Stricter COPPA Rules Now In Effect
July 2, 2013

Tougher Online Privacy Rules For Children Are Now In Effect

redOrbit Staff & Wire Reports - Your Universe Online

Strict updates to the Federal Trade Commission's 1998 Children's Online Privacy Protection Act (COPPA) went into effect on Monday, offering new privacy protections for children under the age of 13 while giving parents better control over the personal information collected from their children.

The new rules, announced last year by the FTC, expand the definition of "personal information" to include geolocation data, photos, videos and audio files. They also prohibit "behavioral advertising" directed toward children without parental notice and consent to prevent children from receiving "re-targeting" ads based on browsing history.

The tougher rules also apply to mobile apps and plug-ins. However, third-party plug-ins will only be responsible when they have "actual knowledge that they are collecting personal information from users of a child-directed site," the FTC said.

Over the weekend, Yahoo unveiled its plans to comply with the new rules, saying children under the age of 12 will no longer be able to log in to the site after June 30 unless their parents have given prior consent.

"If you're a parent or guardian of one of our users who are 12 and under, you'll receive an email asking for your consent to allow your child to continue to use Yahoo! products. Your child will also see a message when they try to log in, reminding you to give us your consent," said Megan Cristina, Senior Director Ad Policy, Trust & Safety, in a statement on Saturday.

Parents will have until August 31, 2013 to give Yahoo the necessary consent before the company considers an account inactive. Once the child's account is deleted, any data associated will also be deleted.

Yahoo isn't the only company taking steps to tighten online privacy protections. Google notified Blogger users via email on Saturday that their sites would be removed at the end of July if all advertisements and links to external sites hosting adult content are not removed. The Internet search giant did not explicitly say the changes are due to the FTCs new rules, but it is likely related to a requirement in the updated COPPA rules requiring websites to ensure that children's personal information is released only to service providers and third parties capable of maintaining the confidentiality, security and integrity of such information, and who assure that they will do so.

Although many of the updated COPPA rules seek to protect children using social media, Facebook will be mostly unaffected due to its policy of not allowing children under the age of 13 to join the social network.

Last year, Facebook objected to the FTCs new rules, saying the provision relating to plug-ins restricted teens' ability to engage in free speech protected under the First Amendment.

"Because the Commission's proposal would restrict the ability of users who are 13 years old or older to "Like," comment on, or recommend the websites or services on which those plugins are integrated, it would infringe upon their constitutionally protected right to engage in protected speech," Facebook wrote in a letter responding to the FTCs request for public comments about the proposed COPPA updates.

"The Supreme Court has recognized on numerous occasions that teens are entitled to First Amendment protection."

The new COPPA rules have received widespread praise, but critics claim they could suppress the growth of child-friendly websites and services, and could lead to some confusion because strict limits apply only when websites are "directed" at children. Others claim this could stifle some websites by forcing them to demand age verification.

The Application Developers Alliance, which represents 20,000 app developers, had asked for a delay in the rules, arguing the changes "are so significant and the penalties so severe that, absent delay, many developers and publishers will simply stop publishing, placing their entire business at risk."

Meanwhile, Daniel Castro at the Information Technology and Innovation Foundation called the updated COPPA "misguided."

"The real problem is that we'll see sites and apps that will either ignore the rule and ignore the age of the user, or if they are directed at children, they will significantly reduce the features. Or they will move to paid models," Castro told the AFP news agency.

The rules "set a default so high on privacy and so low on functionality that it is crippling the space for children. It locks the child online space into something that is not very usable," he said.

Other critics say the rules will have minimal impact because kids are often more tech-savvy than their parents and can find ways to circumvent any new controls.

"It's incredibly easy for kids" to circumvent age verification, said Stanley Holditch, an online safety expert at McAfee, to the news agency.

McAfee recently released a study showing 85 percent of US children between 10 and 12 used Facebook, 25 percent of which cleared their browser history or used private browsing to avoid detection. Ten percent admitted to configuring privacy settings to conceal content from their parents.

Holditch told the AFP it would be "difficult if not impossible for these (social media) companies to comply with these rules" without an exhaustive, all-encompassing system that relied upon biometric identifiers or a national database. Even then, companies like Facebook lack the personnel to verify the millions of underage children using the site, he said.

To stop geolocation tracking for young children, Facebook would have to turn off geolocation for everyone, he said.

"There are very real perils out there."

"Kids are giving away info without thinking about it. So it is our role as adults is to teach children the perils of the world."