Kids online will now be protected by new federal guidelines
Children's personal information, such as photos, videos and geolocation information, can now no longer be collected by online services and online 'cookies' can't be used to send kids personalized ads, among other new rules.
The US Federal Trade Commission’s revisions to the COPPA Rule announced Dec. 19 are aimed at syncing up a rule mandated by a 1998 law with today’s technology and with “the way children use the Internet, mobile devices and social networking,” the FTC says in its press release.Skip to next paragraph
Subscribe Today to the Monitor
RECOMMENDED: The top 25 celebrity baby names of all time
For example, the personal information that services cannot collect from children under 13 without parental consent now includes photos, videos and geolocation information; the FTC will have a “streamlined, voluntary and transparent” process for approval of new ways children’s sites can obtain parental consent; and the COPPA Rule now rules out the use of “persistent identifiers” like cookies that would allow businesses to send kids behavioral ads based on their online activities.
In addition to “personal information,” the FTC also updated a number of other terms. For example, “operator” now means a kids’ site or service that integrates third-party services “such as plug-ins or advertising networks” that collect personal information from its visitors – not app stores like Apple’s or Google Play that just offer children’s apps. So an “operator” like Facebook or Apple’s App Store “will only be responsible if they have ‘actual knowledge’ that an … app is not complying,” the Los Angeles Times reports.
Also, “collection of personal information” no longer includes information children themselves post as a form of participation in “interactive communities” (e.g. online games) – sites and services don’t have to obtain parental consent as long as they “take reasonable measures to delete all or virtually all children’s personal information before it is made public.”
Collaborative regulatory power needed
From that last point, you can see that sites and services will be struggling for some time to understand the exact meaning of some of these revisions and how they apply to the user-driven content on their services. Both the confusion and some of the updates could either chill innovation (by increasing startup costs) or help shutter small businesses serving children.
For example, in its coverage of the revisions, the Washington Post cited the view of a developer of children’s book apps. The developer “fears heavy legal costs that she estimates could be as high as $10,000 [because] she would like to collect information about children to personalize her app so that users can create logs and reading goals.”
This indicates confusion because the FTC states that “no parental notice and consent is required when an operator collects a persistent identifier for the sole purpose of supporting … internal operations.” Collecting information for the sole purpose of enhancing a user’s experience – by allowing them to create “reading goals” in a book app – would probably be seen by the FTC as perfectly compliant, as an “internal operation.”
So as I watched the new rule’s unveiling live-streamed from Capitol Hill, I noted two things:
- The pressure on regulators to keep up with new media and technologies and…
- A lack of understanding of how the “user-driven” aspect of new media and technologies changes the regulatory equation.