Posted on January 15, 2008 by Timothy P. Tobin

State Attorneys General Announce Agreement with MySpace to Protect Children Online

Yesterday, attorneys general from 49 states (all but California’s) and the District of Columbia announced a sweeping agreement with MySpace under which the company will adopt new measures to protect children online. This announcement culminates many months of negotiations between a task force of the attorneys generals led by Richard Blumenthal, the Connecticut Attorney General and Roy Cooper, the North Carolina Attorney General and is reflective of the intense pressure on web 2.0 sites to protect children online. We previously posted about that pressure, reporting on state attorneys general investigations of MySpace and Facebook here and the subsequent New York attorney general settlement with Facebook here. The new agreement with MySpace is available as an attachment to the press release on the North Carolina Attorney General’s website. 

The agreement is notable for its breadth. It goes well beyond the scope of the federal Children’s Online Privacy Protection Act (“COPPA”), which applies to the collection of personal information online from children 12 and under. The agreement includes some protections designed to protect teenagers under 18 with stronger protections for those under 16. Under the agreement, MySpace will take some readily achievable operational steps and work towards certain longer term goals such as developing new procedures and tools to protect children.

The more immediate steps include the following:

  • continuing to dedicate resources to educate parents and educators on child safety online;
  • using “best efforts” to acknowledge consumer complaints within 24 hours of receipt with a follow-up of the steps taken within 72 hours;
  • retaining an “Independent Examiner” to evaluate and examine handling of complaints;
  • continuing to cooperate with law enforcement on complaints, which includes continuing the law enforcement hotline number and creating a law enforcement liaison;
  • implementing a series of operational changes including:
    • “age locking” to reduce the number of times a user can change their age above or below the 18 year old threshold;
    • age restrictions on certain website functions that make it harder for adults to contact children such as limiting the ability of users over 18 to search in school sections; limiting the ability of users under 18 to designate themselves as swingers; limiting being able to browse certain categories such as “body type”, “smoke” and “drink”; limiting group invites; and automatically designating profiles as private for those under 16;
    • an image monitoring policy with technology to hash inappropriate images;
    • limitations on tobacco and alcohol advertisements to those under 18 and 21 respectively;
    • expanded age specific classifications for events;
    • expanded reporting functionality for violations including a drop down for categories such as pornography, cyberbullying and unauthorized use;
    • enhancing safety tools for members such as the ability to set profiles to private, the ability to block others and requiring those under 18 to affirmatively consent to having reviewed posted safety tips before registration; and
    • enhanced tools for parents such as the ability to remove a child’s profile.

MySpace also has agreed to engage in the following longer term efforts:  

  • organizing an industry-wide Internet Safety Technical Task Force to develop online safety tools – specifically, improved online identity authentication tools – with quarterly reports to the attorney generals’ task force;
  • designating a senior executive to work with the task force;
  • holding regular meetings with the attorney generals to discuss website design and functionality improvement to protect children;
  • hiring a third party to build and host a database of email addresses for parents to register users under 18 (to prevent child registration at social networking sites);
  • blocking access by those under 18 to profiles related to the entertainment industry;
  • increasing staff for monitoring and increasing the use of textual searching and other technologies for monitoring.
The agreement is set forth as a statement of principles and the parties have agreed to attempt to achieve the foregoing objectives, among others. According to reports, the attorney generals and MySpace continue to differ on the feasibility of new age authentication and verification technologies. The attorneys general have not ruled out legal action in the future if sufficient progress is not achieved.
Tags: , , , , , , , , , , , , , , , ,
Posted on October 17, 2007 by Timothy P. Tobin

New York Attorney General Settlement with Facebook Creates New Model to Protect Children Online

In follow-up to our earlier blog post regarding recent pressure on social networking sites from law enforcement, New York Attorney General Andrew Cuomo announced yesterday that his office had entered into a settlement with Facebook. The settlement resolves the Attorney General’s investigation of Facebook’s failure to fulfill public claims it made about protecting minors, which the Attorney General believed were deceptive acts and practices and false advertising in violation of New York consumer protection laws. Facebook did not admit to any wrongdoing.  

The settlement is particularly noteworthy for its resulting “new model” to protect children. As set forth in the settlement agreement and settlement terms, Facebook will:

  • Disclose the newly implemented safety procedures on its website as specified by the agreement and ensure that all other public statements made by Facebook about safety are consistent with the specified language.
  • Accept complaints about nudity or pornography, harassment or unwelcome contact confidentially via hyperlinks placed throughout Facebook’s website as well as via an independent email to abuse@facebook.com.
  • Respond to and begin addressing complaints about nudity or pornography, harassment or unwelcome contact within 24 hours.
  • Report to the complainant the steps it has taken to address the complaint within 72 hours where the complaint has been submitted via an independent email to abuse@facebook.com.
  • Allow Facebook’s complaint review process to be examined by an Independent Safety and Security Examiner (ISSE), a third party approved by the New York State Attorney General’s Office, to report on Facebook’s compliance with the agreement.
  • Provide a prominent and easily accessible hyperlink to allow a Facebook user or their parent/guardian to give feedback to the Independent Safety and Security Examiner (ISSE) about Facebook’s performance in responding to complaints. 
  • Submit to the Office reports prepared by the Independent Safety and Security Examiner (ISSE) evaluating Facebook’s performance in responding to complaints. The Examiner will report bi-annually and may recommend additional safety measures concerning complaint handling, as appropriate.

Both Attorney General Cuomo and Facebook are touting the agreement as setting new industry standards to protect children. Notably, Connecticut Attorney General Richard Blumenthal, co-chair of the national social networking task force of all 50 state Attorneys General, issued a press release stating the settlement terms were not strong enough. He is urging social networking sites to increase the use of filtering technology and monitors to screen content, identity and age verification for anyone 18 and older, parental consent for anyone under 18, the hiding of children’s profiles from adults, certain restrictions on advertising to children, and other measures. In light of the settlement, the likely continued interest by law enforcement, and the potential dangers to children, social networking sites should consider assessing their security practices and policies.           
Tags: , , , , , , , , , , , , ,
Posted on October 17, 2007 by Timothy P. Tobin

Social Networking Sites Feel The Heat From Law Enforcement

Kids like social networking sites, most notably MySpace and Facebook. So it is not surpising that law enforcement is scrutinizing how the sites protect children. Recent subpoenas issued to Facebook by New York Attorney General Andrew Cuomo and New Jersey Attorney General Anne Milgram are illustrative.

Both subpoenas sought information about Facebook’s Internet safety and security policies. The New York subpoena, issued last month, also sought information concerning Facebook’s complaint resolution procedures. In its subpoena cover letter to Facebook, Attorney General Cuomo noted Facebook’s public representations concerning how it responds to reports of pornographic material and inappropriate contact with minors.  It also described its undercover investigation of Facebook. According to the letter, the investigation revealed pornographic and other inappropriate content readily available on the site. In addition, after investigators set up profiles as young teenage users, they received inappropriate sexual advances. The investigators filed complaints about these issues through Facebooks’ complaint procedures. The letter notes various instances of non-responsiveness or delayed response to such complaints. The New Jersey subpoena issued earlier this month, described here, sought information from Facebook concerning convicted New Jersey sex offenders that Facebook has identified as site users.  Facebook previously informed the New Jersey Attorney General it had removed sex offenders with profiles matching individuals listed on the New Jersey sex offender registry. Attorney General Milgram also sent letters to eleven other social networking sites requesting they compare their registrants against the state’s sex offender list.     

These actions from New York and New Jersey are the latest steps by attorneys general from all 50 states to pressure social networking sites to enhance security protocols, specifically parental controls and age verification tools because of the vulnerability of children to online predators and inappropriate content. In particular, since early last year, Richard Blumenthal, the Connecticut Attorney General and Roy Cooper, the North Carolina Attorney General, have led a task force of the attorneys general calling on social networking sites to increase protections for children. Some of the steps the task force has urged of social networking sites have included enhanced age verification tools, restrictions on the ability of children increased parental consent to allow children to make profiles available to others in the absence of parental consent, increased staff and technology dedicated to screening inappropriate content, giving parents software to block the site, and raising the minimum age of participation to 16.       

This Spring, MySpace was in the news after receiving a letter from eight attorneys general demanding information concerning registered sex offenders on its site. After initially asserting it was unable to legally comply, MySpace struck an agreement with the attorneys general about the form of the requests. MySpace later announced it had removed more than 29,000 profiles of sex offenders from its site.

North Carolina and Connecticut are among states that introduced legislation requiring age verification measures on websites. Those bills have not passed but are expected to be introduced in future legislative sessions.

Businesses developing social networking sites that may attract children should not only comply with the Children’s Online Privacy Protection Act (“COPPA”) and its regulations concerning parental consent when collecting personal information of children, but should also be aware of increased state activity that may require enhanced practices. Companies should consider scrubbing user profiles against sex offender registries and utilizing enhanced tools for age verification. Finally, companies should be sure they are not making any security representations they are not abiding by or with which they cannot comply.  
Tags: , , , , , , , , , , ,