* Earlier rules developed in pre-smartphone era
* Photos, videos, audio files, IP addresses now covered
* Key senator: Children's privacy a "top line issue"
By Diane Bartz
WASHINGTON, Dec 19 The U.S. government announced
tighter rules on Wednesday to protect children's online privacy
by restricting the collection of data, like the child's
location, unless parents consent.
The actions by the Federal Trade Commission mark an update
to rules that were based on the 1998 Children's Online Privacy
Protection Act, developed when most computers were big beige
boxes sitting under office desks instead of smartphones in
backpacks, and online social media was unheard of.
"The Commission takes seriously its mandate to protect
children's online privacy in this ever-changing technological
landscape," FTC Chairman Jon Leibowitz said in a statement.
Under the updated rule, IP addresses, which are unique to
each computer, will be added to the list of personal information
that cannot be collected from children without parental consent
if the data will be used for behavioral advertising or tracking.
Location, photos, videos and audio files were also added to
Leibowitz said the commission struck "the right balance
between protecting innovation that will provide rich and
engaging content for children, and ensuring that parents are
informed and involved in their children's online activities."
But Senator John Rockefeller, a West Virginia Democrat and
chair of the Senate Commerce, Science and Technology Committee,
which oversees the FTC, said he had wanted legislation that went
"There are groups that will complain about it (COPPA being
too weak), and so will I, but we can't do anything more about it
right now," he said. "Children's privacy as far as I am
concerned is an absolutely top line issue."
Privacy advocates and advertising companies had been
watching closely to see if the agency would go through with a
pledge made in August to add IP addresses to the restrictions.
Advertisers had argued against the move since several people
in a family - adults and children - could use the same computer.
Privacy advocates said it was needed to protect children.
Also under the updated rule, plug-ins and other third
parties connected to children's websites and apps cannot allow
third parties to collect information on children without
Big companies would be able to deal with the changes but the
tighter regulators could be onerous for smaller firms, said John
Feldman of the law firm Reed Smith LLP.
"I represent companies who are trying to sell products and
services," he said. "The bigger companies feel like they can
deal with it. There are significant costs that will be
associated with this."
Privacy advocate Kathryn Montgomery, who teaches at American
University, said the update was needed, given the growth of
social networks and mobile computing. She urged the FTC to be
tough about enforcing the rules.
"The new rules should help ensure that companies targeting
children throughout the rapidly expanding digital media
landscape will be required to engage in fair marketing and data
collection practices," she said.
The proposal also specifies that family websites, which are
websites aimed at children and adults, would be allowed to
screen users to determine their ages and only provide
protection to children under age 13.
Currently, all visitors to the websites must be treated as
if they are under age 13.
The FTC's rule implementing COPPA became effective in 2000.
The updated rule takes effect on July 1. It was approved by
a vote of three to one with one commissioner abstaining.