LITTLE ROCK — Online companies can’t collect photos, videos or location data from children without a parent’s permission, under expanded privacy rules adopted Wednesday by the U.S. Federal Trade Commission.
The new regulations, the result of a 2-year review process, revise the FTC’s standards for enforcing a 1998 child-privacy law and create new boundaries for the activities of websites operated by companies such as Walt Disney Co. and Facebook Inc. that interact with children under 13.
“The commission takes seriously its mandate to protect children’s online privacy in this ever-changing technological landscape,” FTC Chairman Jon Leibowitz said in a news release. The changes “strike the right balance between protecting innovation that will provide rich and engaging content for children, and ensuring that parents are informed and involved in their children’s online activities.”
The 1998 Children’s Online Privacy Protection Act requires operators of websites directed at children younger than 13 to give notice to parents and obtain their consent before collecting, using or disclosingchildren’s personal information. Changing technologies, such as the use of mobile devices and social networking, prompted the revisions, the FTC said.
“The new rules should help ensure that companies targeting children throughout the rapidly expanding digital media landscape will be required to engage in fair marketing and data collection practices,” Kathryn Montgomery, a communication professor at American University, said in an e-mail. The FTC will have to monitor companies and take action against violators for the rules to be effective, she said.
The new rules require parental consent for collecting Internet Protocol addresses and mobile-device IDs that recognize users over time and across multiple websites. They also prevent applications directed at children from allowing outside services, such as advertising networks, to gather information without parental notice and consent, the FTC said.
The new rules don’t extend to sites such as Apple Inc.’s Apple App Store and Google Inc.’s Google Play, which offer access to children’s apps.
The rules are written in a way that could expand child-privacy obligations to websites aimed at general audiences of all ages and may “confuse website owners as to whether these new rules apply to them,” the Washington-based Center for Democracy & Technology said in a statement e-mailed by spokesman Brock Meeks.
Uncertainty could prompt more websites to demand a user’s age, a practice that “runs counter to the First Amendment right to access information anonymously and increases the collection of potentially sensitive information generally,” according the group, which received funding last year from technology companies including Facebook and Google.
Zenia Mucha, a Disney spokesman, didn’t immediately respond to a phone call and e-mail requesting comment. Andrew Noyes, a Facebook spokesman, had no immediate comment.
Sen. Jay Rockefeller, DW.Va., and chairman of the Senate Commerce Committee, said in an e-mailed statement that the FTC action reflects “common-sense updates” to the child-privacy rules “that better reflect the realities of the current online world.”
The new rules take effect July 1.
Business, Pages 25 on 12/20/2012