Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Sunday July 21 2019, @05:07PM   Printer-friendly
from the not-that-COPPA-cobana dept.

Submitted via IRC for SoyCow1984

The U.S. Federal Trade Commission is considering an update to the laws governing children's privacy online, known as the COPPA Rule (or, the Children's Online Privacy Protection Act). The rule first went into effect in 2000 and was amended in 2013 to address changes in how children use mobile devices and social networking sites. Now the FTC believes it may be due for more revisions. The organization is seeking input and comments on possible updates, some of which are specifically focused on how to address sites that aren't necessarily aimed at children, but have large numbers of child users.

In other words, sites like YouTube.

The FTC's announcement comes only weeks after U.S. consumer advocacy groups and Senator Ed Markey (D-Mass.) sent complaint letters to the FTC, urging the regulators to investigate YouTube for potential COPPA violations.

The advocacy groups allege that YouTube is hiding behind its terms of service, which claim YouTube is "not intended for children under 13" — a statement that's clearly no longer true. Today, the platform is filled with videos designed for viewing by kids.

[...] "In light of rapid technological changes that impact the online children's marketplace, we must ensure COPPA remains effective," said FTC Chairman Joe Simons, in a published statement. "We're committed to strong COPPA enforcement, as well as industry outreach and a COPPA business hotline to foster a high level of COPPA compliance. But we also need to regularly revisit and, if warranted, update the Rule," he added.

[...] The FTC says it will hold a public workshop on October 7, 2019 to examine the COPPA Rule.

Source: https://techcrunch.com/2019/07/18/the-ftc-looks-to-change-childrens-privacy-law-following-complaints-about-youtube/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Runaway1956 on Monday July 22 2019, @01:55PM (3 children)

    by Runaway1956 (2926) Subscriber Badge on Monday July 22 2019, @01:55PM (#869943) Journal

    Nope - no direct business relationship with any of those. Legitimate interests? Let them request, then PAY ME for the data they need. Fraud risk assessment? Phht. Shipper waits for the payment to clear, then ships. Short answer, far too many people are involved in shipping an item that I order online. I have a direct business arrangement with PayPal. PayPal needs at least some of the data they have collected on me. The only data they need share with a shipper, is the mailing address.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by Pino P on Tuesday July 23 2019, @01:13PM (2 children)

    by Pino P (4721) on Tuesday July 23 2019, @01:13PM (#870307) Journal

    Legitimate interests? Let them request, then PAY ME for the data they need.

    Then the seller has your mailing address but cannot share your mailing address with the courier to ship the goods to you because you have no "direct business relationship" with the courier. How is it practical to require every seller to pay every buyer in order to share the mailing address with the courier? Or would it be a better idea to instead require each buyer to register yet another email and password with UPS, FedEx, USPS, and whatever other couriers that websites use, so that the buyer has a "direct business relationship" with the courier as well?

    Fraud risk assessment? Phht. Shipper waits for the payment to clear, then ships.

    Enjoy waiting six months for anything to ship because six months is how long it takes for an electronic payment to truly clear. I worked for an online toy store for several years, and sometimes we'd get international orders, ship out product, and not learn that the card was stolen until a month or two later when the rightful owner of that card issued a chargeback. Is next-day handling time instead of 180-day handling time enough of a "payment" for the use of this data? Or what other method would you recommend to avoid shipping goods to a fraudulent user of payment credentials?

    I have a direct business arrangement with PayPal.

    Which works fine as long as the seller takes PayPal. PayPal forbids use by sellers of some product categories. Martin Korth of Nocash Funware, for example, lost the ability to accept PayPal payments over selling certain kinds of software debugging tools.

    The only data they need share with a shipper, is the mailing address.

    Under the strict "direct business relationship" paradigm that you describe, the seller would not be permitted to share even that without paying you. This is why, say, Europe's GDPR has a "legitimate interest" exception.

    • (Score: 2) by Runaway1956 on Tuesday July 23 2019, @02:04PM (1 child)

      by Runaway1956 (2926) Subscriber Badge on Tuesday July 23 2019, @02:04PM (#870323) Journal

      Oh, come on - I, the shipper, put an address label on a package, and drop it in the mail, or call UPS, or Fedex. I, the shipper, have a contract to send this item across the county, the state, or the nation. I "share" the absolute minimum information for the subcontractor to deliver the item. I don't share financial status, marital status, age, gender, race or ethnicity, medical problems, or any other data I may have accumulated in regards to the recipient. The customer actually expects me to share that bare minimum of data - that is, the delivery address - and nothing more than that bare minimum. What's more, if the customer is smart, he expects me to delete any extraneous data regarding him, which is not required by law to be saved for some period of time.

      Six months wait on financial transactions? Uhhhh - you write off those losses, just like brick-and-mortar stores wrote off shoplifting etc all those years ago. Six months is ridiculous. The economy will find a way to work around those petty theft losses.

      OK, you don't take PayPal. Someone who offers the items I want to purchase will take PayPal. You may choose to use some other form of payment, and I may choose to shop elsewhere. I see no problem here. If, next year, I decide to drop PayPal, and use some other form of online payment, then I will shop at sites online that take that other form of payment. Again, I see no problem here. SOMEONE is catering to all of the people using whichever form of payment you prefer to use. That seems to be one of the basic tenets of a free market. We're not all required to use the same means of money transfer, are we?

      • (Score: 2) by Pino P on Saturday August 03 2019, @03:13AM

        by Pino P (4721) on Saturday August 03 2019, @03:13AM (#874962) Journal

        I "share" the absolute minimum information for the subcontractor to deliver the item. I don't share financial status, marital status, age, gender, race or ethnicity

        As a seller, you share the buyer's given and family name with the courier. These are correlated with gender, birth year (via Social Security naming trends data), and "race or ethnicity." You also share financial status based on the assessed value of the property to which the parcel will be delivered.

        Besides, earlier, from the perspective of a buyer, you wrote: "Legitimate interests? Let them request, then PAY ME for the data they need." Now from the perspective of a seller, how reasonable do you think it would be for a buyer to demand that you pay the buyer to be allowed to collect even "the absolute minimum information for the subcontractor to deliver the item" and share it with the courier?

        he expects me to delete any extraneous data regarding him, which is not required by law to be saved for some period of time.

        I would guess that it would be wise for a seller to save enough information to identify a buyer for the duration of the product's warranty. Otherwise, when a buyer returns a product under warranty to the seller after having asked the seller to delete the seller's copy of the receipt, how does the seller verify that the warranty is valid?

        Someone who offers the items I want to purchase will take PayPal.

        That works if 1. you are buying goods, not services to be performed by the seller; 2. you aren't buying access to (say) downloadable apps or games for a mobile or console platform whose store doesn't take PayPal (Apple and Google do; Amazon appears not to); and 3. you're willing to pay maybe 50% markup from a gray market reseller instead of buying directly from the manufacturer solely because the reseller takes PayPal and the manufacturer doesn't. One example of case 3 is Amazon brand products, such as Kindle readers, Fire tablets, and Fire TV streaming adapters.

        SOMEONE is catering to all of the people using whichever form of payment you prefer to use.

        Even sellers in categories that the operator of your preferred form of payment categorically excludes, such as debugging tools for developers of software for classic video game consoles?

        That seems to be one of the basic tenets of a free market.

        Correct. In a free market, a particular payment processor is free to refuse service to sellers who offer particular categories of goods or services. This means no sellers of goods or services in that category will offer that form of payment.