FTC Wades Deeper Into Online Child Privacy Thicket
An update to the Children's Online Privacy Protection Act, long overdue since the law's enactment in 1998, are nonetheless drawing fire from consumer advocacy groups who contend the changes will further invade children's privacy instead of preventing it. Groups such as the ACLU and Consumer Watchdog have written the FTC in opposition of the current proposed rules.
Sep 28, 2012 3:57 PM PT
The Federal Trade Commission is working on an update of the rules governing the online collection of personal information, which have remained pretty much the same since 1998.
The changes to the Children's Online Privacy Protection Act, however, are likely to do as much to invade children's privacy as to protect it.
The proposed changes have been debated since 2009. The ongoing debate led the FTC in August to extend the deadline for comments to Sept. 24.
That drew a fresh spate of comments from advocates earlier this week.
Proposed Changes to COPPA
Section 312.2 of COPPA, known as the 100 percent deletion standard, requires operators to delete all individually identifiable information in postings by children before they're made public.
The FTC is proposing that operators who use technologies reasonably designed to capture all or virtually all personal information input by children should not be deemed to have collected personal information.
In other words, if you collect the information automatically, you get a free pass.
Another change will let operators collect a form of government-issued identification such as a driver's license or a segment of a social security number, from kids' parents to verify their identity.
Further, the FTC proposes allowing operators to collect a parent's online contact information for the purpose of providing notice to, or updating the parent about, a child's participation in a website or online service that does not otherwise collect, use or disclose children's personal information. The parent's online contact information may not be used for any other purpose, disclosed, or combined with any other information collected from the child.
"Cookies and other identifiers that online brokers collect to create profiles on individual users are personal information, and such data shouldn't be collected from a child without parental permission," Jeffrey Chester, executive director for the Center for Digital Democracy, told TechNewsWorld.
It's important that the FTC "says that all this data about you and your parents, whether collected from mobile phones or browsers or gaming sites, is considered personally identifiable," Chester continued. "These identifiers should be protected for adults as well."
Websites directed to children "do as much, or even more, tracking as general purpose sites," John Simpson, consumer advocate at Consumer Watchdog, pointed out. "That's why we've urged the FTC to identify persistent identifiers as personal information."
The CDD, the ACLU, and a slew of other groups wrote the FTC on Tuesday calling for stronger protections for kids online.
The letter warned that companies offering children's programs such as Viacom, Time Warner/Turner, and Disney are using advanced state-of-the-art data collection tools to track, profile and target users online.
"The FTC's proposed rules are a welcome attempt to update COPPA, but need further refinement as our coalition suggested, to ensure that children are protected when they go online whether on a PC or a mobile device," Simpson told TechNewsWorld.
The coalition is concerned that some sites could get around the COPPA restrictions by labeling themselves as family-friendly, which would let them avoid regulations that would apply if they were labeled child-directed, Simpson continued.
Members of the coalition include the American Academy of Child and Adolescent Psychiatry, the Berkeley Media Studies Center, Campaign for a Commercial Free Childhood, Center for Media Justice, ChangeLab Solutions, and the Consumer Federation of America.
Don't Tread on My Info
The new rules could jeopardize the privacy and safety of children, child protection advocate Larry Magid warned earlier this week.
Requiring that parents submit a child's name and age to the site operator and the source of videos embedded on sites aimed at children, as proposed by the FTC's planned amendments, will disclose the very information the rule is trying to protect and will make kids more vulnerable, Magid contended.
"The proposed regulations are better than what exist now, but we believe there must be changes from what the FTC proposed, to fully protect children under the age of 13," Consumer Watchdog's Simpson said.