US rule broadens to protect children's online privacy, leaves developers with questions

Filed Under: Facebook, Google, Law & order, Privacy

Kid online. Image courtesy of ShutterstockThe overhauled Children’s Online Privacy Protection Act Rule (COPPA) went into effect on Monday, the US Federal Trade Commission (FTC) announced.

The rule has been updated to keep pace with burgeoning personal information - much of it coming from children's increased use of mobile devices and social networking, such as cookies that track a child’s activity online, geolocation information, photos, videos, and audio recordings.

One aim is to restrict advertising targeted at children.

FTC Chairwoman Edith Ramirez said in the release that the updated COPPA rule will also help parents control personal information about their children - specifically, those under the age of 13.

But the new rule is leaving app developers scratching their heads over how they're supposed to avoid collecting children's personal information.

For example, they're wondering just what, exactly, they're now responsible for when a parent hands their tablet to a child, the leader of a trade group told IDG News Service's Grant Gross.

Morgan Reed, executive director of the Association for Competitive Technology (ACT), told Gross that that's just one question raised by the rule revision:

"How do we make the goals of COPPA function in a technological world where a parent might hand their tablet computer from the front seat of the car to the back seat of the car? How does the developer know when he has to change behavior... when that tablet goes over the divider?"

The COPPA rule requires that operators of websites or online services that are either directed to the under-13 crowd or have actual knowledge that they're collecting personal information from them give notice to parents and get their verifiable consent before collecting, using, or disclosing such personal information, and that they keep it secure.

A technology-focused lawyer, John Feldman, told IDG that the FTC will likely give companies time to work out the details of complying with the new rule:

"Those who are seeking to comply and are making bona fide efforts in that regard - and can demonstrate that through documentation of modified procedures and monitoring practices - will probably get more latitude for an extended timeline than those who are simply wringing their hands."

The FTC is trying to help developers caught in the weeds of the new COPPA, and it's also trying to help parents understand the new rule.

Some of the tools it's put out to help (links to all are posted here):

I hope the new rule lessens the amount of targeted advertising parents have to fend off.

But if history is an indication, it will be an uphill battle.

Facebook and Google, for example, have pulled some fancy footwork to get out of having to ask for parental signoff.

All they had to do was stipulate that you have to be at least 13 years old to use their services, as Graham Cluley noted back in December 2011.

Child hands keyboard. Image courtesy of ShutterstockIn spite of such terms of service, a survey taken at that time found that 55% of children under the age of 12 had Facebook accounts.

Another study by New York University found that 76 percent of the underage kids registered their social networking accounts with the help of parents.

For his part, Facebook founder Mark Zuckerberg has said in the past that he will "at some point" challenge the law restricting children from joining his social network.

I don't know if he's still singing the same tune.

But I'm sure most parents, if they don't necessarily want to keep their kids off Facebook, per se, would at least want to be in the loop if they do join that or any other social networking site.

That way, hopefully, they can better keep their children free from targeted advertising.

And, given that we're now talking about personal information coming out of mobile devices, including geolocation, parents can hopefully better control just exactly who knows where their children are at any time.

That should never have been information that was up for grabs.

Images of boy online and kids hands on keyboard courtesy of Shutterstock.

, , , ,

You might like

9 Responses to US rule broadens to protect children's online privacy, leaves developers with questions

  1. Nivi · 476 days ago

    Perhaps this seems too simplistic, but couldn't a small popup screen with very few words (or some pictures/animation) serve to inform kids that they need to comply?

    "READ THIS TO YOUR PARENT: According to COPPA, if the person currently using the device is under 13 years old, a parent needs to agree to the following. Companies want to advertise to kids, and parents should know what their kids are doing"

    Clearly the message itself needs work. But 1 or 2 lines - "Do you know what your kid is watching? Are you okay with it?"

    But I would assume that kids wouldn't suddenly find themselves on the Forbes app or something, and feigning ignorance about when a kid takes over (consider the apps suddenly being used and who they're aimed at) is, honestly, weak.

  2. Guest · 476 days ago

    One way to stay within this law is to not target any advertising at children and not collect such personal data! Then even parents won't be targeted by child-centric advertising, much to the relief of many.

  3. Guest · 476 days ago

    They should make a 'kid mode' that temporarily disables net so nothing can be tracked. Put in the disclaimer that your kid has to use kid mode or info will be gathered.

    What they will probably do is make the camera record faces 24/7 and send images to a database to make sure the kids are safe!

  4. Jack Wilborn · 476 days ago

    Sounds great, but they ignore the main problem in that companies are developing software to track persons (I mean YOU). This needs to get addressed and our legislators are ignoring the root problem,

    We have limited legislation about what companies can and can't do with information (data) and our Washington people won't even consider that a problem. Like PRISM.

    Sometimes I feel that our legislators won't look outside our boundaries and see the advancements of other countries, like Marijuana where Canada has had medical use for quite a long time. They need to move to the 21st century.

  5. Juan DaRiguera · 476 days ago

    The assumption that problems like this are somehow solvable through "legislation" is at least as big a problem as the problem itself.

    The solution is personal responsibility. If it were possible to legislate that into existence, we wouldn't have the kinds of messes we have on our hands now. It is possible for people to learn to have responsibility, but the myth that you can force it on them by state edict is pure fantasy.

    You can legislate yourself to death (and we're doing a pretty good job of that), but until the human species outgrows the persistent superstition that legislation is the universal panacea for every problem in human interaction, the mess is going to get worse, not better.

  6. Freida Gray · 476 days ago

    The entire rule seems,to me,to ignore the fact that when a child has a device to access the internet they can simply pass themselves off as their parent and avoid the parental notices all together.

  7. mike byrne · 476 days ago

    how about the providers have one button for parents to click on which will change the characteristics of the site on the device that they are about to hand over to their kids, to a preconfigured (by the parents) safe security level

    • shtiasa · 476 days ago

      Wouldn't it be trivial for kids to fiddle around and go to the "normal" version of the site,(which includes targeted ads,etc.)instead of the "children's" version of the website?I am sure as this is one of the first times that develpoers have tried such a thing,so the initial versions if the site will be bland,when compared to the parent's versions,reducing pooular adaptation of the website amongst kids.

  8. Keith · 473 days ago

    Apparently the Adobe software SendNow (for sending large files) is for some reason restricted to use by persons age 13 or over. This, so Adobe advise me, is so that Adobe can comply with the COPPA requrements. Strangely, Adobe do not place any age restriction on persons downloading or purchasing or installing the software, but in order to use it one has to enter full date of birth (name having been provided during purchase / free download). So far Adobe has not responded to my question as to the dangers to which children might be exposed if they were to use the software.
    Being wary of unnecessarily providing any personal information (such as full birth date), I am precluded from using this Adobe software... fortunately there is similar software available for which full birth date is not required. Adobe seem to have COPPA'd out in their interpretation of this new legislation.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.