Publishings Digital Youth

CDD Executive Director, Jeff Chester speaks on Congress’ dismantling of the FCC Privacy Rule with CNN’s Jake Tapper on March 29th, 2017.Full interview available at http://www.edition.cnn.com/videos/tv/2017/03/29/internet-privacy-rules-c... (link is external).

The Center for Digital Democracy (CDD), Campaign for a Commercial-Free Childhood (CCFC) and Public Citizen filed a complaint at the Federal Trade Commission (FTC) today asking for an investigation and enforcement action against Google (a subsidiary of Alphabet, Inc.), Disney’s Maker Studios, DreamWorks-owned AwesomenessTV, and two other companies for the unfair and deceptive practice of targeting “influencer” marketing toward children. The complaint documents how several marketing companies—Collab Creators, Wild Brain, Maker Studios, and AwesomenessTV—produce and distribute ads and other commercial material targeting children that masquerade as content. It also details how Google encourages and benefits from the production of child-directed influencer videos and distributes these ads to children on its YouTube and YouTube Kids platforms. These “influencer” ads take unfair advantage of kids, who do not have the ability to recognize that companies use social media and YouTube celebrities to pitch toys, junk food, and other products. The groups also called on the FTC to release policy guidance that makes clear that using influencers to persuade children to buy a product or urge their parents to buy a product is unfair and deceptive. “Child-directed influencer marketing is misleading to children because their developing brains do not process or understand advertisements the way adults do—especially advertisements disguised as content,” said Laura Moy, Director at the Institute for Public Representation (IPR) at Georgetown University Law Center, which represents the groups. Existing FTC regulations require that advertisements be disclosed as such—which many influencer ads fail to do—but the complaint also makes clear that better disclosure alone is not a sufficient remedy because it “would not negate the inherent deceptiveness of child-directed influencer marketing.” As a result of the FTC’s inaction, marketing companies—backed by Google and others—are increasing investments in their influencer marketing practices with harmful results. “In many cases these advertisements cause children to want unhealthy and costly products,” Moy pointed out. “As this marketing practice expands even while evidence mounts that it is harmful to children, it becomes increasingly urgent for the FTC to make clear that the practice is unfair and deceptive under the law.” According to the complaint, the FTC can reverse the trend of harmful influencer marketing directed toward children by issuing policy guidance that makes clear that existing laws serve as a safeguard to protect children from these advertisements. The complaint analyzes the influencer marketing apparatus, and the role that Google and so-called Multi-Channel Networks (MCNs) such as Disney’s Maker Studios play in orchestrating the growing use of this tactic. It highlights how these companies use “influencers” who are young or popular with kids to sell junk food, toys, and more. The complaint identifies highly-popular YouTube channels like EvanTubeHD, Baby Ariel, Meghan McCarthy, the Eh Bee Family, and Bratayley, each with millions of subscribers, and how they present videos of child stars unboxing toys, playing games, and enthusiastically sampling junk food. The complaint provides several examples of such videos, including one where Baby Ariel and her family sample Jelly Belly brand jelly beans as part of a game called “BeanBoozled.” In another video, on EvanTubeHD, the child influencer is seen unboxing a Lego Police Patrol Boat. Neither video indicates that it is an advertisement, and both videos can be found intermingled with non-sponsored content on YouTube Kids. Google facilitates, promotes, and solicits these videos because they are popular with children, which increases the company’s ad revenues. “It’s time for the FTC put a stop to child-directed influencer marketing,” explained CDD’s Executive Director Jeff Chester. “Companies like Google are knowingly taking advantage of children and their parents by unleashing a torrent of stealth digital ads disguised as programming supposedly suitable for kids. As the country’s leading consumer protection agency, the FTC has a mandate to protect the public—including our children—from practices we know are both unfair and deceptive.” “Parents have no idea that the adorable ‘friends’ their children like to watch unbox toys are really stealth marketers,” said CCFC’s Executive Director Josh Golin. “It’s time for the FTC to take swift and decisive action and protect children from a practice that has long been prohibited on children’s television.” “Corporate predators are using young Internet influencers, admired by kids, to hawk their wares to children, even to young children,” explained President of Public Citizen, Rob Weissman. “The marketers and the advertising platforms enabling and promoting this activity should be ashamed. But since they’re not, we need the FTC to act to end their outrageous practice.” CCFC and CDD have also previously filed complaints with the FTC concerning child-directed marketing practices on YouTube Kids and YouTube. Todays’ complaint can be found at: http://www.commercialfreechildhood.org/sites/default/files/FTCInfluencerComplaint.pdf (link is external)

Announcing REX: the world’s first kid-safe programmatic exchange Today (link is external)marks a major milestone in the kids digital media industry. We’re extremely pleased to announce the launch of REX, the world’s first kid-safe, COPPA-compliant programmatic exchange. COPPA and GDPR forbid profile or cookie-based targeting which has, until now, removed all programmatic options (and hence automation) from the kids industry. Part of AwesomeAds (our kid-safe ad server) REX guarantees that all automated ad requests are 100% kid-safe and COPPA/GDPR compliant. For the first time ever, REX makes it possible for advertisers across the world to programmatically reach the kids audience in a fully compliant, 100% kid-safe way. The kids space hasn’t had this capability (in any compliant sense) until now. REX genuinely shifts the entire industry forward. How does it work? At this point, our engineering team (about a third of the company) is probably the most experienced technical team in the global digital kids’ sector. This was a pretty helpful starting point. REX acts as a comprehensive kid-safety filter; it removes all non-compliant elements from each ad tag to ensure nothing can track users, before placing every creative through our ad content review process. Only then is it served through our COPPA-certified AwesomeAds platform, earning our SAFE AD watermark. Explained by our Chief Product Officer, Joshua Wohle: “REX inserts itself between the publisher and the exchange, taking the role of a firewall. It inspects the requests going out, stripping it from any PII before sending it through to the exchange. The exchange then considers the request and buyers can start bidding on the inventory. Once the winning bid is returned to the publisher, REX again intercepts it and removes any trackers that could be collecting PII before sending it on to the publisher. All of this happens in real-time, allowing for a full programmatic flow whilst ensuring compliance to all parties involved.” In order to bring this unique offering to the kids industry, we’re working alongside Rubicon, one of the biggest programmatic exchanges in the world. They provide real-time bidding and integration with all buyer systems across the globe. Combining our infrastructure in kid-safe technology and our exclusive kids inventory with their real-time bidding architecture, we are able to open up programmatic to the world’s biggest trading desks and DSPs across the kids market.

The Center for Digital Democracy (CDD), through its counsel, requests the following documents under the Freedom of Information Act (FOIA), 5 U.S.C. § 552, related to enforcement of the Children’s Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq.: All annual reports submitted to the Federal Trade Commission (FTC) by COPPA safe harbor programs for the reporting period of July 1, 2014 through June 30, 2015 as required by the COPPA Rule, 16 C.F.R. § 312.11(d)(1), including, for illustrative purposes, reports from the following safe harbor programs: Aristotle International Inc. Children’s Advertising Review Unit (CARU) Entertainment Software Rating Board (ESRB) iKeepSafe kidSafe Seal Program (kidSAFE) Privacy Vaults Online (PRIVO) True Ultimate Standards Everywhere (TRUSTe) CDD asks that if any of the requested records are stored electronically that the FTC provide the requested records to CDD in their native electronic format as required under FOIA. 5 U.S.C. § 552(f)(2). Request for Fee Waiver or News Media Fee Benefit CDD asks the FTC to waive all fees associated with this request because disclosure of the records is in the public interest or, alternatively, to limit any fees charged to CDD to reasonable duplication fees because it is a noncommercial request by a member of the news media. 5 U.S.C. §§ 552(a)(4)(A)(ii)(II), 552(a)(4)(A)(iii). CDD is entitled to a waiver of all fees associated with this request under FOIA’s public interest standard and relevant FTC regulations. 16 C.F.R. § 4.8(e). The regulations permit the FTC to waive all fees associated with a particular request when a requester demonstrates that (1) “disclosure will likely contribute significantly to public understanding of the operations or activities of the government” and (2) “that the request not be primarily in the commercial interest of the requester.” 16 C.F.R. §§ 4.8(e)(2)(i)-(ii). CDD’s request qualifies under both prongs of the FTC’s public interest fee waiver standard. First, disclosure of the annual reports provided to the FTC by COPPA safe harbor providers and any related correspondence will contribute significantly to the public’s understanding of the FTC’s oversight of private entities tasked with enforcing federal law. COPPA was designed to protect children’s privacy online, an issue of significant public importance that concerns parents, consumers, lawmakers, and the general public. The instant request concerns data on how actively private safe harbor providers are policing COPPA compliance by their members. Relatedly, the records will also disclose whether and how the FTC performs its oversight role with respect to the safe harbor programs.1 From the reports, the public can scrutinize both the safe harbors’ performance and the FTC’s actions in administering the safe harbor program under COPPA. Because CDD intends to publish the requested documents, the public at large will benefit from better understanding whether and how the FTC is protecting children’s privacy online. Full complaint attached.

Facebook has given us a bit more of an insight into some of the more experimental new products and apps its product team has been working on. Speaking at the Cannes Lions International Festival of Creativity, Facebook's chief product officer Chris Cox, showed off what could one day work as a more expressive version of the Like button. Instead of simply pressing Like, Cox said users could use their smartphones to take a selfie. But rather than just send that, the function could read the user's Facebook expression and transform it into an appropriate smiley/sad/frowning/indifferent face. Cox made it clear: "This is not on our roadmap, we don't know how to build this. It actually seems really hard, but it's the kind of thing unlocked by the power of all the different sensors on the phone." Read more at http://read.bi/1Ni1xJ5 (link is external)

Delving deeper into ecommerce, Twitter is testing some new ways to help users discover products within its network. First up are dedicated pages, which will feature images and videos about products, alongside information such as a description, price and an option to buy, book, or visit a brand’s Web site for more information. Within users’ timelines, they can now expect to see pages and collections of pages that are shared by influencers and brands. In addition, Twitter is also beginning to test new ways for people and brands to create and share Twitter collections of products and places. Users can now browse collections from various influencers, and get more information about featured products and places. Already, there’s Nike’s LeBron Elite collection; Reese Witherspoon’s Draper James Summer Picks; The Ellen Show’s Best of The Ellen Shop and HBO's #GoT Fan Favorites. “This is just the beginning,” Amaryllis Fox, a product manager at Twitter, promises on a new blog post. “In the coming months we’ll be testing more new experiences we hope give you the most personalized and relevant information about the places and things you want to explore.” While Twitter struggles (link is external) with its direction, ecommerce appears to part of its broader ambitions. Among other efforts, the company has been inviting advertisers to create credit-card-connected promotions, and share them with users directly in their timelines. With their credit cards, users can redeem the new “Twitter Offers” in stores without the need for a coupon or numerical code. Full article available at http://bit.ly/1GuVHOT (link is external)

EMBARGOED FOR USE AFTER THE REPORT IS LAID IN PARLIAMENT BY THE PRIME MINISTER ON THURSDAY 11 JUNE 2015 Today the Prime Minister published the Report of the Investigatory Powers Review, entitled ‘A Question of Trust’. It was submitted to him by David Anderson Q.C. Independent Reviewer of Terrorism Legislation. Quote David Anderson said: “Modern communications networks can be used by the unscrupulous for purposes ranging from cyber-attack, terrorism and espionage to fraud, kidnap and child sexual exploitation. A successful response to these threats depends on entrusting public bodies with the powers they need to identify and follow suspects in a borderless online world. But trust requires verification. Each intrusive power must be shown to be necessary, clearly spelled out in law, limited in accordance with international human rights standards and subject to demanding and visible safeguards. The current law is fragmented, obscure, under constant challenge and variable in the protections that it affords the innocent. It is time for a clean slate. This Report aims to help Parliament achieve a world-class framework for the regulation of these strong and vital powers.” The Report The Review was conducted by a small independent team under the leadership of David Anderson Q.C. It received almost 70 written submissions. Further evidence was taken from public authorities (at the highest level of security clearance) and from a wide range of organisations and individuals in the UK, California, Washington DC, Ottawa, Berlin and Brussels. Parts I-III of the Report (Chapters 1-12) inform the debate by summarising the importance of privacy, the threat picture, the relevant technology, external legal constraints, existing law and practice and comparisons with other types of surveillance, other countries and private sector activity. They also summarise the views expressed to the Review by law enforcement, intelligence, service providers and civil society. Part IV of the Report (Chapters 13-15) sets out five underlying principles and 124 separate recommendations. Taken together, they form the blueprint for a new law to replace the Regulation of Investigatory Powers Act 2000 [RIPA] and the dozens of other statutes authorising the collection of communications data. The key recommendations are summarised in paras 10-34 of the Executive Summary at the start of the Report. They include, in particular: a new law that should be both comprehensive in its scope and comprehensible to people across the world (Executive Summary, paras 10-11); maintaining, subject to legal constraints, existing capabilities relating to compulsory data retention as provided for by DRIPA 2014 and formerly under an EU Directive (ES, para 12); the enhancement of those capabilities (e.g. by requiring the retention of “weblogs” as proposed in the draft Communications Data Bill 2012, the so-called “snoopers’ charter”) only to the extent that a detailed operational case can be made out and a rigorous assessment has been conducted of the lawfulness, likely effectiveness, intrusiveness and cost (ES, para 13); the retention subject to legal constraints of bulk collection capabilities (the utility of which is briefly explained by reference to six case studies from GCHQ: Annex 9), but subject to additional safeguards and to the addition of a new and lesser power to collect only communications data in bulk (ES, paras 14-15); a new requirement of judicial authorisation (by Judicial Commissioners) of all warrants for interception, the role of the Secretary of State being limited to certifying that certain warrants are required in the interests of national security relating to the defence or foreign policy of the UK (ES, paras 16-17); measures to reinforce the independence of those authorising requests for communications data, particularly within the security and intelligence agencies (ES, para 21); a new requirement of judicial authorisation of novel and contentious requests for communications data, and of requests for privileged and confidential communications involving e.g. journalists and lawyers (ES, paras 25-27); the streamlining of procedures in relation to warrants and the authorisation of requests for communications data by local authorities and other minor users (ES, paras 19, 23-24); improved supervision of the use of communications data, including in conjunction with other datasets and open-source intelligence (ES, para 29); maintaining the extraterritorial effect in DRIPA 2014 s4, pending a longer-term solution which should include measures to improve the cooperation of overseas (especially US) service providers and the development of a new international framework for data-sharing among like-minded democratic nations (ES, para 20). the replacement of three existing Commissioners’ offices by the Independent Surveillance and Intelligence Commission: a new, powerful, public-facing and inter-disciplinary intelligence and surveillance auditor and regulator whose judicial commissioners would take over responsibility for issuing warrants, for authorising novel, contentious and sensitive requests for communications data and for issuing guidance (ES, paras 28-32); expanded jurisdiction for the Investigatory Powers Tribunal, and a right to apply for permission to appeal its rulings (ES, para 33); and the maximum possible transparency on the part of ISIC, the IPT and public authorities (ES, para 44). Other Reports The Report endorses some of the recommendations of the Intelligence and Security Committee of Parliament (“Privacy and Security”, March 2015). But the Report is broader in its scope, covering the activities of all 600 bodies with powers in this field and not just the security and intelligence agencies. It also departs from the ISC in recommending (a) that a new law should apply across the board (Report, 13.35-13.44), and (b) that interception warrants should be judicially authorised (Report, 14.47-14.57) A further Independent Surveillance Review, to be conducted under the auspices of the Royal United Services Institute (RUSI), was commissioned in March 2014 by the Deputy Prime Minister. It has not yet issued a report. Encryption There has been some recent media speculation on the subject of encryption, which it may be useful to correct. The position communicated by the security and intelligence agencies to the Review is summarised (Report, 10.20) as follows: “The Agencies do not look to legislation to give themselves a permanent trump card: neither they nor anyone else has made a case to me for encryption to be placed under effective Government control, as in practice it was before the advent of public key encryption in the 1990s. There has been no attempt to revive the argument that led to the Clipper Chip proposal from the NSA in the 1990s, when public key cryptography first became widely available. But the Agencies do look for cooperation, enforced by law if needed, from companies abroad as well as in the UK, which are able to provide readable interception product.” The Report recommends that in the digital world as in the real world, “no-go areas” for intelligence and law enforcement should be minimised (13.7-13.14). But as concluded at 13.12: “Few now contend for a master key to all communications held by the state, for a requirement to hold data locally in unencrypted form, or for a guaranteed facility to insert back doors into any telecommunications system. Such tools threaten the integrity of our communications and of the internet itself. Far preferable, on any view, is a law-based system in which encryption keys are handed over (by service providers or by the users themselves) only after properly authorised requests.” Notes for editors: Section 7 of the Data Retention and Investigatory Powers Act 2014 http://www.legislation.gov.uk/ukpga/2014/27/section/7/enacted (link is external) required the Independent Reviewer of Terrorism Legislation to examine: the threats to the United Kingdom; the capabilities required to combat those threats; the safeguards to protect privacy; the challenges of changing technologies; and issues relating to transparency and oversight; and to report to the Prime Minister on the effectiveness of existing legislation relating to investigatory powers, and to examine the case for a new or amending law. This Report is a result of his work on those issues. David Anderson Q.C. is a barrister practising from Brick Court Chambers in London, a Visiting Professor at King’s College London, a Judge of the Courts of Appeal of Guernsey and Jersey and a Bencher of the Middle Temple. He is an experienced advocate in the European Court of Human Rights and in the Court of Justice of the EU: http://www.brickcourt.co.uk/people/profile/david-anderson-qc (link is external). He has served on a part-time basis since 2011 as the Independent Reviewer of Terrorism Legislation, reporting in that capacity to the Home Secretary, to the Treasury and to Parliament on the operation of the UK’s anti-terrorism laws. Contact: For more information about the Independent Reviewer of Terrorism Legislation and for a full copy of the Report please go to: https://terrorismlegislationreviewer.independent.gov.uk (link is external) or contact his clerk kate.trott@brickcourt.co.uk (link sends e-mail). You can also follow David on Twitter: @terrorwatchdog