The Children’s Online Privacy Protection Act (COPPA) is in our opinion an exceedingly misunderstood and misapplied piece of legislation. In effect since 2000 and updated in 2013, it is intended to protect the privacy of internet users who are under the age of 13, a goal which we’re sure every parent thinks reasonable.
It is also the genesis of the age rule that most social networks and gaming platforms use – that users must be at least 13 years of age. The reason that social networks have an age limit at all is that if a website operator has “actual knowledge” that a user is under the age of 13, it must take costly steps to safeguard that user’s privacy from advertisers and others. If they don’t, they could face fines and lawsuits.
There is some great work this week from Roy Smith, CEO of AgeCheq, who wrote an article at Gamasutra explaining the risks that online gaming companies face in their unwillingness or inability to comply with COPPA. The actual knowledge point is a sticky one for companies whose products appeal to kids, and many gaming companies appear to be ignoring it. According to Smith:
“I’ve repeatedly encountered companies that will not do anything that would admit that children are playing their games… [they] have adopted our industry’s version of “don’t ask, don’t tell” by completely ignoring COPPA and betting on “plausible deniability”. I find it hard to believe that the FTC will buy the defense “We had no idea any children were playing” for games with hundreds of millions of monthly average users that are based on puppies, balloons or pieces of candy.”
We took a look at the IPO filing for King Digital Entertainment, the maker of Candy Crush, to see what they actually disclosed before their public offering, which happened in March.
“The U.S. Children’s Online Privacy Protection Act (COPPA) also regulates the collection, use and disclosure of personal information from children under 13 years of age. While none of our games are directed at children under 13 years of age, if COPPA were to apply to us, failure to comply with COPPA may increase our costs, subject us to expensive and distracting government investigations and could result in substantial fines.”
The claim that none of their games are directed at children under 13 is ridiculous, and speaks to the amount of respect online operators give to COPPA specifically, and the privacy of young users in general. Either that, or they are resigned to the fact that they will have to pay what could be hefty fines at some point.
We at ThirdParent would like to see better protections for all young users, not just those under 13, and more power in the hands of parents to ensure that those protections are being applied. In addition, we’d like to see the protection extended to cover predators and cyberbullies, who routinely use social media and gaming platforms as a means to seek out victims.
If you have an opinion, please let us know.
Contact ThirdParent any time for help and resources for monitoring child and teen internet activity.