Internet groups decry cost of new online privacy rules for children
WASHINGTON — Internet groups complained Monday that new Federal Trade Commission regulations to protect children’s privacy online are financially burdensome to start-up companies.
Under regulations that went into effect July 1, websites catering to children will no longer be able to collect a range of identifying information without obtaining verifiable parental consent.
The child protection regulations will now hold the owners of sites and apps frequented by children responsible for third-party services — such as plug-ins or ads — that collect personal information from visitors who say they’re younger than 13. The third-party services will be held liable only if the FTC can prove they knowingly collected personal information from children.
Kid-friendly websites that want to use such ads to provide free content to kids, or that want to collect personal information for interactive content, now have to either get parental consent or forgo the content altogether, as some tech experts worry they’ll do.
“The biggest challenge here is that the commission defines personal information in a way that is so incredibly broad,” said Lydia Parnes, the former director of the FTC’s Bureau of Consumer Protection and now a privacy lawyer, at a gathering of data experts and representatives of Internet companies in Washington.
The FTC estimates annual compliance costs for current Web services at $6,223 and new services at $18,670. About 85% to 90% of the Web services are run by small businesses. TechFreedom President Berin Szoka said those costs do not take into account the potential shift in online advertisers, or the effect of regulations on start-ups.
“The reality is, most of the sites and services, like Facebook or Twitter, don’t have an option available for kids,” said Szoka, whose organization sponsored the discussion. “What is it about the [children’s] regulatory system that makes apps and sites from the largest to the smallest decide it’s not worth doing?”
FTC attorney Kandi Parsons and Associate Director Maneesha Mithal said the new regulations are meant to provide a much-needed update to the Children’s Online Privacy Protection Act of 1998. “Parents should be in the driver’s seat,” said Mithal, who works with Parsons in the FTC’s division of privacy and identity protection. “I should know what information is being collected on children, what it’s being used for and how it’s being collected.”
Regulators and advocates parsed out how regulations would effect online advertising and kid-friendly websites during a panel discussion hosted by nonpartisan technology think tank TechFreedom.
As concern over deceptive online advertising targeted at kids grew in the 1990s, Congress passed the protection act to enhance parental involvement and protect the privacy and security of personally identifiable information of children collected online.
The new regulations could affect a website such as PinewoodDerby.org, run by a Boy Scouts troop, suggested Steve DelBianco, executive director of Internet advocacy organization NetChoice.
When new regulations took effect July 1, the Boy Scouts hired a lawyer to add a log-in and sign-up section to the site. Visitors are then prompted to input a guardian’s personal contact information, including birth date, phone number and council affiliate.
