Upping Your Game This Data Privacy Day: Tips for Parents and Caregivers

Stacy Feuer
January 28, 2022

As we begin 2022, there’s no doubt that the universe of online games is providing a portal to the larger world. According to recent research, millions and millions of people of all ages are playing online video games for fun, relaxation, education, and connection. And during the past few years, more kids, teens, and families turned to games for entertainment and comfort during pandemic-prompted periods of social distancing and isolation.

With so many kids and teens using online games, mobile apps, and related devices and services, Data Privacy Day (January 28) provides a perfect opportunity for parents and caregivers to refresh their privacy game. We at ESRB Privacy Certified – a leading non-profit online and mobile privacy compliance program - have three tips to get you started:

1.    Check out COPPA

2.    Scan Your Privacy Settings

3.    Stay Alert with App Permissions

Before getting to our three tips, though, it’s important to understand how online games collect and use data. When using any devices or service connected to the internet, including games, it’s a given that some data is going to be collected in order to make the product work.

For example, most companies will collect information such as username, email, and IP (Internet Protocol) address. Some will collect data like a user’s age, geographic location, payment information, and communications preferences. Most sites also use “cookies” to store data, which can access a user’s browsing history to help inform ad preferences while remembering some information the next time you visit a site. As users connect gameplay to social media and streaming sites, more data is transmitted to (and collected by) other entities– sometimes automatically.

Today, game companies and related sites may collect more extensive data about user preferences to personalize game experiences and offer more in-game features. But here’s the thing: you can control how such information is collected, shared, and used -- especially when it comes to your kids.

TIP #1: Check out COPPA

Fortunately, you’re not alone when it comes to protecting your children’s privacy. The U.S. federal Children’s Online Privacy Protection Act (COPPA) makes it illegal for websites and services (including online video games) that have actual knowledge that a child under the age of 13 is using their site or service to collect personal information from a child without a parent’s permission. (This includes things like name, email address, social security number, and more.) The law also prohibits the sharing of kids’ personal information with third parties without your consent and allows you to review and request deletion of your child’s information. Some states have similar or even more extensive laws. That’s why it’s so important to make sure you and your kids are entering accurate age information when signing up for services (including child accounts on your video game consoles).

How can you know whether a website or mobile app is COPPA-compliant? One way is to look for our Kids’ Privacy Certified Seal, which demonstrates our members’ compliance with our COPPA-integrated program requirements.  (While you’re looking at the Kids’ Seal, you can also learn about our Privacy Certified seal for services intended for a general or more mature audience.)

TIP #2: Scan Your Privacy Settings

Data Privacy Day is a perfect time to review the privacy settings of the browsers, apps, websites and related digitally connected devices, online games, social media and streaming platforms you and your children and teens use. Choosing privacy settings gives you and your family more control over how companies use your personal information online. Most sites have links or FAQs that can help you do this. And, this year, the Stay Safe Online Campaign has put together a list of links to the privacy settings for many popular devices and online services to make it easier for you to reach your favorite site.

And don’t forget about privacy policies. Although privacy policies are often long and complex, many companies are now using short-form policies or summarizing key facts that can help you find out what information is gathered in a game, where it goes, how it gets used, and who to contact if you have a problem or question. You can view an example of a short form privacy policy inside of the ESRB Rating Search App (Android | iOS).

Remember, though, it’s not enough to scrutinize your privacy settings only once a year and then forget about them. Many companies change their privacy setting options regularly, so review them periodically. You may also want to evaluate your settings to make sure you’re still comfortable with the settings you previously selected, especially for your kids.

TIP #3: Stay Alert with App Permissions

On Data Privacy Day – and every day – keep track of what your children download onto devices – be it a smartphone, tablet, or computer. Some intrusive applications might want access to seemingly innocuous functions, but odds are a simple game doesn’t need access to something like precise location or your mobile number. If something as simple as a calculator app wants to look at your contacts, that should raise a red flag, especially as child identity theft and other privacy intrusions become more common. Always double check the phone’s settings to see what permissions applications are asking for, and if it’s something inappropriate, you can always deny access or uninstall the app in question.

* * * * *

As with most parenting challenges, the best way to protect your kids’ personal information is to stay involved. Talk to your children and teens about the sites and apps they use and the games they play. Discuss what types of information they should and shouldn’t share online. Help them identify safe and trusted websites and apps like those with the ESRB’s Privacy Certified or Kids Certified Seals. And make sure that your kids know they can always come to you with questions and concerns.

Written by

Stacy Feuer

As senior vice president of ESRB Privacy Certified (EPC), Stacy ensures that member companies in the video game and toy industries adopt and maintain lawful and responsible data collection and privacy policies and practices for their websites, mobile apps, and online services. She oversees compliance with ESRB’s privacy certifications, including its “Kids Certified” seal, which is an approved Safe Harbor program under the Federal Trade Commission’s Children’s Online Privacy Protection Act (COPPA) Rule.

Before joining ESRB, Stacy spent more than 21 years as an enforcer and regulator at the Federal Trade Commission, developing deep experience in privacy, advertising, and international issues. She was also a partner in an international litigation firm and clerked for a federal district court judge. Stacy is a graduate of Cornell University and the New York University School of Law. Stacy holds the CIPP/US certification from the International Association of Privacy Professionals.