such app must not require the usage of a device that is advised not to be used by children (for example, Daydream, Oculus).

Rule №2. Properly use social features in your app 

If your app is social* or provides social features*, Google Play sets a number of additional requirements and restrictions for such apps related to the use of such features by children. 

A social app is an app where the main focus is to enable users to share freeform content or communicate with large groups of people.

*A social feature is any additional app functionality that enables users to share freeform content or communicate with large groups of people.

According to Google Play rules, if the target audience of a social app includes children, or if an app targeted at children has social features, the app must show reminders about how to protect themselves online and the real risks online interactions can lead to before allowing children to share content or information. 

In addition to providing instructions, such apps must obtain the parent's consent to process the child's personal data, and their functionality must provide an in-app reminder to be safe online and to be aware of the real-world risk of online interaction before allowing child users to exchange freeform media or information. 

Rule №3. Do not process certain categories of personal data

For apps whose target audience includes children, Google Play rules, similar to App Store rules, establish a ban on processing certain personal data. 

For example, apps intended only for children must not transmit the following personal data:

  1. Android advertising identifier (AAID), 
  2. SIM Serial, 
  3. Build Serial, 
  4. BSSID, 
  5. MAC, 
  6. SSID, 
  7. IMEI, and/or IMSI.

In addition to restrictions on the transfer of certain categories of personal data, Google Play's rules also establish a prohibition on the collection, use, and transfer of information about the precise location of users of children's apps. 

Summary

It is important to remember that both Apple and Google always actively monitor apps that are published on their platforms and check them for compliance with platform rules. Therefore, in order to avoid negative consequences for both yourself and your users, you need to comply with the legal requirements on child data protection that were outlined in our previous article, as well as making sure that your app complies with the requirements of the specific platform on which it will be published. This will help ensure that the app is safe and secure for all its users.


Dear journalists, use of material from the REVERA website in publications is only possible with our written permission. 

To approve material, please contact i.antonova@revera.legal or Telegram: https://t.me/PR_revera