Ad Watchdogs Support Dorel's AI Claims, Call for Stronger COPPA Notice and Consent
BBB National Programs' National Advertising Division (NAD) and the Children's Advertising Review Unit (CARU) concluded that Dorel Juvenile Group's core claims about its CryAssist technology are supported. They also recommended Dorel improve its COPPA notice and consent practices. Dorel said it will comply.
What happened
Dorel markets connected nursery products under the Maxi-Cosi brand, including the Sibia Bassinet with CryAssist Audio Monitor and the Starling Smart Bassinet. CryAssist, developed by Swiss company Zoundream AG, analyzes infant cries and feeds insights to parents.
NAD reviewed claims that CryAssist uses AI to translate infant cries into categories-sleepy, fussy, gassy, agitated, or hungry-and that users can control response-based features. NAD also evaluated statements that cry data is anonymized, encrypted, and processed securely in the cloud.
Dorel provided peer-reviewed research validating the AI model and device-level calibration and performance evidence. NAD found the claims supported, including that response-based features are optional and that data practices described (anonymization and encryption) are accurate.
CARU assessed COPPA compliance and found Dorel uses reasonable security, limits collection to what's needed, and doesn't use children's data for undisclosed secondary purposes. However, CARU identified gaps in notice and consent: no compliant online privacy policy for the service, no direct notice to parents, and no verifiable parental consent (VPC) mechanism. CARU recommended Dorel implement these procedures.
For reference, see the BBB National Programs case decision library and the FTC's COPPA rule.
Why this matters to marketers
This case offers a clear playbook for promoting AI-enabled features without overstepping. It shows what kind of evidence supports performance and security claims-and where privacy notices and consent workflows must be airtight for products interacting with kids' data.
- AI claims need real proof: Peer-reviewed research, validation datasets, and device-level performance testing are persuasive. Keep the evidence file updated as models or firmware change.
- Precision beats hype: State exactly what the AI does (e.g., categorizes cries into five labels) and avoid broad promises. If you say features are "optional," the UI must make them easy to toggle on/off.
- Security claims should mirror practice: If you claim anonymization and encryption, document data flows, retention limits, and where processing happens. Marketing copy must match your technical architecture.
- If kids' data is in play, COPPA applies: You need a compliant privacy policy for the service, direct notice to parents before collection, and a verifiable parental consent method-then keep records.
- Cross-functional review is non-negotiable: Legal, privacy, product, and marketing should sign off on claims and COPPA workflows before launch.
Practical checklist: Launching or promoting AI products that may collect kids' data
- Map data flows: What's collected (audio, metadata), where it's processed (device vs. cloud), who accesses it (vendors), and how long it's retained.
- Align copy with capability: List the specific outputs the AI provides and any accuracy, coverage, or context limits. Avoid absolute terms.
- Back every claim: Keep a substantiation dossier: model research, training/validation details, in-field calibration, and results under realistic use.
- Tune your privacy policy: Create or update a service-specific policy that covers data types, purpose, sharing, security, retention, and parental rights under COPPA.
- Send direct notice to parents: Clear, concise notice explaining what's collected, how it's used, and how consent works-delivered before collection.
- Stand up VPC: Implement an approved method (e.g., small charge to a credit card with refund, knowledge-based checks, video verification, gov-ID review). Log evidence and consent timestamps.
- Gate collection behind consent: No data collection from children until VPC is completed, unless a narrow COPPA exception applies.
- Limit and secure: Collect only what's necessary, encrypt in transit and at rest, de-identify where feasible, and enforce strict retention limits.
- Vendor controls: Update DPAs to prohibit secondary use, require security, and support deletion requests.
- UX clarity: Make opt-ins, toggles, and controls obvious. If a feature is "optional," it should default off unless consented.
- Train support and comms: Ensure they can explain features, privacy controls, and consent steps without overpromising.
- Monitor and iterate: Re-test claims after updates; re-verify consent if scope changes; refresh messaging accordingly.
Message framing you can use
- Be specific about outputs: "The system analyzes cry audio and categorizes it as sleepy, fussy, gassy, agitated, or hungry."
- Be clear about control: "Response-based features are optional and can be turned on or off in Settings."
- State your privacy posture plainly: "Cry audio is anonymized, encrypted, and processed in the cloud. We do not use children's data for advertising."
- Signal compliance without legalese: "Parents receive a direct notice and we obtain verifiable consent before collecting a child's data."
What marketers should do next
- Audit any AI claims in market assets and confirm there's documented support.
- Review your privacy policy, parental notices, and consent flow against COPPA requirements.
- Align product toggles, defaults, and in-app language with advertised "control" and "optional" claims.
- Set a quarterly review cadence for claims, data practices, and vendor contracts.
If you're refining positioning or campaigns for AI-enabled products, see our resources on AI for Marketing.
The bottom line
Strong evidence won the day on Dorel's AI performance and control claims. The to-do is privacy: put compliant parental notice and verifiable consent in place. If your product touches kids' data, treat COPPA workflows and claim substantiation as launch-blockers, not nice-to-haves.
Your membership also unlocks:
