COPPA, a well meaning but seriously flawed law, is something we write about frequently, but rarely is it because there is good news for parents and kids. Today is a good day, as yesterday the NY Attorney General levied stiff penalties against Viacom, Hasbro, Mattel, and Jumpstart over how they use kids’ personal data, or share it with advertisers. The case appears to have been a clear violation of COPPA. (Thanks to our friends at Privo, a leading online privacy, verification and parental consent firm, for pointing this decision out.)
COPPA is the Children’s Online Privacy Protection Act – the sole piece of legislation designed to protect kids’ privacy and personal information online.
The way COPPA works is that if you own a website directed at children under 13, there are very strict rules around what you can do with the data you collect on your users. Kids’ gaming/entertainment sites including Nick Jr. and Nickelodeon (Viacom); Barbie, Hot Wheels, and American Girl (Mattel); Neopets (JumpStart); and My Little Pony, Littlest Pet Shop, and Nerf (Hasbro) all violated the rules, and agreed to pay $835,000 in fines and make serious changes to their tracking practices.
In one example cited by NY AG Scheiderman, the state had been in the process of investigation payday loan companies, and found that payday loan ads were being served to users on a website specifically for children. They then launched Operation Child Tracker, a 2-year investigation into how kids’ sites were using child browsing data inappropriately, or sharing that information with advertisers. According to Scheiderman:
“Federal law demands that children are off-limits to the prying eyes of advertisers. Operation Child Tracker revealed that some of our nation’s biggest companies failed to protect kids’ privacy and shield them from illegal online tracking. My office remains committed to protecting children online and will continue our investigation to hold accountable those who violate the law by tracking children.”
Of course, the chance of your under-13 child being victimized by a payday lender is zero, but the risk is that other inappropriate ads – alcohol, pornography, other adult products or services – are served to kids on sites that are supposed to be “safe spaces”.
COPPA as a law is far from perfect. The 13-year age limit seems arbitrary to us, and giving kids some protection from advertisers but precious little from predators seems to be ignoring the bigger risk. Still, some protection is better than none and while COPPA-related investigations are rare, they do send a message to website operators that kids privacy rights aren’t to be trifled with.
Each company named in the complaint has agreed to make changes to their procedures including “regular electronic scans to monitor for third party tracking technologies, adopting procedures for vetting third parties’ data collection practices to ensure that they comply with COPPA, and providing notice to third parties when they are operating through a website covered by COPPA.”
Nice job New York, If parents can’t trust Dora the Explorer, who can they trust?
If you are worried that your teen or tween is at risk, we can help. The ThirdParent initial audit is now FREE (previously a $49 value). Ongoing monitoring is $15 per month and you can cancel at any time. Click here to sign up today!
Contact ThirdParent any time for help and resources for monitoring child and teen internet activity.
Work at a high school or college? We have custom solutions for monitoring dangerous or inappropriate activity. Learn more.