Members of Congress Examine Impact of Media and Marketing On Children

Posted by Libbie Canter on May 10, 2012

Earlier today, members of Congress and regulators gathered for a symposium on “The Impact of Media on the Health & Well-Being of Children.”   Participants included Congressman Edward Markey (D-MA), Congresswoman Debbie Wasserman Schultz (D-FL), Senator Richard Blumenthal (D-CT), Jon Leibowitz, Chairman, Federal Trade Commission, and Mignon Clyburn, Commissioner, Federal Communications Commission, as well as researchers and members of the public interest community.  In response to a question, Chairman Leibowitz informed the audience that the FTC expects to issue a revised Children’s Online Privacy Protection Act (“COPPA”) Rule by “the end of the year and hopefully sooner.” 

During their remarks, Congressmen Markey and Wasserman Shultz each expressed support for the Do Not Track Kids Act of 2011 (H.R. 1895), which we have blogged about here.  The bill would expand privacy protections for minors under the age of 18, including a prohibition on the use of personal information for targeted marketing to minors and a requirement that website operators provide “eraser buttons” to enable the deletion of personal information shared publicly by minors.  Senator Blumenthal also indicated that he was supportive of the legislative proposal, which he described as “common sensical,” although he stated that there likely would be substantial concern among advertisers and other stakeholders about implementation issues.

Continue Reading

FTC Refers Children's Privacy Case Back To CARU

Posted by Lindsey Tonsager on April 30, 2012

The FTC has decided not to pursue an enforcement action against Clearwater Aquarium for alleged violations of the Children's Online Privacy Protection ("COPPA") Rule. 

In February 2012, the Children's Advertising Review Unit ("CARU") referred the Clearwater Aquarium's website to the FTC for review under COPPA after the Aquarium reportedly did not respond to CARU's inquiry.  CARU claimed that the site featured a “Kidzone” where visitors could sign up for an e-newsletter by entering their first and last names, mailing and email addresses, and cellphone numbers.  CARU was concerned that the Aquarium collected personally identifiable information from children under the age of thirteen without first obtaining parental consent and that the Aquarium's privacy policy -- which stated that it did not collect information from children under 18 without parental consent -- did not accurately reflect its actual privacy practices.

After reviewing the website, the FTC concluded "that the information collection practices that had triggered CARU's inquiry had been remedied."  The FTC declined to take any further action, instead referring the matter back to CARU. 

CARU, a division of the Council of Better Business Bureaus, is a self-regulatory body that monitors websites for compliance with COPPA.  Although CARU's self-regulatory program is completely voluntary, CARU may refer cases to the FTC if companies refuse to respond to inquiry letters.  The FTC reviews CARU's case referrals to determine whether enforcement action is appropriate.  Although the FTC has initiated enforcement actions in response to CARU referrals in the past, the Clearwater Aquarium case is a reminder that the FTC may decide no further action is necessary.  

Do Not Track Kids Bill Gains Cosponsors

Posted by Lindsey Tonsager on March 12, 2012

Over the last few weeks, a number of cosponsors have been added to the Do Not Track Kids Act of 2011 (H.R. 1895), bringing the total number of cosponsors to 29.  The bill was introduced by Rep. Markey and Rep. Barton on May 13, 2011.  Earlier this month, the two members also hosted a Congressional briefing to discuss how to protect children and teens online.

As we blogged about here, the bill would expand the Children’s Online Privacy Protection Act ("COPPA").  In addition, the bill would introduce new privacy protections for minors under the age of 18, including a prohibition on the use of personal information for targeted marketing to minors and a requirement that operators of websites and online services provide "eraser buttons" that enable the deletion of personal information shared publicly by minors.

We will continue to monitor this legislation as these two senior, bipartisan members of the Committee press for a mark-up of their bill.  

FTC Approves New COPPA Safe-Harbor Program

Posted by Michael Beder on February 28, 2012

The Federal Trade Commission on Feb. 24 announced it had approved a new safe-harbor program for online services that are subject to the Children’s Online Privacy Protection Act (COPPA), a federal law that regulates the online collection of personal information from children under 13. Under COPPA and the FTC’s implementing rule, online services that comply with FTC-approved, industry-developed safe-harbor programs generally are considered by the FTC to be compliant with COPPA. Approval requires an FTC determination that the proposed safe-harbor program will provide at least as much protection as the FTC rule and will be able to encourage and monitor compliance effectively.

The newly approved safe-harbor program, run by Aristotle International, Inc., is the fifth such program approved by the FTC.  The program sets out requirements for the format and content of participants’ privacy policies, parental notices, and procedures for obtaining verifiable parental consent. Among other provisions, COPPA requires websites and other online services that are directed at children or that have actual knowledge that a user is a child to notify a parent and obtain the parent’s verifiable consent before collecting, using, or disclosing personal information from a child.

Continue Reading

FTC Report Calls For More Notice Involving Mobile Apps Directed To Kids, Warns Enforcement Could Come Over Next Six Months

Posted by Lindsey Tonsager on February 16, 2012

The FTC staff released a report today calling for participants in the mobile app ecosystem -- including app developers, app stores, and third parties who collect data through mobile apps -- to provide better privacy notices to parents about mobile apps directed to children, and warning that over the next six months, staff will be conducting additional reviews "to determine whether there are COPPA violations and whether enforcement is appropriate."

The report is based on the staff's survey of apps offered in the Android Market and the Apple App store. Staff focused on "the types of apps offered to children; the age range of the intended audience; the disclosures provided to users about the apps’ data collection and sharing practices; the availability of interactive features, such as connecting with social media; and the app store ratings and parental controls offered for these systems."

Notably, the report stated that the FTC expects the whole app ecosystem to "play an active role in providing key information to parents who download apps." Specifically, the report outlined the following:  

  • App developers should provide parents information about (1) what information an app collects, (2) how the information will be used, and (3) with whom the information will be shared, using short disclosures or icons that are easy to find and understand on the small screen of a mobile device. App developers also should alert parents if the app connects with social media, or allows targeted advertising to occur through the app.
  • Third parties that collect information through apps should disclose their privacy practices, whether through a link on the app promotion page or another easily accessible method.
  • App stores should provide a more consistent way for developers to display information regarding their app’s data collection practices and interactive features. The FTC stated, for example, that app stores could provide a designated space for developers to disclose this information and standardized icons to signal specific features, such as connections with social media services. In addition, the FTC emphasized that app stores should be enforcing developer agreements that require developers to disclose the information their apps collect.

The report expressed a preference for disclosures that are provided prior to the parent's purchase of the app, noting that "[i]nformation provided to parents after downloading an app is, in staff’s view, less useful in the parent’s decision-making since, by then, the child may already be using the app and the parent already could have been charged a fee."

In addition, the report focused on disclosures involving in-app purchases, interactive features, and targeted advertising.  The report states that the FTC is considering whether additional protections are needed with respect to in-app purchase capabilities in apps for children.  It emphasized that "confusing and hard-to-find disclosures do not give parents the control that they need in this area." Staff believe that the presence of social features within an app is highly relevant to parents selecting apps for their children, and that such functionality should be disclosed prior to download.  And the report states that "parents need clear, easy-to-read, and consistent disclosures regarding the advertising that their children may view on apps, especially when that advertising is personalized based on the child’s in-app activities.”

As we have blogged about here and here, the FTC currently is reviewing its rules implementing the Children’s Online Privacy Protection Act, which governs the online collection, use, and disclosure of personal information from children under the age of 13.  

FTC Settles Flash Cookie and COPPA Claims

Posted by Libbie Canter on November 10, 2011

Online advertiser ScanScout has entered into a consent agreement with the Federal Trade Commission in connection with claims it made that consumers could opt out of receiving targeted ads by changing their computer’s web browser settings to block cookies.  According to the FTC, these claims were deceptive with respect to the use of so-called “Flash cookies” since browser settings did not allow users to remove or block the Flash cookies used by the company.  Flash cookies generally cannot be controlled through browser privacy settings, in contrast to traditional “HTTP” cookies.

Under the terms of the proposed settlement, ScanScout must post a prominent notice on its home page stating the following:  “We collect information about your activities on certain websites to send you targeted ads. To opt out of our targeted advertisements, click here.”  The company must provide a hyperlink to an opt-out mechanism that offers users the ability – through a single click or a single change to a browser setting – to prevent the company from:

  • collecting information that can identify the user or her computer;
  • associating any previously collected data with the user; or
  • in the absence of any affirmative action by the user, redirecting the user’s browser to third parties that collect data. 

The opt out choice must remain in effect for a minimum of five years.  There also must be a clear and prominent notice within close proximity of the opt out mechanism that provides certain additional disclosures, including the current status of the user’s choice and any circumstances that, if initiated by the user, would disable the choice made by a user. 

Continue Reading

House Subcommittee Discusses COPPA Updates, Teen Privacy

Posted by Michael Beder on October 06, 2011

The House Energy and Commerce Committee’s Subcommittee on Commerce, Manufacturing and Trade held the latest in its series of hearings on Internet privacy Wednesday morning. The hearing — titled “Protecting Children’s Privacy in an Electronic World” — focused on the Federal Trade Commission’s proposed updates to the regulations implementing the Children’s Online Privacy Protection Act (COPPA), which generally bars website operators from collecting or disclosing personal information from children under 13 without first obtaining parental consent. Lawmakers and witnesses also discussed whether Congress should enact additional legislation, particularly to protect teenagers. Click the jump to see a summary of some of the key issues addressed at the hearing and in witness’ prepared statements.

Continue Reading

House Subcommittee to Examine COPPA Reform

Posted by Josephine Liu on September 20, 2011

Politico and other news sources are reporting that the House Energy and Commerce Committee’s Subcommittee on Commerce, Manufacturing and Trade plans to hold a hearing on the FTC’s proposed revisions to the Children’s Online Privacy Protection Act rule.  We previously analyzed the FTC’s proposal here

The hearing has not yet been formally announced but is scheduled for October 5, according to a spokesman for Rep. Mary Bono Mack (R-CA), chair of the Subcommittee.  The Subcommittee, continuing its ongoing series of hearings on Internet privacy, plans to look into the FTC's proposed amendments and the need for additional protections for children online.

FTC Releases Proposed COPPA Rules

Posted by Kurt Wimmer on September 15, 2011

By Lindsey Tonsager

This morning the FTC released its long anticipated proposed revisions to its rule implementing the Children’s Online Privacy Protection Act (“COPPA”).  COPPA governs (1) operators of websites and online services that are directed to children under the age of 13 and (2) operators of general audience websites or online services that have actual knowledge that a user is under 13. Below is a summary of the highlights.  Comments on the proposed revisions are due by November 28, 2011.

Continue Reading

FCC Adopts Rules Implementing the Protecting Children in the 21st Century Act

Posted by Lindsey Tonsager on August 25, 2011

The Federal Communications Commission has adopted rules implementing the Protecting Children in the 21st Century Act. Like the Act, the FCC's rules require elementary and secondary schools that have applied for discounted Internet access services through the FCC's E-rate program to certify that the school's Internet safety policy provides for the education of minors about appropriate online behavior, including interacting with other individuals on social networking websites and in chat rooms and increasing cyberbullying awareness.

This requirement builds off existing rules that schools participating in the E-rate program certify that their Internet safety policy includes a technology protection measure, such as filtering software, that protects against Internet access through the school's facilities to visual depictions that are (1) obscene, (2) child pornography, or (3) harmful to minors.  An earlier audit administered by the Universal Service Administrative Company (which administers the E-rate program) had found that a school violated this requirement by allowing access to certain social networking websites.  In its Order, the FCC clarified that social networking websites are not per se "harmful to minors," noting that a contrary conclusion would be inconsistent with the Protecting Children in the 21st Century Act's focus on educating minors about how to interact with others on social networking websites.  The FCC also quoted a recent U.S. Department of Education report, which found that social networking websites have the potential to support student learning. 

 

 

FTC Settles First COPPA Complaint Against Mobile App Developer

Posted by Lindsey Tonsager on August 15, 2011

Resolving the FTC's first complaint against a mobile app developer under the Children's Online Privacy Protection Act ("COPPA"), W3 Innovations, LLC, a developer of children's games for the iPhone and iPod touch, has agreed to pay $50,000 to settle allegations that it collected and disclosed the personal information of thousands of children under the age of 13 without first providing parents notice of their children's privacy practices or obtaining parental consent.

The FTC alleged that several of the mobile apps operated by W3 Innovations, including the Emily's Girl World app, Emily's Dress Up app, Emily's Dress Up & Shop app, and Emily's Runway High Fashion app, are directed to children under the age of 13.  In addition to collecting and maintaining children’s email addresses, the FTC claimed that the defendants also allowed children to publicly post personal information, including their full names, on message boards in violation of COPPA.

The settlement provides industry guidance on a few of the issues that the FTC raised as part of its 2010 COPPA Rule review and is a reminder that the FTC may decide to resolve some of these issues through enforcement actions rather than through the rulemaking process.  For example, the FTC's 2010 Notice of Inquiry on COPPA asked for comment on how the definition of "Internet" applies to mobile communications.  The FTC's complaint clarifies that the FTC believes COPPA is broad enough to cover mobile applications.  The complaint also clearly defined the term "online service" for the first time, stating that W3 Innovations' mobile apps are "online services" covered by the COPPA rule because they "send and receive information via the Internet." 

As we blogged about here, the FTC has told industry to expect more enforcement actions against mobile app developers under Section 5 of the FTC Act.  This settlement suggests that the FTC also plans to use its enforcement authority under COPPA to help ensure that mobile app developers fulfill their obligations to protect children's privacy.  

Two House Energy & Commerce Subcommittees Hold Hearing on Internet Privacy

Posted by Steve Satterfield on July 15, 2011

By Katie Keith

Yesterday, two Subcommittees of the House Energy and Commerce Committee (Commerce, Manufacturing and Trade and Communications and Technology) held a joint hearing entitled “Internet Privacy:  The Views of the FTC, the FCC, and NTIA” that featured testimony from FCC Chairman Julius Genachowski, FTC Commissioner Edith Ramirez, and NTIA Assistant Secretary Lawrence Strickling.  Topics discussed included the need for privacy and data security legislation, the development of baseline governing principles, and current efforts by each agency to engage stakeholders on these issues. 

Legislators from both Subcommittees recognized the economic and social value of the Internet throughout the hearing and emphasized that nearly every aspect of our daily lives now has an online component.  Despite its “incalculable value,” the Chairwoman of the Subcommittee on Commerce, Manufacturing and Trade, Rep. Mary Bono Mack (R-Cal.), characterized the Internet as a “work in progress” and expressed concerns shared by many Members of the two Subcommittees over the collection, use, sharing and protection of online data and the need to improve consumer education.  The witnesses generally shared these concerns, and although their testimony did not reflect a shift in policy at the FTC, FCC, or NTIA, the dialogue between the legislators and regulators did shed light on the current state of thinking about privacy regulation at the federal level. 

Continue Reading

Supreme Court Reaffirms Application of First Amendment to Children

Posted by Lindsey Tonsager on July 05, 2011

Last week, the Supreme Court issued its much anticipated decision in the Brown v. Entertainment Merchant's Association case.  Justice Scalia, writing for Justices Kennedy, Ginsburg, Sotomayor, and Kagan, held that a California law restricting the sale or rental of violent video games to minors, and mandating “18” labels for such games, violates the First Amendment.

The decision is not only a resounding victory for the entertainment software industry, but its views on the protection of minors under the First Amendment could have a profound impact on future legislative efforts as well.  In his dissent, Justice Thomas argued that the First Amendment does not include the right to speak to minors without obtaining the prior consent of their parents or guardians.  This approach supports many of the children's privacy laws that are on the books today.  The majority soundly rejected this approach, however, stating that laws that prevent children from hearing or saying anything without their parents' prior consent “do not enforce parental authority over children's speech and religion; they impose governmental authority, subject only to a parental veto.”  

 

FTC Seeks Comment on Aristotle's COPPA Safe Harbor Application

Posted by Lindsey Tonsager on June 27, 2011

The Children's Online Privacy Protection Act ("COPPA") provides a safe harbor for companies that comply with FTC-approved self-regulatory guidelines.  Since COPPA's enactment, the FTC has approved proposals submitted by CARU, ESRB, TRUSTe, and Privo, Inc.  

Aristotle, which operates the Integrity suite of age and identity verification services, recently filed an application with the FTC to become an FTC-approved safe harbor program.  In addition to the verifiable parental consent mechanisms that are contained in the FTC's COPPA Rule, Aristotle proposes to allow companies to obtain parental consent using the following electronic methods:

  • verifying the last four digits of the parent's Social Security Number;
  • verifying the parent's driver license number;
  • sending an e-mail with an electronically signed parental consent form plus verification of an attached copy of a government-issued ID;
  • sending an e-mail with an attached copy of a physically signed parental consent form;
  • using a secure website plus verification of an uploaded copy of a government-issued ID;
  • using a secure website plus verification of an uploaded copy of a physically signed parental consent form;
  • transmission and verification of a photocopy of a government-issued ID through Multimedia Messaging Service ("MMS");
  • transmission and verification of a photocopy of a physically signed parental consent form through MMS;
  • submission of the parent's full name, birth date, and address, verified through the use of commercially available databases;
  • submission of the parent's full name, birth date, and location, verified through the use of commercially available databases plus the mailing of a confirming postcard to the verified address; and
  • face-to-face real-time verification through Skype or other online telephony or videoconferencing technology.

The FTC is seeking comments on Aristotle's application.  Comments are due by August 8, 2011. 

Flurry of Privacy Bills Introduced in Congress; More to Come?

Posted by Josephine Liu on June 17, 2011

In light of the number of privacy and data security-related bills currently being considered by Congress, we thought it might be helpful to provide a roundup of the legislation introduced or circulated to date:

Comprehensive privacy legislation:

  • BEST PRACTICES Act, H.R. 611 (Rep. Rush): introduced Feb. 10, 2011.  Referred to the House Subcommittee on Commerce, Manufacturing, and Trade. 
  • Commercial Privacy Bill of Rights Act of 2011, S. 799 (Sens. Kerry and McCain):  introduced Apr. 12, 2011.  Referred to the Senate Committee on Commerce, Science, and Transportation.
  • Consumer Privacy Protection Act of 2011, H.R. 1528 (Reps. Stearns, Matheson, Bilbray, and Manzullo):  introduced Apr. 13, 2011.  Referred to the House Subcommittee on Commerce, Manufacturing, and Trade. 

Do Not Track:

  • Do Not Track Me Online Act, H.R. 654 (Rep. Speier):  introduced Feb. 11, 2011.  Referred to the House Subcommittee on Commerce, Manufacturing, and Trade. 
  • Do-Not-Track Online Act of 2011, S. 913 (Sen. Rockefeller): introduced May 9, 2011.  Referred to the Senate Committee on Commerce, Science, and Transportation. 

Children’s privacy:

  • Do Not Track Kids Act of 2011, H. R. 1895 (Reps. Markey and Barton):  introduced May 13, 2011.  Referred to the House Committee on Energy and Commerce. 

Data security and breach notification:

  • Data Accountability and Trust Act, H.R. 1707 (Reps. Rush, Barton, and Schakowsky):  introduced May 4, 2011.  Referred to the House Committee on Energy and Commerce. 
  • Data Accountability and Trust Act of 2011, H.R. 1841 (Reps. Stearns and Matheson): introduced May 11, 2011.  Referred to the House Committee on Energy and Commerce. 
  • Personal Data Privacy and Security Act of 2011, S. 1151 (Sens. Leahy, Schumer, Cardin, and Franken):  introduced June 7, 2011.  Referred to the Senate Committee on the Judiciary. 
  • Secure and Fortify Electronic Data Act, H.R. ___ (Rep. Bono Mack): discussion draft released June 13, 2011.  Hearing held by the House Subcommittee on Commerce, Manufacturing, and Trade.
  • Data Security and Breach Notification Act, S. 1207 (Sens. Pryor and Rockefeller): introduced June 15, 2011.  Referred to the Senate Committee on Commerce, Science, and Transportation. 

Geolocation privacy:

  • Geolocation Privacy and Surveillance Act, H.R. 2168 (Reps. Chaffetz and Goodlatte): introduced June 14, 2011.  Referred to the House Committee on the Judiciary and the House Committee on Intelligence (Permanent Select). 
  • Geolocation Privacy and Surveillance Act, S. 1212 (Sen. Wyden): introduced June 15, 2011.  Referred to the Senate Committee on the Judiciary. 
  • Location Privacy Protection Act of 2011, S. 1223 (Sens. Franken and Blumenthal): introduced June 16, 2011.  Referred to the Senate Committee on the Judiciary. 

ECPA:

  • Electronic Communications Privacy Act Amendments Act of 2011, S. 1011 (Sen. Leahy):  introduced May 17, 2011.  Referred to the Senate Committee on the Judiciary. 

Financial privacy:

  • Financial Information Privacy Act of 2011, H.R. 653 (Reps. Speier, Hastings, and Filner): introduced Feb. 11, 2011.  Referred to the House Subcommittee on Financial Institutions and Consumer Credit. 

Markey and Barton Introduce "Do Not Track Kids Act of 2011"

Posted by Dan Kahn on May 23, 2011

Representatives Edward Markey and Joe Barton recently introduced the “Do Not Track Kids Act of 2011,” which would expand and modernize the Children’s Online Privacy Protection Act (COPPA) and also would introduce new privacy protections for all minors under 18.  

COPPA currently prohibits operators of websites and online services from knowingly collecting, using, or disclosing personal information from children under 13 years of age without parental consent.  The Do Not Track Kids Act would, among other changes, expand COPPA to cover online and mobile applications and to protect unique device identifiers such as IP addresses.

Separately, the bill would establish new privacy rules to protect minors under 18.  If enacted, the bill would prohibit the use of personal information for targeted marketing to minors, require express consent from parents or teens prior to the collection of geolocation information, require operators to provide a means to delete personal information shared publicly by minors, and require covered entities to implement a “Digital Marketing Bill of Rights for Teens” that would be influenced by the Federal Trade Commission.

After the jump is a summary of the bill’s key provisions.

Continue Reading

FCC Drafting a Report on Location-Based Services

Posted by Lindsey Tonsager on May 20, 2011

The Federal Communications Commission is seeking public comment on the use of location-based services in connection with a forthcoming staff report.  Comments are due to the FCC by July 8, 2011.

The agency also is teaming up with the Federal Trade Commission to host an educational forum on June 28, 2011, to help consumers understand the privacy implications of location-based services.  Representatives from mobile phone carriers, technology companies, consumer advocacy groups, and academia will discuss how these services work; their benefits and risks; industry best practices; and what parents should know about location tracking when their children use mobile devices.  

Location-based services have been the topic of a number of recent Congressional hearings.  Part of the focus at the most recent of these hearings was on children’s privacy.  Senator Rockefeller, Chairman of the Senate Commerce Committee, has sent letters to Apple, Google, and the Association for Competitive Technology with questions to help determine whether the applications running on their mobile platforms comply which the Children's Online Privacy Protection Act (COPPA).

Senator Rockefeller Asks Mobile Companies About Children's Privacy

Posted by Lindsey Tonsager on May 19, 2011

Senator Rockefeller, Chairman of the Senate Commerce Committee, has asked Apple, Google, and the Association for Competitive Technology to respond to questions to help determine whether the applications running on their mobile platforms comply which the Children's Online Privacy Protection Act (COPPA). COPPA requires operators of certain websites and online services to obtain parental consent before collecting, using, or disclosing personal information from children under the age of 13.

It is not entirely clear whether COPPA applies to mobile applications. In connection with a review of the regulations implementing COPPA, the Federal Trade Commission asked for public comment on whether COPPA's text is broad enough to cover mobile applications. Separately, Rep. Markey introduced a bill last week that would amend COPPA to explicitly cover "mobile applications" and "online applications" -- terms which would be defined by the FTC.

FTC Settles COPPA Charges Against Virtual World Operators

Posted by Lindsey Tonsager on May 12, 2011

The Federal Trade Commission today reached a $3 million settlement with 20 operators of online virtual worlds.  The settlement is the largest civil penalty that the FTC has obtained to date for a violation of the Children's Online Privacy Protection Act (COPPA). 

The FTC alleged that the operators collected children’s ages and email addresses during registration and then enabled children to publicly post their full names, email addresses, instant messenger IDs, and location, among other information, on personal profile pages and in online community forums before obtaining parental consent.  Specifically, if a user entered age information indicating he or she was under 13, the operator displayed a message warning the user that: "You are under 13 years old and we cannot ask you for your email address.  In order to register, you must ask your Parent or Guardian to fill out this screen..."  Once a parent's email address was provided, the child was granted full access to the virtual world.  The FTC did not believe this approach constituted the verifiable parental consent required for public disclosures of children's information.  The FTC made similar claims against the social networking website Imbee.com in 2008.  

Children's privacy is receiving the heightened attention of regulators.  For example, last week Senator Markey released a discussion draft of his Do Not Track Kids Act.  The bill would expand COPPA's scope and impose new restrictions on the collection, use, and disclosure of information from children, and, in some cases, individuals under the age of 18.  In addition, the FTC is expected to announce the next steps in its COPPA Rule review in the next few months. 

Covington's Lindsey Tonsager To Speak at the Privacy & Data Protection USA Conference

Posted by Lindsey Tonsager on May 11, 2011

Lindsey Tonsager, an associate in Covington's Privacy & Data Security Group, will be speaking on recent developments in the areas of children's privacy and social networking at the upcoming Privacy & Data Protection USA conference.  The conference will be held at Loyola University in Chicago on Tuesday, May 24, 2011.  Government officials, business executives, sales and marketing directors, and legal experts will gather to discuss how data protection and compliance issues impact European and US companies today and key trends for the future.  More information about the conference, including an agenda and registration information, is available here

Comcast/NBCU Commit To Limit Interactive Advertising in Children's Programming

Posted by Lindsey Tonsager on January 13, 2011

Earlier this week, Comcast -- the largest cable operator in the U.S. -- stated in a filing to the Federal Communications Commission that it would commit to limit interactive advertising in children's programming as a condition of obtaining approval of its acquisition of NBC Universal.  Specifically, as long as they have control over the program's advertising, Comcast and NBCU will not insert interactive advertising into broadcast and cable programming that targets an audience of children 12 years old and younger.  Comcast defined "interactive advertising" to mean:

advertising for commercial products that is primarily targeted to children 12 and under and includes: interactive, overlap pop-up advertising; telescoping; long-form advertising (but does not include enabling the consumer to 'telescope' to additional linear or on demand programs); voting or polling requests that promote a product or service or gain information about consumer commercial preferences; T-Commerce that enables a consumer to purchase advertised products using a remote; and branded, interactive gaming which promotes a product.

In 2004, the FCC released a Notice of Proposed Rulemaking on interactive advertising, but the Commission hasn't taken any further action to adopt any new rules in this area.  In its Notice, the FCC tentatively concluded that it should prohibit interactivity during children's programming that connects viewers to commercial matter unless parents opt in to such services.  As noted by FCC staff during a recent ABA program on marketing to minors, however, industry and even some consumer groups have urged that requiring opt-in consent for interactive advertising in children's programming might not be the right approach.   As technology improves and interactive advertising becomes more widely used, marketers should pay attention to this ongoing proceeding.    

ABA Program on Marketing To Minors

Posted by Lindsey Tonsager on January 13, 2011

Yesterday, the American Bar Association Forum on Communications Law and the ABA Center for Continuing Legal Education sponsored the program "Marketing to Minors: Traps for the Unwary in a Rapidly Evolving Legal Landscape."  Representatives from the Federal Trade Commission, Federal Communications Commission, and Gannett provided an overview of the current rules for marketing to children, discussed the status of a number of ongoing proceedings that propose changes to these rules, and explained how industry is reacting. 

Of particular interest were the remarks of Phyllis Marcus, senior staff attorney in the FTC's Division of Advertising Practices.  Ms. Marcus explained why the agency is undertaking a review of its COPPA Rule and noted that she didn't think the agency was "too far away" from making a decision on whether or not the Rule needs updating.  (COPPA governs website operator's online collection, use, and disclosure of personal information from children under 13.)  Ms. Marcus also explained that, even though Facebook requires users to be 13 or over, marketers with Facebook pages "should be reviewing pages and unfriending people who are, or appear to be, underage."  She acknowledged that some might view this interpretation as "controversial," but encouraged marketers to adopt this approach as a best practice.  And if a marketer's Facebook page is likely to attract children, she warned that the marketer needs "to be very, very careful."