Children's Privacy and Age Restrictions

What it is

Apple does not intentionally collect personal data from children under 13 without parental consent, and states it will delete such data if collected inadvertently, while offering parental control tools through Screen Time and Family Sharing.

Why it matters (compliance & governance perspective)

Children's online privacy is subject to strict legal requirements in the US and internationally, and the App Store's role as a distribution platform for children's apps means Apple's age verification and parental consent mechanisms are particularly significant for families.

Consumer impact (what this means for users)

Parents should use Apple's Family Sharing and Screen Time features to manage their children's Apple ID accounts and app access. If you believe a child under 13 has created an Apple account without parental consent, you can contact Apple to request data deletion.

What you can do

Institutional analysis (Compliance & governance intelligence)

REGULATORY LANDSCAPE: COPPA in the US requires verifiable parental consent before collecting personal information from children under 13 and imposes strict notice, consent, and deletion obligations on operators. The UK Age Appropriate Design Code imposes additional protections for users under 18. GDPR and national implementations set varying ages of digital consent across EU member states ranging from 13 to 16. Apple's role as an App Store operator creates platform-level COPPA obligations regarding apps directed at children. GOVERNANCE EXPOSURE: High for organizations publishing children's apps through the App Store. Apple's policy addresses its own COPPA compliance, but app developers who distribute children's apps via Apple are independently responsible for their own COPPA and GDPR Article 8 compliance. The FTC actively enforces COPPA against app platforms and developers. JURISDICTION FLAGS: US COPPA applies to children under 13. GDPR Article 8 applies in the EU with member-state variation on the age of digital consent. The UK Age Appropriate Design Code applies broadly to services likely to be accessed by users under 18. California's Age-Appropriate Design Code Act adds further obligations for California-accessible services. CONTRACT AND VENDOR IMPLICATIONS: Developers publishing children's directed apps on the App Store must comply with Apple's Kids App guidelines as well as independent COPPA and GDPR obligations. Procurement teams evaluating Apple educational products should assess whether Apple's Family Educational Rights and Privacy Act documentation is available for school deployments. COMPLIANCE CONSIDERATIONS: Organizations operating educational or family-directed services should assess whether Apple's age verification mechanisms are sufficient for their regulatory obligations under COPPA, GDPR Article 8, and the UK Age Appropriate Design Code. FTC COPPA safe harbor program participation may be relevant for app developers.

Applicable agencies

Applicable regulations

Provision details

Other risks in this policy

• Personal Data Collection Scope medium
• Third-Party Developer and Partner Data Sharing medium
• Location Data Collection and Use medium
• Health and Fitness Data Processing medium
• Siri and Voice Data Processing medium
• Advertising and Analytics Data Use low

Related Analysis

• Meta Removed 438 Sentences From Its Privacy Policy. Here Is What Disappeared.

  ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.

• 23andMe Is Bankrupt. What Happens to Your DNA Now?

  Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.