CDT | Children's Web Sites Continue To Undermine Kids' Privacy

Children's Web Sites Continue To Undermine Kids' Privacy

Washington, D.C. Dec. 16 -- A Federal Trade Commission (FTC) survey of children's Web sites found most sites continue to collect personally identifiable information from underage computer users despite repeated warnings. Deirdre Mulligan, CDT staff counsel, who specializes in online privacy issues stated that, "The public is deeply concerned with children's privacy and safety online. The ongoing collection of personally identifiable information from children undermines children's privacy and is likely to scare parents into keeping their children off the Internet. The Internet community stands to lose out if it fails to respect individual, and especially children's privacy."

The survey found that 86% of the 126 child-oriented Web sites it surveyed during "Kids Privacy Surf Day" in mid-October collected personally identifiable information from children without their parents' consent. The FTC also found that:

less than 30% of the Web sites surveyed provided an explanation of how they use information, and
only 4% of the sites required parental authorization prior to collecting information from kids.

During the Federal Trade Commission's June workshop on Online Privacy survey results revealed that:

73% of the public think it is unacceptable for Web sites to gather personal information from children for their own use; and,
90% believe it is unacceptable to disclose information about children to others.

The online industry received a strong warning from the Federal Trade Commission (FTC) that collecting personal information from children without their parent's consent may be an unfair or deceptive practice. Responding to a petition filed by the Center for Media Education, the FTC issued a staff letter providing detailed privacy guidance to Web sites aimed at children. In its staff letter the FTC warned sites that:

misrepresenting the purpose for which personally identifiable information is being collected from children is a deceptive practice; and
selling or disclosing that information to third parties without providing parents with adequate notice and an opportunity to exercise control is likely to constitute an unfair trade practice.

Responding to legitimate concern with children's online privacy, the Children's Advertising Review Unit (CARU) of the Council of Better Business Bureaus, the industry's self-regulatory system for children's advertising, revised its guidelines last Spring specifically to address children's online privacy.

Deirdre Mulligan stated that, "Despite progress at some Web sites, the FTC's survey results indicate that many Web site operators are either unaware of, or disregarding, the public's concern with children's privacy issues. Industry guidelines are important but without effective implementation and oversight they will fall short. If this trend continues, it may signal that government action is needed to address the public's concern and protect children's privacy online."

"CDT strongly believes that technical tools, such as the Platform for Privacy Preferences (P3P) being developed by the World Wide Web Consortium, can be used to enhance individual control over personal information on the Internet, but young children are a special case. A 7 year old shouldn't be asked to give out personal information -- they can't consent, they don't understand the risks, and their parent's should be the ones making such decisions. Responsible Web sites shouldn't be collecting information from kids unless they have the ability to ensure parental involvement and consent," Mulligan said.