1. Published Standards Against Child Sexual Abuse and Exploitation (CSAE)

• Action: Your app must publish clear and comprehensive standards that specifically address the prevention of Child Sexual Abuse and Exploitation (CSAE). These should outline the preventive measures, such as content moderation, user reporting systems, and how the app will respond to any CSAE-related content.
• Example: Link to your published CSAE standards on your website or in your app’s privacy policy. This could include compliance with international standards like those from ECPAT International or NCMEC.
• Helpful Links:
  • ECPAT International Standards
  • National Center for Missing & Exploited Children (NCMEC)

2. In-App Mechanism for User Feedback

• Action: Implement a user-friendly, easily accessible feedback mechanism within your app. This can be in the form of a feedback button or a reporting feature that allows users to report suspicious behavior or content related to CSAE or other forms of child exploitation.
• Example: Include a “Report Abuse” or “Report Inappropriate Content” button directly in the app, with clear instructions on how to report incidents.

3. Address Child Sexual Abuse Material (CSAM)

• Action: Ensure that your app has strong systems for detecting, preventing, and removing Child Sexual Abuse Material (CSAM). Collaborate with agencies such as NCMEC to implement tools for detecting and reporting CSAM.
• Example: Use third-party services like Microsoft PhotoDNA or similar technologies to detect CSAM in images and videos. Make sure to also have reporting protocols to immediately remove such material and report it to the appropriate authorities.
• Helpful Resources:
  • Tech Coalition’s Best Practices
  • Microsoft PhotoDNA

4. Compliance with Child Safety Laws

• Action: Ensure that your app complies with local and international laws governing child safety. This includes laws like COPPA (Children’s Online Privacy Protection Act) in the U.S., GDPR-K (General Data Protection Regulation for Kids) in the EU, and any relevant local regulations.
• Example: If your app collects personal data from children, ensure it complies with COPPA by obtaining parental consent and allowing parents to review and delete their children’s data. Also, ensure that data collection and user interactions follow GDPR guidelines for underage users.
• Key Resources:
  • COPPA – Federal Trade Commission (FTC)
  • GDPR for Children

5. Provide a Child Safety Point of Contact

• Action: Designate a specific point of contact for child safety issues. This should be someone within your organization or a third-party service responsible for handling CSAE-related concerns and inquiries.
• Example: Include the contact information for the child safety team or an email address like childsafety@yourapp.com in your app’s privacy policy or in the app’s settings.

Tech Coalition’s Best Practices for Combating Online CSEA

• Action: Follow the guidelines and best practices published by the Tech Coalition for combating online child sexual abuse and exploitation (CSEA). These practices cover everything from content moderation to reporting mechanisms and detection technologies.
• Link to Best Practices: Tech Coalition – Combating Online CSEA

1. Children’s Online Privacy Protection Act (COPPA) – USA

• Key Requirements:
  • Obtain verifiable parental consent before collecting any personal information from children under 13.
  • Provide a clear privacy policy and a notice of what data is being collected from children.
  • Allow parents to review, delete, and control the personal data of their children.
• More Information: COPPA FAQs – Federal Trade Commission
• Contact:
  FTC Consumer Response Center
  600 Pennsylvania Avenue, NW
  Washington, D.C. 20580
  Phone: 1-877-FTC-HELP (1-877-382-4357)

2. General Data Protection Regulation (GDPR) for Children – EU

• Key Requirements:
  • Children under 16 years old require parental consent to process their personal data (some countries have a lower age threshold).
  • Provide transparent information about data processing, including the type of data collected and how it is used.
  • Enable children to easily withdraw consent at any time.
• More Information: GDPR – European Commission
• Contact:
  European Data Protection Board (EDPB)
  Email: contact@edpb.europa.eu
  Website: https://edpb.europa.eu/

3. International Guidelines (UNICEF, WHO, etc.)

• Key Requirements:
  • Ensure that children’s data is handled with high levels of security and that children are protected from exploitation or harm.
  • Minimize data collection and prioritize transparency and user control.
  • Provide educational resources on child safety and online behavior.
• More Information: UNICEF Child Safety Online

4. General Best Practices for Child Safety in Apps:

• Age Verification: Ensure that users can be accurately classified by age, and restrict underage users from accessing specific content (e.g., dating features).
• Content Moderation: Implement strong content moderation systems to prevent inappropriate content (e.g., explicit language or predatory behavior).
• Parental Controls: Allow parents to control and monitor their children’s app usage and interactions.
• Reporting Mechanisms: Provide clear ways for users to report inappropriate behavior or content.
• Privacy and Security: Ensure all data is encrypted and securely stored, and that users’ privacy is respected.

5. App Store Guidelines

• Google Play Store & Apple App Store both have guidelines for child safety:
  • Ensure that your app adheres to specific child safety policies like preventing online predation, disallowing children under a certain age from accessing adult content, and implementing strong data protection measures.

Apple’s App Store Guidelines

Apple has a Child Safety section within its App Store Review Guidelines where developers must comply with child exploitation and abuse prevention. The app must also adhere to Apple’s broader App Store Guidelines.

• Link: App Store Review Guidelines

2. Google Play Store Policies

Google also outlines policies against child sexual abuse and exploitation in its Google Play Developer Policy Center. It emphasizes that apps should not contain content that promotes, facilitates, or engages in child sexual abuse or exploitation.

• Link: Google Play Developer Policy

3. Global Internet Forum to Counter Terrorism (GIFCT)

The GIFCT, which collaborates with tech companies, publishes resources and guidelines on preventing harmful content, including CSAE. Their Content Moderation Best Practices for CSAE are highly relevant.

• Link: GIFCT Best Practices

4. The National Center for Missing & Exploited Children (NCMEC)

NCMEC provides standards and tools for preventing child sexual exploitation and abuse, including reporting mechanisms. Their Technology Coalition offers guidelines and reports that tech companies can reference.

• Link: NCMEC Resources

5. Internet Watch Foundation (IWF)

The IWF publishes technical standards and guidelines aimed at preventing the online sexual exploitation of children. It offers tools for identifying and reporting CSAE.

• Link: IWF Standards

6. ECPAT International

ECPAT provides global standards for safeguarding children from sexual exploitation. This is particularly relevant if your app operates internationally.

• Link: ECPAT Standards