Filings are due to the Federal Trade Commission (FTC) today as part of its review of the Children’s Online Privacy Protection Act (COPPA) and the COPPA rule that the FTC devised and enforces. I didn’t have time to pen as much as I wanted, but I did submit a short filing to the agency in the matter based on some of my previous work both with Berin Szoka and on my own. Here’s the executive summary for my filing:
It goes without saying that the Children’s Online Privacy Protection Act (COPPA) is complicated law and rule. When considering the rule and proposals to amend it, it is easy to get lost in the weeds and ignore the bigger picture. That would be a mistake. There are broader, more important questions that need to be asked as part of the Federal Trade Commission’s effort to expand this regulatory regime. These questions involve not only the costs of increased regulation for online business interests, but the impact of expanded regulation on market structure, competition, and innovation. More importantly, these questions cut to the core of whether the public (including children) will be served with more and better digital innovations in the future. There is no free lunch. Regulation—even well-intentioned regulation like COPPA—is not a costless exercise. There are profound trade-offs for online content and culture that must always be considered.
Whatever one thinks about the effectiveness or sensibility of the COPPA regulatory model for the Web 1.0 world, it is clear that the regime is being strained by the unforeseen realities of the Web 2.0 world of hyper-ubiquitous connectivity and user-generated content creation and sharing. The digital genie cannot be put back in the bottle. While COPPA may continue to have a marginal role to play in this rapidly evolving world, that role will likely be increasingly limited by the inherent realities of the information age.
On Wednesday afternoon, it was my great pleasure to make some introductory remarks at a Family Online Safety Institute (FOSI) event that was held at the Yahoo! campus in Sunnyvale, CA. FOSI CEO Stephen Balkam asked me to offer some thoughts on a topic I’ve spent a great deal of time thinking about in recent years: Who needs parental controls? More specifically, what role do parental control tools and methods play in the upbringing of our children? How should we define or classify parental control tools and methods? Which are most important / effective? Finally, what should the role of public policy be toward parental control technologies on both the online safety and privacy fronts?
In past years, I spent much time writing and updating a booklet on these issues called
Parental Controls & Online Child Protection: A Survey of Tools & Methods. It was an enormous undertaking, however, and I have abandoned updating it after I hit version 4.0. But that doesn’t mean I’m not still putting a lot of thought into these issues. My focus has shifted over the past year more toward the privacy-related concerns and away from the online safety issues. Of course, all these issues intersect and many people now (rightly) considered them to largely be the same debate.
Anyway, to kick off the FOSI event, I offered three provocations about parental control technologies and the state of the current debate over them. I buttressed some of my assertions with findings from a recent FOSI survey of parental attitudes about parental controls and online safety. Continue reading →
On May 26th, it was my great pleasure to participate in a panel discussion on “Growing Up with the Mobile Net,” which was co-sponsored by the Congressional Internet Caucus and Common Sense Media. It was a conversation about kids’ privacy, online safety, teen free speech rights, anonymity, and the possibility of expanding the Children’s Online Privacy Protection Act (COPPA) and implementing the so-called “Internet Eraser Button.”
I was joined on the panel by Jules Polonetsky, Co-chair and Director of the Future of Privacy Forum, and Alan Simpson, Vice President of Policy at Common Sense Media. And the session was very ably moderated, as always, by the supremely objective Tim Lordan.* We really unpacked the “Eraser Button” and “right to be forgotten” notion and thought through the ramifications. And the discussion about the extent of First Amendment rights for teenagers was also interesting.
The video for this 48-minute session can be found on the Congressional Internet Caucus YouTube page here and is embedded below.
Note: During the session, Tim Lordan claimed that he takes no position and that if anyone says he take positions on issues that he will slap a super-injunction on them. Well, I say Tim Lordan is brimming with positions and he’s letting them fly at every juncture. In fact, I’ve never met someone so full of controversial positions in my life as Tim Lordan! OK, so sue me Tim!
Reps. Edward Markey (D-Mass.) and Joe Barton (R-Texas) have released a discussion draft of their forthcoming “Do Not Track Kids Act of 2011.” I’ve only had a chance to give it a quick read, but the bill, which is intended to help safeguard kids’ privacy online, has two major regulatory provisions of interest:
(1) New regulations aimed at limiting data collection about children and teens, including (a)
expansion of the Children’s Online Privacy Protection Act (COPPA) of 1998, which would build upon COPPA’s “verifiable parental consent” model; and (b) a new “Digital Marketing Bill of Rights for Teens;” and (c) limits on collection of geolocation information about both children and teens.
(2)
An Internet “Eraser Button” for Kids to help kids wipe out embarrassing facts they have place online but later come to regret. Specifically, the bill would require online operators “to the extent technologically feasible, to implement mechanisms that permit users of the website, service, or application of the operator to erase or otherwise eliminate content that is publicly available through the website, service, or application and contains or displays personal information of children or minors.” This is loosely modeled on a similar idea currently beingconsideredin the European Union, a so-called “right to be forgotten” online.
Both of these proposals were originally floated by the child safety group Common Sense Media (CSM) in a report released last December. It’s understandable why some policymakers and child safety advocates like CSM would favor such steps. They fear that there is simply too much information about kids online today or that kids are voluntarily placing far too much personal information online that could come back to haunt them in the future. These are valid concerns, but there are both practical and principled reasons to be worried about the regulatory approach embodied in the Markey-Barton “Do Not Track Kids Act”: Continue reading →
Lost in the smoke surrounding that privacy blitzkrieg is an important distinction between these two proposals: There is a very big difference between re-engineering browsers and websites to comply with a “Do Not Track” mandate and a new regulatory scheme aimed at identifying the ages or identities of individuals using certain online sites or services. Namely, the latter likely necessitates some sort of mandatory age verification or online authentication regime for the Internet.
Let’s take a step back for some context. Markey helped author the Children’s Online Privacy Protection Act (COPPA) of 1998, which dealt with the collection of information for kids under 13 online. But COPPA wasn’t a strict age verification or online authentication regime for the Internet. Instead, COPPA mandated a “verifiable parental consent” regime which the Federal Trade Commission (FTC) later enforced using a so-called “sliding scale” approach. Essentially, sites that are “directed at” kids under 13 are supposed to get parental consent using a variety of mechanisms (credit cards, sign and fax forms, phone calls, etc) before any collection of information takes place. Of course, there are some devilish details here regarding what counts as “directed at” or “collection,” but the crucial point here is that COPPA does
not require the formal authentication of web surfer identities or ages — whether they kids or parents.
So, the really tricky question here is how one goes about expanding the COPPA regulatory regime without stumbling into the legal thicket that tied up the Child Online Protection Act (COPA) of 1998, a law which did mandate such an authentication regime and, as a result, witnessed a grueling decade-long legal battle over its constitutionality. Ultimately, the courts rejected COPA as inconsistent with America’s tradition of anonymous speech, something central to our evolution as a democracy, pre-dating even the First Amendment that protects it from government interference. Thus, we have, at least for now, closed the book on COPA. But are we about to re-open it with COPPA expansion a la the forthcoming Markey bill? Continue reading →
One of the old saws we hear from those who wish to impose more stringent regulations on advertising or product placement is that “it’s for the children.” That is, critics such at the Campaign for a Commercial-Free Childhood and other organzations fear that, because children’s brains are less developed or they have not yet learned to differentiate commercial appeals from other types of information flows, kids may be more susceptible to persuasive commercial messaging. I think there’s some truth to that, but I also believe that (a) kids aren’t quite the sheep we make them out to be, (b) the potential “harm” here is not as great as the critics make it out to be and (c) parental supervision should be the primary the solution to the problem.
But let’s ask a different question entirely: Are we willing to forgo additional, and potentially more diverse, forms of children’s programming simply because we want to keep commercial messaging or product placement away from kids? Consider the case study of The Hub, recently featured in
The New York Times:
With imports of European cartoons, a smattering of Hasbro ads and a rerun of the movie “Garfield,” Hasbro and Discovery Communications unveiled a new television brand for children on Sunday, called The Hub. Over time, the two companies hope to prove that there is room for a fourth player alongside Nickelodeon, the Disney Channel and the Cartoon Network, the three heavyweights of children’s TV, said David M. Zaslav, the chief executive of Discovery Communications. […]
After all that complaining (and bashing their Soviet Realist-style statue, “Man Controlling Trade”), you might think we had it in for the agency. But as I’ve said repeatedly, we’re actually big fans of the FTC’s core consumer protection mission: holding companies to their promises. (Indeed, we want to make sure they stay focused on that mission, and have the staff, resources and technological tools to pursue it effectively—which might mean, as I’ve pointed out, increased funding rather than increased powers.) We’ve also repeatedly praised the FTC’s efforts to educate kids, parents, and Internet users in general about things like online privacy, advertising, spyware, user empowerment tools, online scams, etc.
But I don’t want to be accused of being only a fair-weather friend of the agency. So I wanted to point out a particularly good concrete example of the FTC doing what we talk about in the abstract: holding companies to their promises. Grant Gross notes that the FTC sent a stern letter earlier this month to the company that is seeking to buy the subscriber info and photos and other assets of the now-defunct XY Magazine, which served primarily gay U.S. teens, warning them that the FTC would hold them to the terms of the privacy policy under which XY collected information from its subscribers.
This is a great example of how the FTC can effectively use its existing authority to protect consumers against clear harms involved in the disclosure of truly sensitive data, sometimes even prophylactically—in this case, outing around 100,000 gay youths and young adults—collected by companies that make unambiguous promises to protect users’ data. This incident also illustrates how privacy law can evolve in an organic fashion from a growing body of such well-justified preemptive warnings, enforcement actions brought against truly bad actors, and ultimately court decisions that decide whether the FTC has properly weighed the interests at stake. In other words, just because we don’t have a privacy code enforced by a Data Protection Authority as in Europe doesn’t mean our legal system doesn’t protect privacy!
I spend a lot of time here trying to debunk media “moral panics,” “techno-panics,” or unfounded hysteria over the impact of commercialism in general on kids. To believe what some politicians and regulatory agitators have to say, today’s youth always seem at the precipice of the moral abyss. Our misguided youth are seemingly all going straight to hell and they dragging our culture and society down with them.
Except they’re not. It’s all the same old tripe we’ve heard one generation after another. As the late University of North Carolina journalism professor Margaret A. Blanchard once noted: “[P]arents and grandparents who lead the efforts to cleanse today’s society seem to forget that they survived alleged attacks on their morals by different media when they were children. Each generation’s adults either lose faith in the ability of their young people to do the same or they become convinced that the dangers facing the new generation are much more substantial than the ones they faced as children.” And Thomas Hine, author of
The Rise and Fall of the American Teenager, argues that: “We seem to have moved, without skipping a beat, from blaming our parents for the ills of society to blaming our children. We want them to embody virtues we only rarely practice. We want them to eschew habits we’ve never managed to break.”
Anyway, I was reminded of this again today as I was finally reading through a report published last year by the U.K.’s Department for Children, Schools and Families and the Department for Culture, Media and Sport. It’s entitled “The Impact of the Commercial World on Children’s Wellbeing” and it is very much worth your attention. Several people had recommended I check it out in recent months, but I’m ashamed to say I am only now getting around to it as I prepare an amicus brief for the Supreme Court’s review of a California video game law. But this U.K. report is not to be missed. Here are a few of the choice bits from the study: Continue reading →
Connect Safely, which is great parenting and online child safety resource run by my friends Anne Collier and Larry Magid, has just released some excellent “Virtual World Safety Tips for Parents of Teens.” Tons of good advice in there worth checking out, especially the thing I always focus on in all my online safety work—talk to your kids!! Here’s Anne and Larry on that point:
Talk with your teens about the virtual worlds they use – ask them to show you around. See what their avatars look like and what screen names they’ve chosen to represent themselves. What do their profiles and the appearance of their avatars say about them? Try to hold back snap judgments (long-term guidance usually works better than control if the goal is learning rather than short-term compliance – see this). Are their virtual-world profiles linked to social-network ones, and how much do those linked-up profiles together reveal about them – too much? Are their in-world friends mostly friends they know in real life? If not, do they know that they can’t really know who people are online unless they know them offline?
It’s about getting a dialogue going with your kids. That is so absolutely essential and it would help head off about 90% of the problems that develop online today with kids. Kids need mentoring, whether its in meatspace or cyberspace. But make sure to read all the Connect Safely tips. They are excellent.
the overall market for family and children’s programming options continues to expand quite rapidly. Thirty years ago, families had a limited number of children’s television programming options at their disposal on broadcast TV. Today, by contrast, there exists a broad and growing diversity of children’s television options from which families can choose.
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology. Learn more about TLF →
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.