Texas AG sues two sites for children's privacy violations

Computerworld - Texas Attorney General Gregg Abbott has sued two Web sites that cater to children for failing to take adequate measures to protect their identities and personal information.

The lawsuits are the first in the U.S. to be brought under the Children's Online Privacy Protection Act (COPPA) of 1998 and highlight the many privacy pitfalls facing minors that the law is designed to address.

COPPA requires Web sites to implement controls for obtaining verifiable parental consent before information can be gathered from children. The law also prohibits sites from requiring children to disclose an excessive amount of personal information as a precondition for participating in online games and activities.

"Federal law provides important protections to prevent children from divulging sensitive personal information and to shield them from inappropriate sexual or violent content online," Abbott said in statement. According to him, the two Web sites his office has targeted -- TheDollPalace.com and Gamesradar.com -- are in violation of COPPA because they failed to include necessary disclosures and obtain parental consent before collecting personal information from children.

A spokesman from Future US Inc., which operates Gamesradar.com, said the company had not yet seen the lawsuit and couldn't comment on it. No contact phone information was listed on TheDollPalace.com. An e-mail requesting comment did not get an immediate reply.

Court documents filed this week in the U.S. District Court in Austin, described Doll Palace as a foreign corporation with offices in New York.

In his compliant, Abbott alleges that the Doll Palace routinely collected a large amount of data from children, many of whom were under 13, as part of the registration process. Abbott claimed that most of the information was obtained without adequate verification of parental consent and little disclosure about the kind of information that was being collected and the purposes for which it was used. He also said the company did not comply with COPPA requirements on how the collected data could be used.

That information included the children's first and last names, their e-mail addresses, dates of birth, zip codes and gender. Registered members who wanted to participate in a so-called Friends feature on the site were required to fill out a 10-page questionnaire that sought details such as the height, eye color, personal habits, access to Internet, the types of persons they were interested in meeting and even whether they would like to meet someone older than themselves.

The Friends section allows members to search for other Doll Palace members using a wide variety of attributes, including those who live within five miles of the member doing the searching. The search results themselves often contained detailed information from the 10-page questionnaire and included the e-mail addresses, contact information and IM handles of the children, he said.