|Donald S. Clark, Secretary
Federal Trade Commission
600 Pennsylvania Ave., NW
Washington, DC 20580
June 11, 1999
CHILDRENS ONLINE PRIVACY PROTECTION RULEComment, P994505
I am writing to comment on the proposed Childrens Online Privacy Protection Act. As a private citizen and the mother of a four-year old child in a computer savvy household, I enjoy the current benefits provided to us on the Internet and look forward to the future. My son is already using Internet websites in conjunction with television programs such as those associated with Disney or Nickelodeon and occasionally with specific toys or brands such as Legos.
While I will investigate available childrens software filters as my child gets older, in general I feel strongly that learning to use the Internet is an important area of parental participation and that the greatest burden is on the parent to guide his or her children in proper usage and navigation. In much the same way that I teach my son traffic rules, not to talk to strangers, not to give out personal information, and not to open the door to people he doesnt know, I will be teaching him the ground rules for Internet use. This will include what kind of information he may reveal about himself, his address, his school and home, family, and finances and how he should handle friendships online and whether he will ever meet them, etc.
Before specifically addressing some of the Rules sections, I would like to offer some suggestions about ways in which businesses can get parental consent. I see a difference between a web site getting information for its own site and it selling it to third parties for other uses. I want giving consent to be as fast and easy as possible because my child and I both enjoy spontaneous Internet interaction. Additionally, I dont want burdensome regulations to discourage businesses from catering to children. I do not favor having to send in a consent form by mail. This would be a great inconvenience for us as we do most of our tasks (bill paying, correspondence, etc.) by computer. I would not mind calling a toll-free number, but realize that this would be a great expense to some companies and I dont want to discourage useful, educational websites which might not be able to afford the cost involved. I do look forward to a day when technology can provide a reliable "digital signature." Until then, I think that regular e-mail should be acceptable.
As a parent, I would appreciate being able to give my initial permission to a kid-friendly search engine. This search engine could allow my child to give information to any of the participants in its searches if they comply with FTC stated or endorsed guidelines. This would provide me with a good comfort level in letting my child stay in that particular search engine (and links it generates within a closed environment) and perhaps I would use it as a homepage. Even now when my child watches television there are certain channels, PBS or Nickelodeon for instance that I have confidence in concerning their programming and others which I do not. If a search engine earns my trust then I will extend that trust to the businesses or sites which have agreed to operate by its privacy principles.
The FTC should distinguish between different types of information collection and make different requirements based on the risk they present. For example, if a child wants to interact with a site in a manner that would benefit him or his family or foster communication among the child and his family, this should invoke a lower burden on the website operator. A creative child may want to create something through a website and send it to a family member, or a child may want to identify products he hopes a family member will purchase for him. If the web site collects a minimal amount of personal information from a child for these types of activities and does not share the information with anyone other than those a child may specify, then I would say this should require minimal government regulation.
In general, unless a site is looking for more personal information than the childs e-mail address, parental notice in most cases should be sufficient as opposed to advance verifiable parental consent.
Concerning Notice in Section 312.3(b) I will note that I particularly like the manner in which Yahooligans.com places its notice of privacy and would like to see more sites following its example. I also appreciate the intent of Section 312.4(b)(2)(iv) which requires an operator to state whether the third parties to whom it discloses personal information have agreed to maintain the confidentiality, etc. of that information. I would be very interested in reading detailed information about the third parties information practices.
Personal Information Definition
I would like to add to one definition listed in Section 312.2 regarding personal information. For personal safety reasons, I would add to the identifiable information list the name of the childs school. This has the potential to be very sensitive information and should not be collected without a parents consent.
I applaud the governments efforts to make the Internet a safe, friendly environment for children, but hope that in our attempts to make it safe, we dont discourage creative, personalized, entrepreneurial efforts with excessive costly regulation. You should take some comfort in knowing that many of us will be holding our childrens hands as they cross the Information Super Highway.
Alison J. Richards