THE MAGAZINE

Protecting Children’s Privacy Online

By John Wagley

The Federal Trade Commission (FTC) is revisiting how Web sites should handle children’s information that is collected and potentially tracked online. In the summer of 2012, the agency issued for comment its proposed revisions of the rule. The modifications would change the way the FTC enforces the Children’s Online Privacy Protection Act (COPPA), passed in 1998. Among other things, the law requires Web site operators to gain verifiable parental consent before collecting children’s information.

The modifications would mean that third parties such as data brokers, advertising networks, and companies that make smartphone applications, in addition to site operators, would all be responsible when information is gathered on children.

The new rules would also expand the definition of “personal information” to include data that can be gathered by persistent identifiers, which can be used to recognize and gather data on users over time or across different sites and services. Parental consent would be required whenever data was gathered for purposes other than internal site or program operations.

Opponents of the proposed rule argued that the changes could hinder the development of high quality sites and programs by restricting cookies and tracking.

The changes could limit sites’ ability to deliver quality content to children, says Berin Szoka, president of TechFreedom, a nonprofit. “I don’t think they realize some of the unintended consequences of what they’re proposing.” Third party plug-ins and similar technology can be “critically important to developers in any app or Web site you use.” If the FTC accepts all the modifications in their current form, he says, there’s a good chance it will face legal challenges from individual businesses and from groups like TechFreedom.

But others support the FTC’s effort to modernize the rules. From the time COPPA was first released, online tracking has grown far more sophisticated and widespread, and it’s important that the FTC bring the rules up to date, says Kathryn Montgomery, a professor of communications at American University.

Moreover, many sites and programs aimed at children do not rely on behavioral advertising to make money, or do so to a much lesser extent than many other sites, says Daniel Castro, senior analyst at the Information Technology and Innovation Foundation. Many sites are based on paid and nonpaid memberships; many are based on a single company or product, which can negate the sites’ need to sell products from outside advertisers, he says. Children’s sites tend to be “very different from the rest of the Internet,” he notes.

Some children’s sites also have policies and use technology to help children keep their privacy and stay safe online, Castro says. Examples include sites that actively monitor content posted by users, which can help ensure that children don’t provide sensitive information online.

The FTC has said that it intends to make a decision on the final rule by the end of 2013.
 

Comments

 

The Magazine — Past Issues

 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.