Nickelodeon plans to resubmit “SpongeBob” game app to App Store

“After an initial investigation and thorough review of our SpongeBob Diner Dash mobile application, we can confirm that no names, email addresses or other personally identifiable information were collected, and, therefore, we believe that no violation of COPPA occurred,” Nickelodeon said in a statement.

“Nickelodeon has long prided itself as being a leader in COPPA compliance, and we are looking forward to maintaining that leadership position in the industry as the FTC unveils its updated guidelines,” the company added.

There is a prompt in the app where players can input their email address so they can receive a newsletter. The CDD took issue with the email prompt in its complaint, but Nickelodeon countered that it was “a template function from the developer that was never operational in this app, and no emails or personally identifiable information were collected.”

Nickelodeon also denied that it collected the names that players typed into the app. The company said the names were stored locally on the players’ mobile phones and were never sent to any outside server. Nickelodeon also argued that the app’s push notifications “are within the current COPPA guidelines” and informed players about new features or levels within the game.

San Francisco-based mobile game developer PlayFirst partnered with Nickelodeon to create the game app.

The CDD had said the “SpongeBob” app asked kids to submit their personal information, including names and email addresses, without obtaining parental consent first. The privacy group argued that this a violation of COPPA, a 1998 privacy law that restricts the ability of website operators to collect information from children younger than 13 without parental consent.

The privacy group isn’t buying Nickelodeon’s arguments and is still pushing for the FTC to investigate the app.

Laura Moy, an attorney at Georgetown Law’s Institute for Public Representation, said the app is collecting online contact information in order to send kids push notifications.

“There is no question that push notifications come from the app operator’s server over the Internet to the device,” said Moy, who prepared the complaint on behalf of the CDD, in an email.

The CDD asked the FTC to investigate the app’s use of device tokens,
which it says allows companies to send custom messages to individual
children via push notifications.

Moy also questioned Nickelodeon’s claim about the email prompt not being functional.

“As consumers, we don’t have the ability to see inside the app and figure out what’s actually happening behind the scenes, which is why we’d really like to see the FTC investigate this,” she said.

The FTC is unveiling its updated version of COPPA on Wednesday at an event on Capitol Hill. The commission released a draft of the revised rules this summer, which would expand the law’s scope to cover apps, games, ad networks and other online entities. 

— This post was updated at 2:46 p.m.