COPPA

5 websites accused of violating kids' privacy

Shares

At least 18 different privacy and children’s advocacy organizations are filing a joint complaint to the Federal Trade Commission (FTC) petitioning it to investigate five major companies for violating the Children’s Online Privacy Protection Act (COPPA) through their “refer-a-friend” websites.

The five companies in question are McDonald’s, General Mills, Doctors Associates Inc. (owners of the Subway food chain), Viacom (owners of Nickelodeon), and Turner Broadcasting Systems (owners of Cartoon Network).

The organizations, led by the Center for Digital Democracy (CDD), allege that the aforementioned companies all have marketing websites that invite children to play a game—or in the case of McDonald’s, make a video—and then share it with a friend by inputting that child’s name and email address.

COPPA, enacted in 1998, dictates that no company can collect the personal information of a child under the age of 13 via a website or online service directed to children without notifying the parents.

“The companies identified in these complaints are clearly trying to circumvent privacy safeguards for children,” said American University communication professor Kathryn C. Montgomery in a CDD press release. Montgomery was an advocate for COPPA in the late ’90s.

“They are also enlisting kids and their friends in deceptive marketing schemes disguised as play—in some cases for junk foods and other unhealthy products—completely under the radar of parents.”

One such site is ReesesPuffs.com, operated by General Mills to promote its Reese’s Puffs cereal. The site lets visitors play around with a “DJ tool.” At the bottom-right corner of the page, there is a “tell a friend” link. ReesesPuffs.com also contains a disclosure that reads “Hey kids, this is advertising.”

The coalition of advocacy groups is also calling for the FTC to make additional changes to COPPA that would protect children against other practices, such as “the collection and storage of photos online from children, as well as the placement of cookies used for such types of behavioral advertising.”

It’s important to note that COPPA does let companies collect information without the consent of a parent in certain situations. One such exception is that they only do so only once and if they never contact the child again. At least two companies—General Mills and Viacom—are citing this as a defense for their actions.

The others have chosen not to comment.

Screengrab via ReesesPuffs.com