As everyone knows, the Internet has dramatically altered (read: simplified) the way we communicate, do business and satisfy our intellectual and social curiosities. Indeed, Internet-based sales topped the trillion dollar mark for the first time in 2012 and are projected to increase 18.3% to 1.298 trillion in 2013. I’d take that rate of growth any day, particularly in the current world economy.
But like everything else, the Internet can have an insidious side as well. Every day, we wake up to another headline (or, more likely, multiple headlines) reporting on the malicious misuse of technology. Malware. Identity theft. Unlawful acquisition and use of financial, medical and other personally identifiable information. Theft of intellectual property. Geopolitical intrusions. Every day its something different.
Some days, it seems like reports of cyber crime are published hourly. And I am not exaggerating. Grab a copy of the New York Times and take a peek at the front page. Then look at the Times’ updated website. More often than not, you will see what I am talking about.
Yet what some find to be the most heinous Internet activities oftentimes get less attention than the economic, reputational and political reporting that predominates.
In certain ways, the United States arguably lags behind in cyber legislation. While the vast majority of U.S. states have enacted breach notification laws, there is little regulation akin to Europe’s “do not track” and “cookies” rules (although private industry, including some internet service providers, have attempted to address certain of the issues raised). Still, we do not have a Privacy Commissioner like Australia and Canada. Perhaps more troublesome, there is no overarching, omnibus federal cyber privacy legislation in the United States.
When it comes to legislating against crimes affecting our children, the U.S. leads the way in many respects. We previously posted an article written by my good friend Amanda Lorenz which discusses the private sector’s calls for regulation addressing the theft of children’s identities (here).
Most right-thinking people agree that internet predators should be incarcerated (irrespective of whether their victims are children or adults). Such miscreants come in all shapes and sizes and operate in countries around the globe. You may even know one without realizing.
While such despicable conduct is legislated globally, the same can not be said for online marketing to and the collection of personal information concerning children. In that regard, America is one of the leaders.
Many Americans have heard of The Children’s Online Privacy Protection Act of 1998 (COPPA), 15 U.S.C. §§ 6501–6506, which became effective in 2000. But most people don’t know what it says or what it is intended to do beyond the obvious.
Specifically, COPPA addresses website operators’ responsibilities to protect the online privacy and safety of children under 13, including with respect to marketing activities. Among other things, the Rule requires operators of websites and online services directed to children under 13 as well as those which knowingly collect childrens’ personal information to provide parents with prior notice of such activities and obtain their verifiable consent before collecting, using or disclosing a child’s personal information. COPPA also mandates that such entities maintain the security of the information they assemble.
In turn, the Rule contains a “safe harbor” that allows industry groups and others to obtain government approval of self-imposed regulatory guidelines.
Like other U.S. legislation, COPPA is a living document. As such, it is not static and can be amended and updated as necessary. This is particularly important in the context of the moving targets of technology and the way children use and access the Internet, including their increased use of mobile devices and social networking. Most recently, COPPA was amended to incorporate significant new Rules which will go into effect on July 1, 2013.
Among the myriad enhancements, the amended Rule extends the definition of PII to include geolocation data, persistent identifiers (such as an IP address, or unique device identifier), photos, audio and videos, and, under certain conditions, usernames and screen names. A full explication of the amendments can be found at http://www.ftc.gov/opa/2012/12/coppa.shtm.
Jurisdiction to enforce COPPA rests with the Federal Trade Commission (FTC), whose mission is to “prevent business practices that are anticompetitive or deceptive or unfair to consumers; to enhance informed consumer choice and public understanding of the competitive process; and to accomplish this without unduly burdening legitimate business activity.”
While COPPA is U.S.-centric, the FTC has emphasized that its mandates apply with equal force and effect to foreign-operated web sites if such sites “are directed to children in the U.S. or knowingly collect information from children in the U.S.”
As many readers are aware, the FTC has become more active in regulating online and electronic activities, initiating a rapidly-increasing number of proceedings involving alleged improper Internet and technology-based activities. And the frequency of claims and settlements involving alleged violations of COPPA is growing.
Surprisingly, many first-world countries have not yet enacted comparable legislation. Which, as a parent and human being, I find unacceptable.
Still, I would be remiss if I did not commend countries such as Australia, which has enacted analogous laws. In turn, the Canadian Supreme Court has ruled that a victim of internet bullying below the age of majority can initiate litigation as a Jane or John Doe without having to identify themselves. But, regrettably, these are the exceptions rather than the rule.
Just as society and the global economy are evolving, so too should our laws. COPPA is an example of a Rule where aggressive government activism is not only appropriate, it is required. And until the rest of the world catches up with the U.S. and Australia to enact such protections, legislators and courts are neglecting our childrens’ and societal safety and welfare. Shame on them.
One Response to “Protecting Our Children from Internet Predators, Marketers and Information Aggregators: The Need for Aggressive Government Intervention”
Leave a Reply
You must be logged in to post a comment.