Federal regulators are about to take the biggest steps in more than a
decade to protect children online. According to Natasha Singer of The New York Tiems,
the moves come at a time when major corporations, app developers and
data miners appear to be collecting information about the online
activities of millions of young Internet users without their parents’
awareness.
Some sites and apps have also collected details like children’s
photographs or locations of mobile devices; the concern is that the
information could be used to identify or locate individual children. For
example, McDonald’s invites children who visit HappyMeal.com to upload
their photos so they can make collages or videos.
These
data-gathering practices are legal. But the development has so alarmed
officials at the Federal Trade Commission that the agency is moving to
overhaul rules that many experts say have not kept pace with the
explosive growth of the Web and innovations like mobile apps. New rules
are expected within weeks.
“Today, almost every child has a
computer in his pocket and it’s that much harder for parents to monitor
what their kids are doing online, who they are interacting with, and
what information they are sharing,” says Mary K. Engle, associate
director of the advertising practices division at the F.T.C. “The
concern is that a lot of this may be going on without anybody’s
knowledge.”
The proposed changes could greatly increase the need
for children’s sites to obtain parental permission for some practices
that are now popular — like using cookies to track users’ activities
around the Web over time. Marketers argue that the rule should not be
changed so extensively, lest it cause companies to reduce their
offerings for children.
“Do we need a broad, wholesale change of
the law?” says Mike Zaneis, the general counsel for the Interactive
Advertising Bureau, an industry association. “The answer is no. It is
working very well.”
The current federal rule, the Children’s Online Privacy Protection Act of 1998 (COPPA),
requires operators of children’s Web sites to obtain parental consent
before they collect personal information like phone numbers or physical
addresses from children under 13. But rapid advances in technology have
overtaken the rules, privacy advocates say.
Today, many
brand-name companies and analytics firms collect, collate and analyze
information about a wide range of consumer activities and traits. Some
of those techniques could put children at risk, advocates say.
Under
the F.T.C.’s proposals, some current online practices, like getting
children under 13 to submit photos of themselves, would require parental
consent.
Children who visit McDonald’s HappyMeal.com, for
instance, can “get in the picture with Ronald McDonald” by uploading
photos of themselves and combining them with images of the clown.
Children may also “star in a music video” on the site by uploading
photos or webcam images and having it graft their faces onto dancing
cartoon bodies.
But according to children’s advocates, McDonald’s
stored these images in directories that were publicly available. Anyone
with an Internet connection could check out hundreds of photos of young
children, a few of whom were pictured in pajamas in their bedrooms,
advocates said.
In a related complaint to the F.T.C. last month, a
coalition of advocacy groups accused McDonald’s and four other
corporations of violating the 1998 law by collecting e-mail addresses
without parental consent. HappyMeal.com, the complaint noted, invites
children to share their creations on the site by providing the first
names and e-mail addresses of their friends.
“When we tell
parents about this they are appalled, because basically what it’s doing
is going around the parents’ back and taking advantage of kids’
naivete,” says Jennifer Harris, the director of marketing initiatives at
the Yale Rudd Center for Food Policy and Obesity, a member of the
coalition that filed the complaint. “It’s a very unfair and deceptive
practice that we don’t think companies should be allowed to do.”
Danya Proud, a spokeswoman for McDonald’s, said in an e-mail that the company placed a “high importance” on protecting privacy, including children’s online privacy. She said that McDonald’s had blocked public access to several directories on the site.
Last
year, the F.T.C. filed a complaint against W3 Innovations, a developer
of popular iPhone and iPod Touch apps like Emily’s Dress Up, which
invited children to design outfits and e-mail their comments to a blog.
The agency said that the apps violated the children’s privacy rule by
collecting the e-mail addresses of tens of thousands of children without
their parents’ permission and encouraging those children to post
personal information publicly. The company later settled the case,
agreeing to pay a penalty of $50,000 and delete personal data it had
collected about children.
It is often difficult to know what kind
of data is being collected and shared. Industry trade groups say
marketers do not knowingly track young children for advertising
purposes. But a study last year of 54 Web sites popular with children,
including Disney.go.com and Nick.com, found that many used tracking
technologies extensively.
“I was surprised to find that pretty
much all of the same technologies used to track adults are being used on
kids’ Web sites,” said Richard M. Smith, an Internet security expert in
Boston who conducted the study at the request of the Center for Digital
Democracy, an advocacy group.
Using a software program called Ghostery, which detects and identifies tracking entities on Web sites, a New York Times
reporter recently identified seven trackers on Nick.com — including
Quantcast, an analytics company that, according to its own marketing
material, helps Web sites “segment out specific audiences you want to
sell” to advertisers.
Ghostery found 13 trackers on a Disney game
page for kids, including AudienceScience, an analytics company that,
according to that company’s site, “pioneered the concept of targeting
and audience-based marketing.”
David Bittler, a spokesman for
Nickelodeon, which runs Nick.com, says Viacom, the parent company, does
not show targeted ads on Nick.com or other company sites for children
under 13. But the sites and their analytics partners may collect data
anonymously about users for purposes like improving content. Zenia
Mucha, a spokeswoman for Disney, said the company does not show targeted
ads to children and requires its ad partners to do the same.
Another
popular children’s site, Webkinz, says openly that its advertising
partners may aim at visitors with ads based on the collection of
“anonymous data.” In its privacy policy, Webkinz describes the practice
as “online advanced targeting.”
If the F.T.C. carries out its
proposed changes, children’s Web sites would be required to obtain
parents’ permission before tracking children around the Web for
advertising purposes, even with anonymous customer codes.
Some
parents say they are trying to teach their children basic online
self-defense. “We don’t give out birth dates to get the free stuff,”
said Patricia Tay-Weiss, a mother of two young children in Venice,
Calif., who runs foreign language classes for elementary school
students. “We are teaching our kids to ask, ‘What is the company getting
from you and what are they going to do with that information?’ ”
- As seen in The New York Times
Brought to you by NetLingo: Improve Your Internet IQ
Subscribe to the NetLingo Blog via Email or RSS here!