FTC bolsters online children's privacy rules
The new rules require websites targeting children to get parental permission before collecting geolocation data and photos
IDG News Service - Websites, mobile apps and online advertising networks targeting children will be required to follow new privacy regulations, including getting a parent's permission before collecting geolocation information and photographs from kids, under new rules announced Wednesday by the U.S. Federal Trade Commission.
The new rules, a revision of existing regulations under the Children's Online Privacy Protection Act (COPPA), also require websites and other online services to get parental permission before collecting IP addresses and mobile devices IDs for children under age 13.
The changes to the rules, praised by privacy advocates, also require third-party companies collecting information on websites targeted at children to get a parent's permission, closing a "loophole" that allowed some plug-ins to collect children's personal information without getting permission, FTC Chairman Jon Leibowitz said during a press conference.
Changes to the FTC's COPPA rule are needed because the Internet has changed significantly, with an explosion of smartphones, mobile apps and social networking, since Congress passed COPPA in 1998, Leibowitz said.
"The Internet of 2012 is vastly different than the Internet of 14 years ago," he said. "Some companies, especially some ad networks, have an insatiable desire to collect information from kids."
The new rules, scheduled to go into effect in July, are designed to give online businesses that provide services to children clear guidelines about collecting personal data, Leibowitz said. The new rules do not prohibit advertising to children online, he said, but address the collection of personal data to deliver targeted, or behavioral, advertising.
"Our rule is simple, effective and straightforward," he said. "Until and unless you get parental consent, you may not track children to build massive profiles for behavioral advertising."
Four U.S. lawmakers attending the press conference praised the changes to the COPPA rules. The new rules will help prevent third-party companies on websites from using "technological tricks" to children's personal information, said Senator John "Jay" Rockefeller, a West Virginia Democrat.
Strengthening the rules is "so much a no-brainer," Rockefeller added. "It should be a universal issue."
The FTC, in strengthening the rules, is doing "the lord's work," said Representative Joe Barton, a Texas Republican.
The rules create a new, streamlined process at the FTC for online companies to propose new ways to get parental permission to collect information. The rules also require online companies to take reasonable steps to release children's personal information only to companies that can keep it secure and confidential.
Digital liberties group the Center for Democracy and Technology and e-commerce trade group NetChoice raised concerns that the new rules may target too many websites.
"COPAA should stay focused on websites that knowingly communicate with children -- not cast a net so wide it is impossible to comply with," Steve DelBianco, executive director of NetChoice, said by email. "I'm amazed at the ambiguity in determining whether a site is covered by COPPA. Despite two years of deliberation, the FTC still has not provided clarity the e-commerce industry needs."
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts