RealTime IT News

FTC Looks To Extend Email Notification Enforcement

The debate over online child information privacy and surfing habits is likely to generate a little heat over the next few weeks as the Federal Trade Commission decides whether to extend parental notice requirements for Web site operators.

It's an issue that has both sides up in arms: Web-operated businesses catering to children under 13 say there is no privacy problem, while research conducted by child advocacy groups show compliance is spotty at best, even with FTC enforcement.

Until Nov. 30, the FTC will seek comment from parents and businesses about whether the extension of email notification by Web site operators to parents, originally scheduled to go away April 21, 2002, should continue to be enforced to 2004 or beyond.

Several years ago, there was growing concern from advocacy groups and parents alike that personal information, important to marketers for demographic targeting, was readily available from children under 13.

In many cases, marketing campaigns were launched that give away free gifts to children who filled out a small questionnaire. Questions ranged from items they spent their allowance on to what their parents talked about at the dinner table.

Congress enacted the Children's Online Privacy Protection Act (COPPA), which gave the FTC a tool to force Web site operators to abide by a "sliding rule" for collecting information from children under 13 (like spending habits and what sites they visited frequently).

For example, a child's personal information used for internal use required only an email reply from the parent. But if the information was going to be sold to an interested third party, parental approval had to meet much more strict guidelines before a child's private information could be garnered, such as electronic certificates or similar technologies.

Child-centric sites are also required to prominently post their information collection practices on the Web site, a practice approximately half failed to do, according to the FTC. The penalty for each COPPA violation runs $11,000.

The FTC expected to end the enforcement period by April, 2002, anticipating readily-available and inexpensive technology which would provide a secure and verifiable notice of parent consent. But the technology has been slow to develop, forcing the regulatory body to reassess their thinking and extend the deadline, maybe indefinitely.

Web operators don't know what all the fuss is about, according several reports. Many say they already follow exacting demands for ensuring a person's private information through membership with trusted online certificate companies like BBB Online, TRUSTe and CPA Webtrust.

In fact, many businesses see FTC enforcement as a veiled means of keeping an eye on the business practices employed by U.S. companies, a virtual "Big Brother."

But according to a recent report by the Annenberg Public Policy Center at the University of Pennsylvania, almost half of the 107 children's sites it visited skirted FTC regulations by not prominently displaying their privacy or information collection policies.

The report gives online children's sites a mixed report card: while most of the sites (96 percent) featured information on the types of information they collected, far fewer explained to parents in language they could understand the rights they had to limit the collection of that information.

Joseph Turow, the author of the study, said the results show a seeming lack of concern by many businesses to follow FTC guidelines.

"The complexity of the statements raises the question of whether companies expect or even want parents to read their policies," Turow said. "If most sites were serious about helping parents make informed decisions about their rights, they would create notices that are easier to read and understand, and they would highlight the information mandated by the FTC."

Some companies are looking to outside agencies to dictate their policy regarding children, as in the case of Internet service provider (ISP) EarthLink, Inc., the third-largest in the nation.

The premium service, available to all its subscribers, comes from SurfMonkey, a company that allows children to surf the Internet via a special Web browser similar to Internet Explorer and Netscape. The browser is configurable to allow parent's to control what sites the child visits and what information can be collected.

Cynthia Money, SurfMonkey senior vice president of business development, said company is very supportive of COPPA requirements and takes every action to remain in compliance.

"Of the 15,000 Web sites that are pre-approved by our editors, all are COPPA compliant," she said. "If the FTC calls us and says that one of the sites is non-compliant, even if we get a complaint from a parent, we take that site off of our list."