In some ways, the modern Internet is a Wild West in terms of privacy. Internet companies collect and share heaps of data from adults, but getting the same data from kids—even a few of them, even by mistake—can land them in hot water.

This week, Yelp agreed to pay a $450,000 fine to settle charges that it violated the Children's Online Privacy Protection Act, or COPPA. The FTC's complaint outlines how Yelp's mobile app allowed kids under 13 to register for the site, between 2009 and April 2013.

COPPA requires app-makers and website owners to get explicit parental permission before collecting any personal information about children under 13. That personal information can include things as simple as a name and email address. COPPA is the reason why Facebook and many other popular sites don't allow users under 13.

Yelp hadn't included the same age-screening on its mobile app that it used on its website. Both forms of registration ask for a user's birth date. But while the website would shut down the registration process if a user said they were under 13, both the Android and iOS versions of the Yelp app went ahead and allowed the child to register an account. (Giving Yelp one's birth date is optional, and it's always been possible to create a Yelp account without providing one.)

The app mistake meant that Yelp had a small number of users under 13, who were able to do things like post reviews, check in at local businesses, and share their location data with Yelp. All of that smartphone activity is fine for adults—but quite illegal for kids, without explicit adult consent.

In a blog post on the FTC charges, Yelp pointed out that only .02% of its users reported that they were under 13, and the company said it has "good reason to believe that many of them were actually adults." It continued: "Regardless, we don’t want any ambiguity when it comes to our users. When this problem was brought to our attention, we fixed it immediately and closed the affected users’ accounts."

Finding violations, within tight bounds

Regulation of kids' information contrasts greatly to the general lack of protection for personal information of those 13 and older in the US. There's no federal online privacy law, although there are subject-specific privacy laws for things like financial and health information.

The FTC has become active in the area of online privacy in the last few years. In cases of adults, the agency can't do much unless a company violates its own stated privacy policies.

Even within those tight restrictions, though, the agency has found a way to slap additional privacy requirements on the biggest Internet companies. Google, Facebook, Apple, Amazon, Twitter, Snapchat, BitTorrent, and MySpace have all been busted by the FTC within the last five years.

Also on Wednesday, the FTC said it settled similar charges against TinyCo, a maker of apps it said targeted children, like Tiny Pets, Tiny Zoo, and Tiny Monsters.

The TinyCo apps included an optional feature to get e-mail addresses from users. It didn't ask about age, but the FTC claimed that the apps, "through their use of themes appealing to children, brightly colored animated characters and simple language, were directed at children under 13."

TinyCo's statement emphasized that the FTC's concerns involved only its older games. It's removed all emails collected by its old updated "social identity system," which it now says is fully COPPA-compliant.

"TinyCo fully supports COPPA and the FTC’s effort to protect the privacy and data of children online," the company said in a short blog post on the matter. "We apologize to anyone affected by this issue, and want to be unequivocal in stating that TinyCo is fully committed to protecting user privacy, particularly when children are involved."