In-App and In-Game Ads: Tips to Staying Compliant in 2022

Nov 3, 2021 by James Davis, Senior Attorney, Children’s Advertising Review Unit, BBB National Programs

Today, age-appropriate design is in the headlines more than ever. Both in the U.S. and around the world, the explosion of child-directed gaming and mobile apps has increased concerns about the need to protect children from deceptive and inappropriate practices. In recent months the U.S. Federal Trade Commission (FTC) has sent multiple signals that protecting children online is one of the agency’s key enforcement priorities, particularly with respect to manipulative interfaces and other so-called dark patterns. 

The Children’s Advertising Review Unit (CARU) of BBB National Programs recently revised our CARU Advertising Guidelines to specifically address in-app and in-game advertisements and purchase options. The CARU Advertising Guidelines are widely recognized industry standards that help ensure advertising directed to children is truthful, fair, and appropriate for its intended audience across any form of child-directed media. 


Why the Change

The revised Guidelines meet children where they are – increasingly on mobile devices such as smartphones and tablets. Ten years ago, a child may have been allowed 30 minutes of supervised game play on an adult’s computer or phone. Now children often have their own devices, some designed specifically for child users.

This increased access to technology has also increased screentime. In addition to using apps and playing games, children are reading books, doing their homework, creatively expressing themselves, and socializing on these devices. Given this shift, business models have adapted too, with apps reliant on ads and in-app purchases for revenue, rather than up-front purchase fees. These new business models require special design considerations.


A Clear Way Out

One surprisingly complex issue that developers must consider with the revised CARU Guidelines is screen size. Specifically, if an in-app advertisement provides a way to close out of the ad, that exit method must be clear and conspicuous. Developers should therefore not minimize or camouflage exit methods using tiny or unlabeled icons hidden in the corner of small screens. 

Instead, as the revised Guidelines elaborate, developers should use color, text size, language, borders, and shading to ensure that an exit method is clear and conspicuous, meaning that it stands out and is easily recognizable to children. 

As an example, look at this mock ad pop-up screen that we have created for an imaginary company, Blank-It Games, and an imaginary child-directed game, Cute Fishes. Compared to the colorful, enticing visuals in the ad, the small “x” in the upper left corner seems designed to lead a child into believing that the $1.99 a month upgrade must be purchased to continue in the game. 

In this ad, the “x” is not clear and conspicuous.


Deceptive Door Openers and Dark Patterns

Other problematic practices that developers and advertisers should avoid are deceptive door openers and dark patterns. Deceptive door openers are advertising or sales practices that misleadingly lure someone into considering a purchase by withholding key information or using a fake claim. In the context of a website or app, the term commonly refers to a button or link that deceptively induces someone to view an ad or make a purchase. A dark pattern is an app or website interface that tricks, confuses, or manipulates a user into doing something they do not intend to do.

Let’s return to our imaginary game Cute Fishes. Look closely at the level completion screen below promising “free fish food,” which the player will need to advance through the next level. Put yourself in the shoes of a 6-year-old. Would you understand that pressing the brightly colored “free fish food” button would take you into an interactive ad experience that isn’t labeled as an ad and that takes at least 30 seconds to complete? Would you know that you need to click the tiny “No Thanks” text below the big purple button to return to your game?

Even more problematic is that, once they enter the ad experience (image on the right), players cannot return to Cute Fishes until they watch a 30-second video ad, interact with a mini-game, advance to a final screen, and then click a tiny, barely-there “x” in the upper left corner of the screen. 

To sum up, the large, enticing “free fish food” button lures a child into the unfair and manipulative ad experience without disclosing that it is an ad and without providing a clear or conspicuous way of dismissing it.

These are textbook examples of deceptive door openers and dark patterns. 


Get to Know the Rules of the Road

So, what should developers and advertisers do to ensure their in-app and in-game ads and purchase offers don’t deceive or confuse children? 

To start with, design with the best interests of children in mind, recognizing their limited knowledge and sophistication. 

  • Don’t veer from engaging gameplay into dark patterns – make sure that nudges or persuasive designs don’t manipulate, confuse, or deceive children.  
  • Be transparent. Make it clear when advertising is advertising, as well as when a purchase will cost real money.
  • Make sure methods to exit any ads or purchase offers are clear and conspicuous – in other words, make sure they are obvious and easy for a child to use. 


You can read the revised CARU Advertising Guidelines in full here

Suggested Articles


Fifty Shades of Consumer Health Data: Unclear Expectations for Digital Privacy

While momentum continues to build around what a regulated consumer health privacy landscape looks like, the environment remains shrouded in shades of gray. To date, a risk-based approach to consumer health data does not exist, but we believe a sliding scale for the risks carried by consumer health data should.
Read more

Fifty Shades of Consumer Health Data: How a Risk-Based Approach Provides More Clarity

This piece includes a list of routine examples of consumer health information, that, at face value may have one level of risk. But, depending on the context and the risk associated with the use of that data, and whether it is combined with other data sources and data elements or made available in the public domain, it could lend itself to differing levels of regulation and enforcement activity.
Read more

California Privacy Enforcement: Whose Job Is It Anyway?

The California Privacy Rights Act of 2020 went into effect bringing new privacy rights to California consumers and created the California Privacy Protection Agency. CCPA will continue to be enforced by the California Office of the Attorney Genera. Which begs the question: Whose enforcement is it anyway?
Read more

Unsubstantiated Claims May Lead to Civil Penalties

The U.S. economy is built on a fair and transparent product marketplace. It is the responsibility of companies to have adequate substantiation for health and safety claims and to hold their competitors to the same standard.
Read more