FTC, CARU Take Aim at COPPA Violators

Date: Jun 18, 2001

The Federal Trade Commission (FTC) announced on April 19, 2001 settlements with the owners of three websites for violating the Children’s Online Privacy Protection Act (COPPA).  Monarch Services, Inc. and Girls Live, Inc. (www.girlslife.com), Bigmailbox.com, Inc. and Nolan Quan, (www.bigmailbox.com), and Looksmart, LTD. (www.insidetheweb.com) were charged with illegally collecting personally identifiable information (PII) from children under 13 without parental consent.  The owners agreed to fines totaling $100,000 and agreed to delete all child PII collected after the effective date of the rule (April 20, 2000).  The sites must also link to the FTC “Kidzprivacy” website.   The settlements represent the first civil fines under the COPPA rule and are subject to court approval. 

The girlslife.com website targets girls in the 9 to 14 age range and, in conjunction with Bigmailbox.com and Looksmart offered e-mail boxes to children.  The FTC charged the owners with collecting unnecessary information, falsely stating a child could not open an e-mail account without parental consent, and collecting PII for internal use. Further, Bigmailbox.com provided children’s PII to third parties without parental consent. 

COPPA applies to commercial website operators directed to children under 13 and to general interest sites that collect child PII.  Both notice to, and consent of, parents are required before the site may collect PII.  The FTC also has approved a self-regulatory “safe harbor” program.  The Children’s Advertising Review Unit (CARU) of the Council of Better business Bureaus was the first organization to receive FTC approval for a COPPA safe harbor program (see related story).  The FTC recently announced the approval of safe harbor programs by TRUSTe and by the Entertainment Software Rating Board (ESRB).  CARU has successfully worked with numerous sites to achieve COPPA compliance through its self-regulatory program.  It has focused particularly on COPPA compliance of teen and “tween” sites.  Neutral age screening and adoption of technical measures such as session cookies to limit a child’s ability to falsify their age and enter an inappropriate area of a web site after initially being blocked is a recommended approach.  Where sites refuse to comply, CARU may refer the matter to the FTC.

For more information about COPPA and other privacy or children’s issues, please contact Sheila A. Millar at (202) 434-4143 or via e-mail at millar@khlaw.com.