Protecting kids identities online is a challenge
15 February, 2016
category: Digital ID, Government
Improvements in kid space
Children’s protection initiatives
Child Online Privacy Protection Act of 1998 (COPPA)
COPPA seeks to empower parents by requiring commercial Web site operators to obtain parental consent before collecting data from children under 13. The Federal Trade Commission is responsible for implementing and enforcing COPPA rules.
Harvard Berkman Center for the Internet & Society, Internet Safety Technical Task Force (ISTTF) – February 2008
A group of Internet businesses, nonprofits, academics and technology companies banded together to identify tools and technologies to create a safer online environment for children. The task force was created in accordance with the Joint Statement on Key Principles of Social Networking Safety announced by the Attorney General Multi-State Working Group on Social Networking and MySpace in January 2008. The group has looked at identity theft and age-verification of children online.
President Obama announcement on protecting personal data – January 2015
President Obama announced his support for the Student Digital Privacy Act to restrict student data collected in the classroom to educational use only. Several states introduced legislation to address the issue prompted by parent groups.
Global Privacy Enforcement Network – May 2015
The Federal Trade Commission and 27 members of the Global Privacy Enforcement Network (GPEN), a group of privacy enforcement agencies around the world, are marshaling resources to protect the privacy of children online. Privacy experts from the FTC’s Office of Technology Research and Investigation will conduct an analysis of the privacy disclosures, interactive features and information collection practices of children’s mobile apps. The staff expects to release a summary of its findings later this year.
Some companies have been making headway with children’s identity protection efforts. Aftab says companies in the kid space have been giving the protection issue a lot of thought because they can’t afford to have parents hate them or have someone publicly expose them for a misstep.
She points to Google’s creation of the YouTube Kids app, which provides children access to child-appropriate content without collecting or tracking any information about their identities. The app works only on tablets, and parents can set controls to limit their child’s screen time.
The kids site Webkinz has also taken steps to avoid collecting children’s personally identifiable information, Aftab explains. They keep an email address that they can use to reach out to the user in case of a forgotten password, but they don’t share it with anyone else or use it for other purposes.
Aftab believes companies in the general audience space have a lot of work to do because they’re the ones collecting personal information from children and hiding behind that general audience banner. “A lot of them just close their eyes and say, we’re allowed to consider everyone an adult. And in doing so, I think they’re putting kids IDs at risk,” she adds.
Companies in the mobile space also need to prepare for improvement in this area. Today, the laws don’t clearly regulate their actions involving children, but this will change, suggests Aftab. “In all cases, the people who buy cell phones are over the age of 12, so they don’t have a COPPA issue,” she says. But we all know, whether they are using their own device or a parent’s device, kids are avid users of the technology and services.
Aftab tells companies that if they want to stay in business, they must decide what information they need, collect it, secure it and be transparent about how they’re using it. “In the end, it’s all about setting reasonable expectations, being open about it, doing your job and keeping things locked up if you’ve got it,” she says.