Thursday, December 20, 2012

New FTC rules on children's privacy probably don't present a downstream liability hazard, but will be expensive for some small app developers


The new rules from the Federal Trade Commission regarding how COPPA (The Children’s Online Privacy Protection Act of 1998) is interpreted when applied to third-party situations, probably do not represent a significant danger of third party downstream liability to social media sites, blogging plaftorms and shared hosting providers.

I wrote about the rules Wednesday (December 19) on my COPA blog (motivated by the now unconstitutional Child Online Protection Act).  There was a concern that when a site like Facebook allows its hooks to be embedded in other sites that collect information about minors, the third party site (Facebook) could be held partially liable if the other site collected information without parents’ permission.  That information could include geolocation (as from a cell phone or digital image) or even IP address parameters widely available on server logs and used to track Web reporting statistics.  The FTC has decided, according to the most recent accounts, that a company like Facebook is liable only when it knows that a partner site is acting inappropriately.  This sounds like a “don’t ask. don’t tell” policy that might become unstable.  Or call it “Hear no evil, see no evil.”

Websites accepting programmed advertising might also have become liable if the FTC didn’t insist on “actual knowledge”.  So the FTC seems to have respected the basic advertising business model for the user-generated content on the web, for now.

The FTC rules mentioned a “safe harbor” provision, echoing the concept from the DMCA. It’s not clear yet how it would work.

The COPPA debate (as did COPA a few years back) shows that you can only go “so far” to protect children, without vigorous parental engagement.  A similar paradigm problem exists in other areas, like gun control (first posting Tuesday December 18).  The whole issue can dhow a wedge between people who have and who do not have children.

The Los Angeles Times offers this video: 

It mentions the legal expenses faced by apps developers developing products for minors, especially those with special needs. The FTC even admits that each educational app developer would have to spend about $9500 to comply with the law. There is a need to use analytics to figure out how minors interact with the apps, and using statistics-gathering may have trouble not skirting the law. Allen Simpson, vice president of policy at Common Sense Media, (link ) speaks.  

No comments: