Publishings

This EU-commissioned report--"Assessment of Young people's exposure to alcohol marketing in audiovisual and online media" analyzes the role of Facebook and other social media. It was written by Rand Europe (and CDD is cited, among many others).

The leading U.S. consumer groups and many others filed this today at the Federal Trade Commission asking for the new children's safeguards to go into effect as planned this July. It's in response to requests made last week by the trade groups Interactive Advertising Bureau (see attached) and Application Developers Alliance (link is external). The filing well-documents why the new rules better protecting children online and empowering parents are needed now. It also serves as a counter-point to the Direct Marketing Association (link is external) and media business lobby FTC filing also seeking a delay of the rules.

Second in a series from leading U.S. privacy and consumer NGOs on the failure of U.S. law and regulation to protect privacy.

A series of the failure of U.S. privacy policies to protect consumers. The first paper was written by CDD on the failure of self-regulation. The second was written by the ACLU and Friends of Privacy, USA.

CDD and U.S. PIRG Education Fund filed comments yesterday with the FFIEC (link is external), the federal body which develops policies for the Consumer Financial Protection Bureau, Federal Reserve, FDIC, etc. We called for a set of strong safeguards to protect consumers from largely opaque and unfair social media marketing practices used in the financial marketplace. It especially called for regulation with the growing use of predictive "scoring (link is external)" products that evaluate how a financial service can view the creditworthiness of a consumer. The filing also called for an investigation into how Facebook's marketing appartus is used in the consumer financial marketplace, and the need to closely scrutinize the growing role of mobile devices.

This letter was sent today to new FTC Chairwoman Edith Ramirez by three-dozen NGOs--including the national leaders in the consumer and privacy fields.

As part of the comprehensive system of commercial surveillance tracking us 24/7 wherever we go and do, more companies are integrating offline and purchasing data with online information. But when the largest commercial database of individuals around the world marries (link is external)its user data with the ton of consumer records held by Acxiom, Epsilon, (link is external) Bluekai (link is external) and Datalogix, (link is external) major privacy and consumer protection issues are raised. Acxiom--whose President just told (link is external) the annual meeting of online marketing hotshots that “Data can make you rich,” offers new ways to track and target a user. It just unveiled what it calls its "AbiliTag" system (which will presumably be used by Facebook). Here's how Ad Age describes (link is external) what it can do: "The tag system extends the technology Acxiom uses internally to match its clients' direct mail, email, online cookies and other data sets, now enabling it for ad targeting online and in mobile. The system will eventually be used for digital TV ads also. The approach is not entirely different from offline-to-online database matching that connects an advertiser's data to large sites with registration data such as Yahoo or AOL. However, Acxiom argues that its system goes beyond that approach by allowing sites that don't have registration information to connect advertisers to their customers in digital channels. The idea is to use the Acxiom tag to identify a customer who visits an Acxiom client site, then a publisher partner site." Acxion describes (link is external) AbilTag's benefits to publishers (excerpt): "With AbiliTag publishers can access a growing range of benefits from Acxiom: Provide advertisers access to the richest possible audience information - their audience data along with advertisers’ CRM data (the best targeting data available) and Acxiom’s rich demographic and interest data. Assure the highest quality of integration through Acxiom’s patented real-time audience matching and recognition solution AbiliTag. ... Offer more precise online audience targeting, measurement and attribution to advertisers. Provide Fortune 500 advertisers audience targeting capabilities with data they are already know and understand. Offer secure, scalable and compliant access to 45M+ consumers per month on 60M+ devices. Offer audience portraits utilizing the combined audience data that demonstrate greater insight and added value to advertisers. ... Allow advertisers to leverage insights from offline multivariate consumer prediction models where propensity to purchase, shopper preferences, and LTV are already known." Meanwhile, Facebook is acquiring from its partner Microsoft the online ad analytics and attribution company Atlas (link is external). Here's what Atlas does with Facebook data: "Advertisers create and designate an ad to an engineered audience in Facebook, comprised of various parameters, including demographic and interest-based criteria. The resonance of the message within each audience can then be measured with precision and reported within Atlas. From this, a compelling story can be told. For example, advertisers can gain true insights into the traction their messaging holds in driving acquisition. In addition, by merit of supported impression and view through metrics, latent branding effects can be examined, identifying correlations with consumer behavior weeks to months following exposure to Facebook advertising. Audiences and creative messaging can be constantly refined until the advertiser sees the optimal results they are striving for. Additionally through statistical aggregation the overall performance of social display can be evaluated and pitted against other channels that are competing for credit. Viewing Facebook tracked data through Atlas’s Engagement Mapping (link is external), advertisers can ascertain where Facebook falls within the purchase funnel and make the most informed decisions as a result. The implications of Facebook tracking within Atlas, however, reach far beyond linear performance measurement and standard reporting. The FTC, Senate Commerce Committee, GAO and others examining the impact of Big Data Brokers on privacy and consumer protection should make Facebook's new set of data gethering and targeting alliances a key focus.

Statement on Appointment of Edith Ramirez at Chair of the FTC by Jeff Chester, CDD Edith Ramirez cares deeply about consumers and the issues that effect their everyday lives. She is always willing to listen and works hard to find out the facts before making a decision. We have found her to display unique insights on issues critical to consumer welfare and competition. Ms. Ramirez will be a thoughtful and effective leader of an agency that has been strengthened over the last several years to better meet the consumer protection challenges of the 21st Century. Under her leadership, we expect the FTC to blaze new ground on privacy—especially involving mobile devices, digital data brokers and Do Not Track.

CDD has obtained a Yahoo! (link is external)lobbying document being given to EU policymakers. Yahoo! is working to undermine pending legislative proposals that would significantly strengthen the rights EU citizens have regarding the collection and use of their information. Entiled "Yahoo! Rationale for Amendments to Draft Data Protection Regulation as Relate to Pseudonymous Data," the document attempts to persaude EU policymakers that the kind of information on users the company (and most others (link is external)) collect to fuel their extensive data profiling and targeting services should--guess--be exempt from the proposed new privacy safeguards. Yahoo! (link is external)is one of the US companies lobbying hard to weaken the EU proposal, which would set a new global standard for Internet privacy protection. Yahoo! (link is external) and others are trying to argue that the vast amounts of data (link is external)used to create targeting profiles on individuals--but which does not contain our name, address or other information that identified us in the pre-Internet era--should be exempt from the proposed safeguards on explicit consent and profiling, for example. Yahoo! (link is external) and other US companies should not be undermining the principled and civil liberties based privacy proposals of the EU. Short-term profits placed before building democratic safeguards for the 21st Century is a shamefully misplaced business model--especially from companies like Google, Facebook, etc. which try and cloak what they do as digital beacons of freedom.

This letter was sent today to top Obama Administration officials.

In the European Union, privacy is a fundamental Human Right. So it’s no surprise that leading EU officials are supporting (link is external) a proposal that place citizens and consumers in better control of their information (or, as its called in the EU, ensuring “data protection”). Many in the EU understand the stakes, as today’s digital tracking and profiling technologies enable far-reaching surveillance and influence on individuals. Online marketers, for example, have—in their own words—created a “360 degree” system to gather information on our actions, behaviors, location, relationships, etc. This information is placed in “profiles” which are built using a bevy of personal data and various mathematical algorithms that can be used to make predictions about us (whether, for example, we may be someone economically successful or not). Today, our privacy is further at risk, with marketers and others able to gather our geo-location data (where we are and where we go via our mobile devices); who are friends are and what they are doing (via Facebook and other social media); and where and what we spend (about to be made even more accessible with the growth of “digital wallets” and location-based payment services). The European Commission has proposed, and EU Member of Parliament Jan Philipp Albrecht (link is external)has amended, legislation that creates the global standard for privacy protection. (Albrecht is on the key Civil Liberties, Justice and Home Affairs –LIBE (link is external)--committee). The law would allow an individual to control “profiling” and surveillance done by others on them. This is the kind of safeguard that must threaten the US data collection industry (Google, Facebook, Yahoo and others). For example, the Commission’s draft explains that “…it should be ascertained whether individuals are tracked on the internet with data processing techniques which consist of applying a ‘profile’ to an individual, particularly in order to take decisions concerning her or him or for analysing or predicting her or his personal preferences, behaviours and attitudes.” Albrecht’s amended version ensures that individuals actually control whether information can be collected at all (“In order for processing to be lawful, personal data should be processed on the basis of the specific, informed and explicit consent of the person concerned.”). No wonder the US business lobby, with help from the Obama Administration, is engaged in a campaign to scuttle the EU proposal (Albrecht is quoted as saying the lobbying (link is external) campaign agains (link is external)t the EU privacy proposed law is very extensive). A delegation of leading US NGOs representing consumer, privacy and civil liberties went to Brussels this week to meet with Members of the European Parliament. The US group included the ACLU, Consumer Federation of America, Friends of Privacy USA, CDD and others. Here are the materials we distributed; a Obama Administration document given to EDRI (link is external), the EU digital rights group, as part of the campaign to undermine support for the proposed stronger EU data protection proposals; and the EU privacy proposal and amendments. US Administration and industry attempts to undermine the privacy rights of EU citizens also threaten online users throughout the world. What is needed is a meaningful standard for privacy protection that places people in charge of their information--not massive data brokers or governments. We plan to press the Obama Administration to stand up for privacy over the narrow interests of the digital data collection lobby.

The report (link is external)released today by the Federal Trade Commission analyzing expenditures by food and beverage marketers to target both children and teens shows a dramatic increase in the use of digital marketing. According to the report, "spending on new media, such as online, mobile, and viral marketing, increased by 50%." The report also underscored how young people are the target of "integrated" campaigns, pursued across the "4 Screens (link is external)" which marketers now regulary use. Kids are being prompted to "pester" their parents to buy these products, according to industry research uncovered by the Commission. Digital marketing is a powerful medium which utilizes far-reaching tactics designed to promote brands and sell products. The "360 degree" marketing apparatus ensures that even young consumers can be tracked and reached wherever they are--at home, in school, on the street and in stores. Online ads can be bought cheaply--and deliver bigger results than other forms of advertising (think social media viral campaigns where you get so-called friends to promote products to friends). The nation's youth obesity epidemic illustrates that more is needed than just a report. The FTC should convene stakeholders to develop a set of Fair Digital Marketing Practices for Children and Teens. Many of the techniques used by food and beverage marketers and media companies--such as neuromarketing (link is external), peer to peer viral campaigns, and location-based targeting--are not appropriate for youth. Industry will need to take more responsibility. Policymakers, especially the FTC, will need to dig further into how food marketers use digital techniques on America's young people. Regulation is required. Jeff Chester, CDD

Leaders of the Effort to Pass COPPA in 1998 Say Parents Should Now Have Greater Control of their Children’s Information Online Digital Media Companies Must Implement New Policies to Protect Children’s Privacy Online Washington, DC: The team of privacy advocates and lawyers responsible for passage of the Children’s Online Privacy Protection Act (COPPA) in the late 1990s expressed strong support for the Federal Trade Commission’s long-awaited release of its updated children’s privacy rules, announced today, while urging regulators to keep a watchful eye on continuing developments in the mobile app and social media industries. “We are at a critical moment in the growth of the children’s digital marketplace,” said Kathryn Montgomery, Professor of Communication at American University, “as social networks, mobile phones and gaming platforms become an increasingly powerful presence in the lives of young people. The new rules should help ensure that companies targeting children throughout the rapidly expanding digital media landscape will be required to engage in fair marketing and data collection practices. We applaud the FTC for its rigorous and comprehensive review of the COPPA rules and for bringing them up to date with industry changes. However, the Commission will need to engage in ongoing monitoring efforts, as well as strong enforcement actions, if the implementation of these rules is to be effective in the long run. The FTC’s recent report on the children’s app market indicates that, even in the midst of an intense public debate over privacy policy, too many companies in this industry have operated with little regard for their legal obligations to children.” “The Commission’s decision today is a major step forward,” said Jeff Chester, Executive Director of the Center for Digital Democracy. “We are especially gratified that this decision puts to rest the longstanding and disingenuous claims by the digital marketing industry that cookies and other persistent identifiers are not personally identifiable information. The revised rules also address the increasingly pervasive use of geolocation, behavioral targeting, and social media data collection. But we are concerned about possible loopholes that could undermine the intent of the rules. CDD plans to continue closely analyzing the emerging marketing and data practices targeted at children--with a sharp focus on app developers and social marketers like Facebook--and will file complaints against any company that violates the new rules.” “I am pleased that the FTC has updated its rules implementing the Children’s Online Privacy Protection Act, as Congress intended, to specifically account for new technologies and marketing practices,” observed Angela Campbell, Director of the Institute for Public Representation at Georgetown University Law Center. “While the revised rules provide significantly greater protections for children, we will monitor industry compliance with the new regulations. Where we find that companies fall short, as we did recently with the Mobbles and SpongeBob Diner Dash apps, we will file additional requests for investigation.” Kathryn Montgomery and Jeff Chester spearheaded the campaign to pass COPPA during the 1990s, leading a coalition of prominent education, health, and consumer groups in a two-year effort, and working closely with Angela Campbell and a team of law students at Georgetown Law’s Institute for Public Representation, which served as legal counsel to the coalition. Although the law took effect in the formative period of Internet marketing, it was purposely designed to adapt to changes in both technology and business practices, with periodic reviews by the FTC to ensure its continued effectiveness. With the expansion of digital media platforms and the growing sophistication of online data collection and profiling, the need for updating the rules became increasingly urgent. Since 2010, the Center for Digital Democracy and a coalition of other consumer and public health organizations have been urging the FTC to update its COPPA rules to encompass the expanding array of digital platforms and marketing services used to reach and target young people. In a letter submitted to the Commissioners last week, more than 50 organizations – including the American Academy of Child and Adolescent Psychiatry, CDD, Common Sense Media, Consumer Federation of America, Consumers Union, the American Academy of Pediatrics, the American Psychological Association, and the American Heart Association – strongly endorsed the agency’s proposed rules, calling for timely action to adopt them. --30--

The dramatic growth of the data broker industry, fueled by information on consumers culled from the Internet, social media, mobile phones, and in-store shopping, has created a multitude of all seeing eyes spying on Americans everyday. A digital gold mine of infinite details is harvested about each of us--what we buy, who are friends are, how much we earn, our ethnicity, health concerns, location, etc. For the most part, these records are off limits to consumers, who can't really discover what they say about us--including the likely errors they may contain. Today's action by the FTC (link is external) will unmask this largely stealth consumer surveillance industry. It will shine a powerful regulatory spotlight on such disturbing practices as the use of so-called "e-scores," which are used to signal to others information about our creditworthiness, potential revenues for marketers or even whether our calls for service should be answered first by telephone operators. Our data is sold to the highest commercial bidder in milliseconds, who can use the information for almost any purpose--yet it is unavailable so a consumer can review or challenge it. The data broker business, which now comprises far-reaching partnerships between numerous small and large companies, should not be permitted to operate without ensuring transparency and control to the individual consumer. That's especially important in this era of Big Data shaping our democracy. For a recent analysis of databroker tactics in the digital real-time consumer targeting era, see a paper (link is external)just published by Ed Mierzwinski of USPIRG and Jeff Chester of CDD An example of databroker techniques discussed by Acxiom is attached.

The dramatic growth of the data broker industry, fueled by information on consumers culled from the Internet, social media, mobile phones, and in-store shopping, has created a multitude of all seeing eyes spying on Americans everyday. A digital gold mine of infinite details is harvested about each of us--what we buy, who are friends are, how much we earn, our ethnicity, health concerns, location, etc. For the most part, these records are off limits to consumers, who can't really discover what they say about us--including the likely errors they may contain. Today's action by the FTC (link is external) will unmask this largely stealth consumer surveillance industry. It will shine a powerful regulatory spotlight on such disturbing practices as the use of so-called "e-scores," which are used to signal to others information about our creditworthiness, potential revenues for marketers or even whether our calls for service should be answered first by telephone operators. Our data is sold to the highest commercial bidder in milliseconds, who can use the information for almost any purpose--yet it is unavailable so a consumer can review or challenge it. The data broker business, which now comprises far-reaching partnerships between numerous small and large companies, should not be permitted to operate without ensuring transparency and control to the individual consumer. That's especially important in this era of Big Data shaping our democracy. We are also gratified that the FTC asked for databrokers to supply information related to both children and adolescents. For a just published report on digital databroker practices, the FCRA, and consumer protection written by Ed Mierzwinski of USPIRG and Jeff Chester of CDD, go to SSRN. (link is external) For an example of databroker techniques, see attached.

Center for Digital Democracy Charges that Nickelodeon’s Mobile SpongeBob Game Violates the Children’s Online Privacy Protection Act Urges Federal Trade Commission to Investigate and Bring Action Against the Leading Children’s Cable Channel Nickelodeon and PlayFirst Don’t Play Fair, Collecting Personal Information from Kids and Inducing In-Game Purchases Washington, DC: The Center for Digital Democracy (CDD) filed a complaint today asking the Federal Trade Commission (FTC) to investigate and bring action against cable network Nickelodeon and mobile game-maker PlayFirst for deceptive marketing of the SpongeBob Diner Dash game and for violating the Children’s Online Privacy Protection Act (COPPA). The mobile game, which is featured as a free iPhone and iPad app in the “Kids Games” section of Apple’s iTunes store, is based on characters from the popular “SpongeBob SquarePants” cable show (which for the past 12 years has been the most-watched television program for kids ages 2-11). The app store description assures consumers that the game complies with COPPA. However, as CDD’s filing documents, Nickelodeon and PlayFirst engage in several practices that are clear violations of the children’s privacy law. The objective of the game is for children to help SpongeBob “seat, serve, and satisfy all kinds of fishy customers in five colorful Bikini Bottom restaurants,” run by the greedy, selfish Mr. Krabs from the show. SpongeBob Diner Dash is a “freemium” game, which can be initially downloaded for free, but is designed to encourage users to buy virtual “coins” that can be spent on items such as shoes that make SpongeBob walk faster, or a frying pan that makes the food cook faster. Children are also prompted to spend more money to buy upgraded versions of the game. As the complaint documents, Nickelodeon and PlayFirst engage in deceptive acts by representing in the privacy disclosure on the Apple App Store that the app’s “data collection is in accordance with applicable law, such as COPPA,” when in fact it is not. The SpongeBob Diner Dash game asks children to provide a wide range of personal information, including full name, email address, and other online contact information, without providing notice to parents or obtaining prior parental consent, as required by the Children’s Online Privacy Protection Act. Nor does the app provide an adequate description of the personal information it collects or how it is used. The filing asks the FTC to investigate the apps’ data collection and privacy notice practices, including its use of mobile marketing technologies such as unique device identifiers (UDIDs) and “device tokens,” which enable companies to send custom messages to individual children in the form of “push notifications.” These forms of “online contact information” are considered personal information under current COPPA rules. “It is disturbing to learn that a well known children’s brand such as Nickelodeon is flouting basic privacy protections for children. Even more troubling, Nickelodeon tells parents that it complies with the law protecting children’s privacy when it does not” commented Laura Moy, an attorney at Georgetown Law’s Institute for Public Representation (IPR), which prepared the complaint on behalf of CDD. Moy urged that “the FTC take action to ensure that all companies targeting mobile apps to kids are complying with the law.” “It is clear that this is not an isolated incident,” said Jeff Chester, CDD’s Executive Director. “As the FTC report last week on children’s mobile apps revealed, this industry is not taking seriously its obligations under COPPA. The Commission needs to step up its enforcement actions and adopt new rules that will address the growing threats to children’s privacy in the expanding mobile marketplace.” A copy of CDD’s request is available at http://db.tt/oA1kEKSP (link is external) --30--

FOR IMMEDIATE RELEASE December 13, 2012 50+ ADVOCACY GROUPS CALL FOR UPDATES TO KIDS’ ONLINE PRIVACY PROTECTIONS WASHINGTON, DC and SAN FRANCISCO, CA -- A broad coalition of child advocacy, health, parents, privacy, and consumer organizations--including the American Academy of Pediatrics, the American Heart Association, the American Psychological Association , US Conference of Catholic Bishops, and Consumers Union -- has released a letter to the Federal Trade Commission (FTC) to express strong support for proposed updates to the Children’s Online Privacy Protection Act (COPPA). COPPA was passed by Congress in 1998, and is designed to enable parents to decide how and whether Internet companies and operators can collect and use personal information from their children under the age of 13. The FTC is considering the first updates to the COPPA rules, which were established in 2000. Since then, dramatic changes in the online and mobile world, and sophisticated new data collection and marketing practices, have undermined the ability of parents to make meaningful decisions for protecting their children’s privacy and safety. Recognizing those changes, the coalition letter describes the proposed updates to the COPPA rules as “not only essential, but also urgent.” The letter and list of co-signing organizations can be found at www.democraticmedia.org. In addition, in three separate petitions organized by Public Citizen (link is external), Campaign for a Commercial-Free Childhood (link is external), and Common Sense Media and the Center for Digital Democracy (link is external) over 10,000 petitioners have shown support for the FTC’s plans to update COPPA and keep parents--and not companies--in control of their children's online data.

Washington, DC: The Center for Digital Democracy (CDD) filed a complaint today with the Federal Trade Commission (FTC) calling for an investigation of and action against the Mobbles Corporation for operating the mobile application Mobbles in violation of the Children’s Online Privacy Protection Act (COPPA). Mobbles, a game involving virtual pets, is directed at children under age 13. It collects personal information from children without providing any notice to parents (nor even attempting to obtain verifiable parental consent), as required by law. Available since May 2012 on iTunes for the iPhone and from the Google Play store for Android devices, Mobbles has ranked among the top 100 grossing “Entertainment” iTunes apps in 24 countries, and among the top 10 in 10 countries. Between 10,000 and 50,000 users downloaded Mobbles over the last 30 days in the Google Play store alone. An elaborate, location-based game that involves capturing, collecting, trading, and caring for virtual pets, “Mobbles” raises a number of privacy and child-safety issues, CDD’s complaint explains. First, because Mobbles is a location-based game, it uses smart-phone technology both to determine and to share the precise physical location of children playing the game. Second, because users must be within 54 yards of a Mobble to “catch” it, the game encourages children to wander around at all hours to get close enough to capture a particular Mobble (some of which are only available at night). Third, through its newsletter sign-up and registration required for pet trading, Mobbles collects children’s email addresses and other contact information without parental notice or consent. And, finally, although many of the game’s items are available free (as is the game itself), Mobbles encourages the expenditure of actual funds (via credit-card accounts) to acquire virtual items that are only available for purchase. As CDD’s complaint makes clear, Mobbles violates COPPA’s requirement that any online service directed at children provide notice “of what information it collects from children, how it uses such information, and its disclosure practices for such information,” and obtain parental consent before collecting personal information from a child. Mobbles provides no privacy policies nor does it make any attempt to obtain parental consent before collecting a child’s physical address, online contact information, or the online contact information of a child’s friends. “This case underscores the urgent need to update the Federal Trade Commission’s rules on children’s online privacy,” said CDD Executive Director Jeff Chester. “The use of persistent identifiers on mobile devices and other platforms must be covered under the proposed new COPPA regulations.” “By its very design, the Mobbles app takes unfair advantage of children’s developmental vulnerabilities, and even potentially threatens their personal safety,” commented Dr. Kathryn Montgomery, Professor of Communication at American University, who spearheaded the campaign for COPPA in the 1990’s. “This complaint provides a glimpse into a much larger, rapidly growing children’s mobile market, in which companies are unleashing all of the available techniques for targeting kids, including geo-location, instant rewards, and in-phone purchases. In the process, these companies are capturing a wide range of personal information available on smart phones and other mobile devices. Such practices not only violate the law, but also fly in the face of industry promises to protect children’s privacy in the digital media marketplace.” CDD’s filing was prepared by the Institute for Public Representation at Georgetown University Law Center. Georgetown Law Student Jessica Wang, who researched and drafted the request, urged the FTC “to act promptly to stop mobile apps such as Mobbles from pinpointing children's physical location, sending them direct messages, and contacting kids' friends without their parents' knowledge and permission.” Noting that on Monday the FTC released a report documenting that a large percentage of the most popular mobile apps for kids are collecting information without parental notice and consent, Angela Campbell, Director of the Institute for Public Representation, urged the FTC to include Mobbles as one of the apps it planned to investigate.

FOR IMMEDIATE RELEASE Dec. 6, 2012 New Survey Reveals Strong Support for Updating Children’s Online Privacy Protection Act Majority express concerns about new marketing and data-collection practices such as behavioral profiling and mobile tracking WASHINGTON, DC and SAN FRANCISCO – Two leading nonprofit groups, the Center for Digital Democracy and Common Sense Media, today released the results of a new survey on public attitudes about children’s online privacy. The study — conducted over a two-week period in November by Princeton Research Associates International (PSRAI) — polled more than 2,000 adults and found overwhelming support for the Children’s Online Privacy Protection Act (COPPA), the law that requires parental consent before websites can collect personal information from children under the age of 13. The findings revealed strong support not only for the basic principles of the law, but also for several key proposed changes in the rules that would address a range of online business practices — including mobile marketing and behavioral profiling — that have emerged since the COPPA took effect more than a decade ago. The Federal Trade Commission is expected to announce a number of updates to the COPPA regulations in the coming weeks. The majority of respondents in the survey (90%) expressed support for COPPA’s basic requirement that online companies seeking to collect personal information from young children must first obtain permission from parents. In addition, the survey found significantly high levels of support for safeguards to protect children from many of the data collection and marketing practices that are frequently used to target them in today’s digital media environment. Respondents expressed disapproval of a number of techniques increasingly employed by many child-directed websites — 80% of adults were opposed to allowing advertisers to collect and use information about a child’s activities online, even in cases where advertisers do not know the actual name and address of a child. The survey also found that both parents and nonparents largely agree on many points: 91% of both parents and adults believe it is not okay for advertisers to collect information about a child’s location from that child’s mobile phone. 94% of parents and 91% of adults agree that advertisers should receive the parent’s permission before putting tracking software on a child’s computer.96% of parents and 94% of adults expressed disapproval when asked if it is “okay OK for a website to ask children for personal information about their friends.” 91% of parents said they strongly disagree with the idea, as did 86% of adults. Congress passed COPPA in 1998 with bipartisan support. The law established a set of safeguards for website operators targeting children under 13, and ensured that parents would play the key decision-making role in determining whether and how their children’s personal information would be used in the online environment. The law was purposely designed to respond to changing technologies and business practices, and requires the Federal Trade Commission to conduct periodic reviews. A coalition of child advocacy, consumer, public health, and privacy groups has called on the FTC to update its COPPA rules to cover many of the techniques that marketers are using today, which include: collecting geolocation information from a child’s mobile phone; targeting children and their friends through social networks and interactive games; and employing cookies, plug-ins, and other software to track young peoples’ online behaviors. The FTC proposed changes to the rules last year, and has sought comments from a wide range of industry and public interest groups, but has yet to release its revised regulations. “It is clear from these findings that the public supports strong action by the FTC to address the disturbing and widespread practices that threaten the privacy and safety of our nation’s children,” said Kathryn C. Montgomery, Ph.D, professor of communication at American University and one of the leaders of the campaign to pass COPPA during the 1990s. “Children should be able to reap the benefits of this new participatory media culture without being subjected to techniques that take advantage of their developmental vulnerabilities. We must ensure that the COPPA rules are updated effectively so that the generation of young people growing up online today will be treated fairly in the growing digital marketplace.” “The results of this poll should be a wake-up call to the industry that parents understand what’s at stake for their kids in a digital world, and want the power to protect their children to remain in their hands,” said James P. Steyer, CEO and founder, Common Sense Media. “The industry argues that updates to COPPA will stifle innovation and cost jobs, when in fact, they should respect the role of parents and use it build consumer trust. The FTC’s recommended updates to COPPA represent the most important regulation of the past 10 years when it comes to protecting our kids’ privacy. They will help ensure that parents have better information and tools, and that parents -- not third-party ad networks and data brokers -- get to decide when their children’s personal information can -- and can’t -- be collected, shared, and sold.” Additional information about the survey, including a summary of findings, full tables, and an infographic can be found at www.democraticmedia.org and www.commonsense.org/COPPA (link is external). To download the summary of findings directly, and a new Infographic on "Big Data, Little Kids," see attached. About Center for Digital Democracy The Center for Digital Democracy (CDD) is recognized as one of the leading consumer protection and privacy organizations in the United States. Since its founding in 2001 (and prior to that through its predecessor organization, the Center for Media Education), CDD has been at the forefront of research, public education, and advocacy on protecting consumers in the digital age. Its impact has been highly significant, fostering widespread debate, educating a spectrum of stakeholders, and creating a legacy of government and self-regulatory safeguards across a variety of Internet and digital media platforms. CDD’s public education programs are focused on informing consumers, policy makers, and the press about contemporary digital marketing issues, including its impact on public health, children and youth, and financial services. For more information, visit www.democraticmedia.org (link is external). About Common Sense Media Common Sense Media is dedicated to improving the lives of kids and families by providing the trustworthy information, education, and independent voice they need to thrive in a world of media and technology. We exist because our kids are growing up in a culture that profoundly impacts their physical, social, and emotional well-being. We provide families with the advice and media reviews they need in order to make the best choices for their children. Through our education programs and policy efforts, Common Sense Media empowers parents, educators, and young people to become knowledgeable and responsible digital-citizens. For more information, go to: www.commonsense.org (link is external).