09 Mar 2018

How to make sure your apps are safe for kids?

At Mobiuso every project we have worked on had some unique challenging elements. The technical solution required out of the box thinking and research to provide the suitable solution.

We recently faced one such challenge where we had to create an interactive content platform for Kids & Toy brands and to create value for the stakeholders which include Kids, Parents & the Toy Companies. Some of the key goals of the solution are

  • Create Easy to use & fun application for kids
  • Facilitate toy-centric & “Kids Safe” social network
  • Provide Quantified insights to Toymakers
  • Create brand awareness & loyalty

The kids being the primary user/consumer of the solution. Ensuring Kids privacy & safety online was the critical element of the platform and was one of the key design considerations.

This post describes the measures we took to ensure “Kids Safety”.

Compliance requirements

The team decided to find if there is any regulation like HIPAA, already exists for Children Privacy Protection, we came across COPAA, Children’s online privacy protection act. It is a law created to protect the privacy of children under 13. We studied Children’s online privacy protection rules. Our understanding of the rules led us to take certain technical & functional measures.

 

Measures we took

No Registration, No Login & Password

The app does not require user registration. No Personally identifiable information (PII) is captured in the app. To identify user a unique dummy identifier is assigned by the system.

Location details

The location details captured in the app are not the exact details.

Leveraged face detection to mask the faces.

The app facilitates user-generated content for e.g. a kid can take a picture of the creation and share it with other Kids. There is also an option to take the photo with the creation. To ensure the privacy, application masks the Kid’s face in the photo with a cartoon image. The image is uploaded to a server only after applying the mask. Masking of the photo with cartoon character image brings in the fun, delights the kid. Kid’s actual photo is never uploaded to the server.

Content moderation

The content uploaded by the Kids is moderated for the objectionable content on the server. Only approved content gets published and shared with other kids.

The solution makes use of AWS Rekognition service for the content moderation. All the outcome including the identified attributes and the confidence is saved in the system for later review. The system automatically rejects the content if the confidence level is beyond a certain threshold. The content for which the confidence level is below the threshold is moderated manually and published if found to be appropriate.

Conclusion

There are many people today who are trying to provide the younger generation with means of better learning, while also trying to improve their social skills. However, there are enough challenges. We all are aware of cases where a child became a victim of a crime perpetrated online. Hence, privacy & security become essential aspects of such scenarios. Fortunately, there are enough tools available today to make it possible. We only need to use them wisely to create scalable and robust yet cost-effective privacy solutions.

References

CHILDREN’S ONLINE PRIVACY PROTECTION RULE

COPAA – A Six-Step Compliance Plan for Your Business

Face Detection Concepts

AWS Rekognition