Millions of children search the vast amount of information on the Internet with ease. In fact, there are currently an estimated 42 million children online, as compared to the estimated 10 million children online in 2000 (PRC, 2000). Due to this influx of children surfing the web, advertisers and marketers are increasingly using the Internet to gather personal information from children for research and marketing purposes. The personal information being sought from the children has increased the concern about kids' privacy on the Internet. Parents are concerned about many risks presented by this lack of privacy on the Internet; these risks are discussed in the original white paper on this topic, which was completed in 1999 and can be found at http://lrs.ed.uiuc.edu/wp/privacy/index.html. In addition to providing background about kids' privacy issues, this paper discusses the new issues and solutions related to children's privacy on the Internet that have developed since the 1999 edition was written.
In July 1997, the Federal Trade Commission issued guidelines that apply to the online collection of personal information from children. The FTC stated that it considers the collection and sale of information from children without due disclosure and parental consent to be an unfair practice under Section 5 of the FTC Act (PRC, 2000). This personal information is defined as such items as name, e-mail address, home address, and home phone number. The FTC also stated that the web operators of the sites soliciting children's personal information must disclose the intended uses of the information; if they disclose such information to a third party, the web operators must obtain parental consent.
The Center for Media Education also sought to protect children's identification while online. In 1997, the CME conducted a survey of 38 popular children's web sites. They found that 90% of the sites collected personal information from children; however, none of the sites tried to obtain parental consent before disclosing that information (PRC, 2000).
The FTC continued to monitor children's web sites. In June 1998, the FTC issued a Report to Congress on Privacy Online. This report stated that the FTC found that 89% of the 212 child-oriented web sites it visited collect personally identifiable information directly from children, and only half of them disclose their information collection practices. Fewer than 10% of these sites provide for some form of parental control over the collection of information from their children (PRC, 2000). The FTC recommended that legislation be passed that allowed parents to have control of the online collection of their children's personal information. The FTC's request was granted. In October 1998, congress passed the children's Online Privacy Protection Act (COPPA).
The children's Online Privacy Protection Act (COPPA), which
was passed by Congress in 1998, requires the FTC to issue and enforce rules
concerning the privacy of children while online (COPPA is not to be confused
with COPA, which is the Child Online Protection Act. COPA is an entirely
different, controversial anti-pornography law that was declared unconstitutional).
On October 20, 1999, the FTC issued that children's Online Privacy Protection
Rule. This Rule went into effect on April 21, 2000 (CDT2, 2002).
The Rule's primary goal was to put parents in control of what information
was collected from their children online. The Rule applies to web
operators of commercial web sites that are directed to children under 13
that gather information from children, web operators of general audience
sites that knowingly collection information from children under 13, and
web operators of general audience sites that have a separate children's
area where they collect personal information from children under 13 (FTC1,
2002). Essentially, it is understood that children under 13 may not
be fully capable of understanding the consequences of disclosing personal
information online. For this reason, COPPA was designed to ensure
that children could continue to interact and search for information on the
Internet without being unfairly targeted by web sites.
If a site wishes to gather information from children, the
FTC Rule requires that web operators do the following:
Please note that teachers may act in place of the parents when deciding whether or not to give consent (FTC4, 2000).
In order to determine whether a web site is directed to children, the FTC considers many factors, which include subject matter, visual or audio content, language, advertising within the site, and whether a site uses animated characters or other child-directed features (FTC3, 2002).
Web sites that offer chat options to children have two choices under the FTC Rule. The sites can either ensure that personal information if stripped from children's messages and deleted from the site's records or the sites can obtain parental permission via fax, 800 numbers, credit card verification, digital certificates, or e-mail combined with a password issued through one of the other verifiable methods (CDT1, 2002). By the completion of either of these options by the sites, children can be allowed to enter chat rooms online.
Overall, COPPA and the FTC Rule provide many guidelines to help protect children online. web sites must follow these guidelines or be faced with a hefty fine, as determined by the FTC. The FTC continues to monitor web sites to determine if they are complying with the rules. In 2001, the FTC conducted another survey of children's web sites; they found that much progress had been made since their 1998 survey. Nearly 90% of the sites in the survey that collected personal information from children had privacy policies, as compared to 24% in 1998. At the same time, however, the survey showed that many sites are note fully complying with all of the requirements of the Rule. Only about half of the sites surveyed complied with requirements such as informing parents about their right to review information collected, have it deleted, and to refuse further collection of information (FTC2, 2002).
For companies seeking to comply with the requirements issued by COPPA and the FTC Rule, a program now exists to assist the companies with meeting the numerous requirements. The TRUSTe Children's Privacy Seal Program provides a solution for these companies in addressing children's online privacy issues. The children's Privacy Seal Program is fully compliant with COPPA.
Protecting children's privacy while online has rapidly
become an increasingly important issue. Many risks exist for children
online. Congress addressed this issue with the passing of COPPA in
1998; the FTC passed their Rule in 1999 that further addressed the issue
of children's online privacy. web sites now have multiple requirements
they must meet if they wish to gather information from children under the
age of thirteen. If the sites do not comply with these regulations,
the FTC will mandate that the site pay a hefty fine. While the Rule
does not guarantee that children are completely and fully protected from
advertisers and marketers while online, the FTC is striving to create a
safe, trustworthy environment for children online by continually checking
to see if web sites are fully compliant with COPPA and the FTC Rule.
By remaining vigilant, the FTC and other child protection agencies will
continue to ensure that children are safe online. They cannot do it
alone, however; parents and educators must teach children about the appropriate
disclosure of their personal information while online.
Center for Democracy and Technology (CDT1) , 2002. "Analysis of Rules Implementing the children's Online Privacy Protection Act." Retrieved from the World Wide Web on July 17, 2002 at http://www.cdt.org/privacy/cdtanalysisofftc.shtml
Center for Democracy and Technology (CDT2), 2002. Children's Privacy. Retrieved from the World Wide Web on July 17, 2002 at http://www.cdt.org/privacy/children/
Federal Trade Commission (FTC2), 2002. "FTC Protecting Children's Privacy Online." Retrieved from World Wide Web on July 17, 2002 at http://www.ftc.gov/opa/2002/04/coppaanniv.htm
Federal Trade Commission (FTC3), 2002. "How to Comply with the Children's Online Privacy Protection Rule." Retrieved from the World Wide Web on July 17, 2002 at http://www.ftc.gov/bcp/conline/pubs/buspubs/coppa.htm
Federal Trade Commission (FTC4),
2000. How to Protect Kids' Privacy Online: a Guide for Teachers.
Retrieved from the World Wide Web on July 17, 2002 at
Privacy Rights Clearinghouse (PRC), 2000. Children in Cyberspace-A Privacy Resource Guide for Parents. Retrieved from the World Wide Web on July 17, 2002 at http://www.privacyrights.org/fs/fs21-children.htm
TRUSTe, 2001. "Children's Privacy Seal Program." Retrieved from the World Wide Web on July 18, 2002 at http://www.truste.org/programs/pub_child.html
Return to An Educator's Guide to Privacy