US regulators propose new online privacy safeguards for children
The Federal Trade Commission on Wednesday proposed sweeping changes to strengthen a key federal rule protecting children's online privacy, one of the most significant efforts by the US government to strengthen consumer privacy in more than a decade. Is one of.
These changes are intended to strengthen the rules underlying the Children's Online Privacy Protection Act of 1998, a law that prohibits online tracking of youth by services such as social media apps, video game platforms, toy retailers, and digital advertising networks. Regulators said the move would shift the “burden” of online safety from parents to apps and other digital services, while curbing how platforms can use and monetize children's data.
Among other things, the proposed changes would require some online services to turn off advertising targeted at children under 13 by default. They will prevent online services from using personal details such as a child's cellphone number to motivate young people to stay on their platforms longer. This means online services will no longer be able to use personal data to send push notifications to young children.
The proposed update would also strengthen security requirements for online services that collect children's data and limit how long online services keep that information. And they would limit the collection of student data by learning apps and other educational-tech providers by requiring schools to consent to collecting children's personal details only for educational purposes, not commercial purposes.
“Children should be able to play and learn online without being constantly tracked by companies looking to collect and make money from their personal data,” Federal Trade Commission Chairwoman Lena M. Khan said in a statement Wednesday. “By requiring companies to better protect children's data, our proposal places positive obligations on service providers and prevents them from outsourcing their responsibilities to parents.”
COPPA is the central federal law protecting children online in the United States, yet members of Congress have since attempted to introduce other bills.
Under the COPPA law, online services for children, or that they know have children on their platform, must notify parents before collecting, using or sharing personal details – such as first and last name, address and phone number. Permission will have to be taken. Child under 13 years of age.
To comply with the law, popular apps like Instagram and TikTok have terms of service that prevent children under 13 from creating accounts. Social media and video game apps commonly ask new users to provide their date of birth.
Nevertheless, regulators have filed several complaints against big tech companies accusing them of failing to set up effective age-gating systems; Showing targeted advertisements to children based on their online behavior without parental permission; enabling strangers to contact children online; Or keeping children's data even after parents ask them to delete it. Amazon; Microsoft; Google and its YouTube platform; Epic Games, creators of Fortnite; and Musical.ly, the social app now known as TikTok, have all paid multimillion-dollar fines to settle charges that they violated the law.
The FTC's proposal to strengthen children's privacy protections comes amid growing public concern over the potential mental health and physical safety risks that popular online services may pose to young people online. Parents, pediatricians and children's groups warn that social media content recommendation systems routinely show young girls inappropriate content promoting self-harm, eating disorders and plastic surgery. And some school officials worry that social media platforms distract students from their schoolwork in the classroom.
States have passed more than a dozen laws this year that restrict minors' access to social media networks or pornography sites. Industry trade groups have successfully sued to temporarily block many of those laws.
The FTC initiated a review of the Children's Privacy Rule in 2019, receiving more than 175,000 comments from tech and advertising industry trade groups, video content developers, consumer advocacy groups, and members of Congress. resulting proposal Runs over 150 pages.
The proposed changes include reducing an exception that allows online services to collect persistent identification codes for children without parental consent for certain internal functions such as product improvement, consumer personalization or fraud prevention.
The proposed changes would prevent online operators from using such user-tracking code to maximize the time children spend on their platforms. This means that online services would not be able to use technologies such as sending mobile phone notifications “to induce a child to engage with the site or service, without verifiable parental consent,” according to the proposal.
How online services will comply with such proposed changes is not yet known. Members of the public have 60 days to comment on the proposed changes to the children's privacy rule. Then the commission will vote on them.