August 3, 2012

Addressing a More Technological Media World, The FTC Seeks To Revise Its Children's Online Privacy Protection Act — Agency Looks To Prevent Social Media "Partners" and Ad Networks From Reaching Children Without Parental Permission

Back in the ancient days of media (circa 1998), the Federal Trade Commission enacted the Children's Online Privacy Protection Act (COPPA), under which sites aimed at children are required by law to ask a parent's permission when collecting personal identifiable information such as email addresses and names. But vague language in the policy could allow so-called third parties like Facebook and Twitter, whose services are attached to numerous smartphone games, to avoid the parental consent process. The agency said this week it is considering online privacy rules that would make it harder for advertisers and social networks to collect information about children without permission from parents, the Washington Post reports. The revisions aim to catch up with advancing technology by ensuring that advertisers and websites limit tracking of children who are increasingly online using smartphones and tablets. The FTC said its proposed rules would require third-party partners of websites, including "plug-ins" and ad networks, to ask parents for permission to collect information about users under 13 years of age. The consumer protection agency said it would take comments on the proposal for 30 days and then vote on them as part of a bigger overhaul of COPPA rules expected by the end of the year. The FTC said in its proposal that the 1998 COPPA law "did not foresee how easy and commonplace it would become for child-directed services to integrate social networking and other personal information collection features into the content offered to their users, without maintaining ownership, control or access to the personal data," the agency said, according to the Post report.

"Given these changes in technology the Commission now believes that an operator of a child-directed site or service that chooses to integrate into a site or service other services that collect personal information from its visitors should be considered a covered operator under the rule," the FTC wrote in its notice, the Washington Post reports.

Consumer privacy advocates have pushed for stronger rules than what has been drafted for vote by the FTC. They say advertisers can avoid behavioral advertising limits on children by attaching themselves to children's sites without notifying parents and children clearly, reports Post writer Cecilia Kang.

"Today, the FTC took a giant step to protect children's privacy by proposing that the online data broker industry be required to comply to the Children's Online Privacy Protection Act," said Jeffrey Chester, executive director of the Center for Digital Democracy, a privacy advocacy group. "The commission will also rein in the data brokers targeting kids who use social media, so-called "plug-ins," to gather information on a child and their friends," he added, according to the article.