WASHINGTON - The Federal Trade Commission is celebrating the first anniversary of the Children's Online Privacy Protection Act by settling charges against several Web site operators accused of violating the law. The FTC also announced Thursday that it has approved a second safe-harbor program to help businesses self-regulate their compliance with the law.
"We're encouraged by the progress industry has made in the past year in complying with COPPA," Jodie Bernstein, director of the FTC's consumer protection bureau, said in a statement. "As the cases announced [Thursday] demonstrate, we intend to take enforcement action against those who don't."
COPPA was passed by Congress in 1998 to shield the privacy of Web surfers ages 13 and younger. The act took effect on April 21 of last year. Among the law's provisions are requirements that commercial Web sites and online services directed at children obtain verifiable parental consent before collecting data and give parents access to the data and the right to amend or delete it. The FTC has sent warning notices to scores of Web sites and has held workshops on how to comply with the law.
The Web site operators with which the FTC settled are Monarch Services, Girls’ Life, BigMailBox.com, and LookSmart. According to the commission, the sites collected children's data online without parental consent and without posting privacy policies that met COPPA's standards. Under the terms of the settlement, the companies are required to delete all personal data collected from children during the past year, revise their privacy policies and install links on their Web sites to an informational page on the FTC's Web site. BigMailBox and LookSmart each would pay $35,000 in civil penalties and Girls’ Life would pay a $30,000 civil penalty, according to the commission.
"We felt the FTC pressed an interpretation of COPPA and its COPPA rule that goes beyond the text of the rule or anything the FTC has said publicly about the rule," said Reed Freeman, an attorney representing BigMailBox. "The company decided to settle to avoid the distraction and overwhelming expense of litigating against the federal government." Freeman's comment was echoed by a Girls' Life executive.
"The settlement agreement and order agreed to by Girls' Life, and the FTC clearly states that Girls' Life does not admit to any liability or wrongdoing," says Girls' Life Publisher Karen Bokram. "The fines paid were for settlement purposes only, and only to avoid costly and threatened litigation by the FTC. At no time did Girls' Life retain any personally identifying information obtained from children online."
LookSmart general counsel Martin Roberts says, "I think the FTC has taken a very aggressive position in enforcing the statute." He added that LookSmart has discontinued the message board service that was at issue in the FTC’s complaint.
The FTC also announced Thursday its approval of a safe-harbor program conducted by the Entertainment Software Rating Board. Companies that adhere to the board's guidelines will be deemed in compliance with COPPA. The commission previously has approved a safe-harbor program run by the Children's Advertising Review Unit of the Council of Better Business Bureaus.
Separately, the Center for Media Education released a study of 153 Web sites finding that, while many of them appear to be trying to comply with COPPA, a majority of sites are still falling short. According to the center, the majority of Web sites surveyed don't obtain parental consent as required under the law, nor do they have the required "clear and prominent" link to their privacy policies.
Nevertheless, the study was hailed as evidence that Web sites geared toward children are at least mindful of the new law, which critics have assailed as too onerous.
"We are fairly encouraged by the progress we see," says Center for Media Education President Kathryn Montgomery, citing a significant decline in the amount and type of data collected from children.
The first company charged with violating COPPA was Toysmart, a now-defunct Internet retailer that attempted to sell its customer lists during
