Site Targeting "Tweenagers" Misses the Mark: FTC Announces Settlement of Alleged COPPA Violations

Posted on November 11, 2011 by Brendon Tavelli

The Federal Trade Commission recently announced its settlement with the operator of www.skidekids.com concerning allegations that the operator violated the Children’s Online Privacy Protection Act Rule (“COPPA Rule”) by collecting personal information about children without obtaining parental consent. Skid-e-kids, a social networking site directed at children ages 7-14, allows children to do many of the things (e.g., share pictures and video) that adults do on Facebook and other popular social networking sites. In fact, according to the FTC, Skid-e-kids advertises itself as the “Facebook and Myspace for kids.”

To get online at www.skidekids.com, users must provide personal information such as their name, email address, date of birth and city. The site’s published privacy policy purported to require that child users provide a parent’s valid email address in order to activate their account and to facilitate communications between Skid-e-kids and parents concerning the site and their child’s account. But according to the FTC the site operator never collected any parent’s email address and failed to obtain verifiable parental consent to collect personal information from children under 13. In doing so, the FTC said, the site operator violated both the FTC Act (by misrepresenting its privacy practices in the privacy policy) and the COPPA Rule (by improperly collecting children’s personal information).

For Skid-e-kids, the FTC’s settlement means taking remedial measures such as destroying all of the information collected from children in violation of the COPPA Rule, providing links to online educational material, and retaining an online privacy professional or joining an approved COPPA safe harbor program to oversee applicable COPPA-covered websites; an injunction against future violations of COPPA and misrepresentations about the collection of children’s information; and a $100,000 civil penalty (all but $1,000 of which may be suspended if the operator demonstrates an inability to pay).

For the rest of us, the settlement is a good reminder that the FTC is staunchly committed to protecting children’s privacy. So when it comes to collecting personal information from children online, it’s important to do it right . . . or not at all.
Tags: , , , , ,

Everybody Likes Free Stuff: Draft Privacy Legislation Seeks To Enhance Consumer Protections Without Disrupting Ad-Supported Internet Business Model

Posted on May 18, 2010 by Brendon Tavelli

A draft Congressional bill released Tuesday, May 3 aims enhance consumer privacy protections both online and offline and establish a national framework for the collection, use and security of consumer information, superseding state law requirements regarding the collection, use and disclosure of the information it covers.  The draft legislation, sponsored by Congressmen Rick Boucher (D, Va.) and Cliff Stearns (R, Fla.), recognizes the importance of online advertising in supporting free online content and services and attempts to extend privacy protections without disruption of this business model.  The bill's sponsors have requested comments on the draft by June 4th, and stakeholder meetings may also be scheduled to discuss the draft and receive comments.

Click here to learn more about the draft legislation, and stay tuned for updates as the comment period proceeds.

Tags: , , , , , , ,

No Privacy Cause of Action for Od(e)ious Myspace.com Posting

Posted on April 6, 2009 by Proskauer Rose LLP

According to a new, partially-published California Court of Appeal decision, there is no cause of action for invasion of privacy under the California Constitution where a plaintiff’s myspace.com posting is republished in a newspaper.   In Moreno et al. v. Hanford Sentinel, Inc., et al., F054138, slip op. (Cal. Ct. App. April 2, 2009), plaintiff Cynthia Moreno published on her myspace.com page “An ode to Coalinga,” in which she excoriated her hometown. She removed the Ode six days after she published it.

Before Ms. Moreno removed the Ode, the principal of Coalinga High passed the Ode on to the Editor of the Coalinga Record, which published the Ode, with Ms. Moreno’s first and last names, as a letter to the editor. The community reacted strongly (sometimes violently) and the Moreno family was forced to move from Coalinga. The Moreno family alleged that it suffered significant damages as a result.

The court held that Ms. Moreno’s publication of the Ode on myspace.com meant that the Ode was not private, and that Ms. Moreno’s expectation of a more limited myspace.com audience was of no consequence.  Further, the fact that she removed the Ode prior to publication in the Coalinga Record did not render the Ode private; “[t]he publication was not so obscure or transient that it was not accessed by others.”  Slip op. at 6.  Finally, the Court held that the Moreno family did not have standing to sue based on alleged invasion of Ms. Moreno’s privacy; “the right of privacy is purely personal.” Id.

It is not clear from the Court's opinion whether Ms. Moreno had protected her myspace.com page with some kind of privacy settings.  The outcome might have been different had Ms. Moreno explicitly alleged that she did so.  Because the court ruled at the demurrer stage, there was no evidence regarding that issue.

Tags: , , ,

Forum Selection Clause in Website Terms of Use Binding Upon Telephone Purchaser

Posted on November 1, 2007 by Brendon Tavelli

According to a recent federal court ruling, a telephone customer is bound by the terms of an online business’s privacy policy and terms of use to which the salesperson referred during the call. In Greer v. 1-800-Flowers.com, Inc., No. H-07-2543 (S.D. Tex. Oct. 3, 2007), the U.S. District Court for the Southern District of Texas enforced a forum selection clause contained in the website’s terms of use against a consumer who ordered flowers for his girlfriend on the telephone. Before placing his order, the plaintiff inquired as to the company’s privacy practices and a 1-800-Flowers.com representative referred him to the company’s online privacy policy. Plaintiff claimed he relied on this policy when he completed his order. The privacy policy clearly stated that it was part of the website’s terms of use, which the plaintiff did not read and which included a forum selection clause.

Plaintiff sued 1-800-Flowers.com after the company mailed a thank you message to plaintiff’s home address that prompted his wife to ask the company for proof of purchase. Plaintiff alleged that the company then sent his wife a copy of the receipt for the flowers he purchased, the message enclosed with the flowers and his girlfriend’s identifying information. Plaintiff claimed that these disclosures to his wife violated the company’s privacy policy and that the company’s breach of its own privacy policy violated the Texas Deceptive Trade Practices Act. Plaintiff further argued that the Defendants’ improper disclosures caused him damages in connection with his divorce.

Defendants moved to dismiss the plaintiff’s breach of contract action on the basis of the forum selection clause in the website’s terms of use. The district court determined that the clause, which stipulated a New York venue for disputes concerning the website, was both valid and enforceable.  In doing so, the court rejected plaintiff’s argument that the website’s forum selection clause did not apply to his telephone transaction. Judge Nancy F. Atlas first concluded, based on the language of 1-800-Flowers.com’s online policies, that “[i]t is clear and unambiguous that the Privacy Policy on which Plaintiff bases his lawsuit is part of the Terms of Use containing the forum selection clause.” She then explained that the Terms of Use applied to plaintiff’s telephone order because he was referred to the online privacy policy before completing his transaction and, as stated in the Terms of Use, by accessing the website he agreed to be bound by all relevant terms and conditions. Another Texas decision has suggested that when a consumer who completes a transaction over the phone is not explicitly referred to the website’s privacy policy or terms of use, these terms will not apply to that transaction. Hotels.com, L.P. v. Canales, No. 04-05-00315-CV (Tex. App. Feb. 1, 2006). 

Judge Atlas also rejected plaintiff’s alternative arguments that, even if the clause did apply, it should not be enforced because (1) he did not have notice of the provision and (2) it did not figure prominently in the parties’ agreement. According to Judge Atlas, plaintiff received notice that the privacy policy was part of a broader Terms of Use Agreement, which was readily accessible and clearly stated that any claim relating to the 1-800-Flowers.com website was subject to a forum selection clause. The fact that plaintiff chose not to read the Terms of Use was not grounds for finding them unenforceable.
Tags: , , , , ,