FTC's Proposed Changes to Children’s Online Privacy Laws

Introduction of opt-in for targeted ads

The Federal Trade Commission (FTC) proposes to overhaul the current laws governing children's online privacy to guard against the potential misuse of digital advertising more effectively. One proposed alteration is introducing an 'opt-in' system for targeted ads directed towards children under 13.

According to the proposed changes, online companies would have to turn off targeted ads by default for kids under this age bracket and need explicit permission to turn them back on. This measure would ensure that advertisers can't exploit the vulnerability of kids who may not fully understand the implications of targeted ads.

Prohibition on nudging kids to stay online

Another significant proposal the FTC is considering is to prohibit online platforms from applying tactics to "nudge" children to stay online longer than necessary. Such tactics take advantage of the children's less-developed impulse control and can lead to excessive screen time, privacy compromise, and other associated risks.

The FTC recognizes the need to protect children from such practices and plans to implement regulations limiting online platforms' ability to employ these nudging strategies.

Limitations on the use of educational technology (Ed-Tech)

As part of the sweeping changes, the FTC also proposes to set limitations on educational technology, or Ed-Tech. While Ed-Tech can be essential for enhancing educational experiences, their widespread use has raised privacy concerns.

The agency plans to enforce stricter guidelines on how Ed-Tech companies use and handle student data, ensuring they comply with privacy laws. These guidelines aim to encourage education providers to consider the privacy implications when implementing these technologies.

Data retention rules

The proposed changes by the FTC also stress data retention and deletion rules. These provisions aim to ensure that companies do not store children's data indefinitely and instead remove it when it is no longer necessary.

This step would further enhance the children's privacy safety by mitigating the risk of data breaches and misuse of personal information. The FTC is committed to holding companies to account to ensure they adhere to these data retention rules.

Specifics of the Proposed Changes

Requirement for separate, verifiable parental consent for disclosing kids' information to third-party advertisers

Under the proposed rules, children's apps, games, and websites are required to obtain separate, verifiable parental consent to disclose any information about children under 13 to third-party advertisers. Such disclosure is allowed only if it's integral to the service provided by the app or game. The companies won't be allowed to deny access to their services solely because parents declined permission to disclose their children’s data. This constitutes an important protection against potential manipulation of parental consent.

Prohibition on using online contact information and cookies to send push notifications to children

The FTC intends to clamp down on persistent online tracking of children’s activities. To achieve this, they propose prohibiting operators from using online contact information and persistent identifiers, such as cookies, to send push notifications to children. This proposed regulation aims to limit companies' ability to prompt or encourage children to use their services excessively, thus protecting them against undue persuasion and potential cyber threats.

Codifying current guidance related to the use of Ed-Tech

Recognizing the increasing incorporation of Ed-Tech in children's education, the FTC wants to bring the current informal guidelines into formal law. The proposed rule suggests that schools and districts may permit Ed-Tech providers to collect, use, and disclose students' personal information only for school-authorized educational purposes. The rule would strictly prohibit them from using this data for any commercial purpose, establishing another layer of privacy protection for the kids' online experience.

Companies are only allowed to keep personal information for the purpose for which it was collected

Under the proposed rules, the FTC stipulates that companies can only keep personal information as long as necessary to fulfill the specific purpose for which the information was originally collected. The rule would disallow companies from retaining children's information indefinitely and using the information collected for a secondary purpose. Companies would also be required to establish written, public data retention policies, ensuring greater transparency and safeguarding the interests of children's data privacy.

Support for the Changes from Children’s Online Safety Advocates

Advocates applaud the FTC's plan, arguing it will limit data use involving children

Children's online safety advocates have welcomed the Federal Trade Commission's (FTC) proposed changes to the Children's Online Privacy Protection Act (COPPA). In accordance with its commitment to safeguard kids' online presence, the FTC has proposed limitations on how companies can use data involving children.

Given the increasing digital footprint of children, limiting data use is seen as a crucial step towards ensuring their online safety. Advocates believe these changes would significantly protect children's personal information from indiscriminate data harvesting practices.

Protection from potential exploitation by companies

The proposed changes are expected to provide children with robust defense mechanisms against potential exploitation by companies. As Katharina Kopp, director of policy at the nonprofit Center for Digital Democracy, observes, the FTC's plan will help prevent companies from exploiting the information of young internet users.

Considering the vast amount of personal data children can unwittingly generate, advocates believe this move will curb the misuse of such information by unscrupulous entities and create a safer digital environment for children.

Protection from being targeted through the increasing use of AI

Another significant aspect welcomed by advocates is the proposal to protect children from being targeted by the rising application of Artificial Intelligence (AI). AI's ability to predict and manipulate user behavior through data analysis has raised new concerns about children's vulnerability.

Through its changes, the FTC aims to prevent children from being at the receiving end of potentially harmful AI-driven strategies, such as differential pricing, personalized advertising, and nudging. This measure aligns with creating a digital environment that respects children's rights and inherently fosters their health and well-being.

Related Events and News

TikTok facing US lawsuits over child safety and security fears

Notable social media platform TikTok is also under scrutiny over child safety and security issues. The company faces multiple lawsuits in the US, further highlighting the urgent need for strengthened online laws and protections for children. The proposed changes to COPPA by the FTC are intended to curb such violations and ensure that companies follow best practices for children's data privacy.

Other news from the Associated Press about cybersecurity and privacy issues

The Associated Press continues to report on various cybersecurity and privacy issues, emphasizing the importance of online safety in our rapidly digitizing society. Recent topics include:

• The potential dangers of deepfakes.
• The evolution of ransomware attacks.
• The increasing need for strong cybersecurity protocols within organizations.

These developments underscore the significance of the FTC's efforts to bolster children's online privacy and throw light on how persistent the agency must be in enforcing and enhancing preventive measures.