Websites that are collecting information from children under the age of thirteen are required to comply with the Children’s Online Privacy Protection Act (COPPA).
Facebook is concerned with COPPA, in how it relates to plug-ins, like the company’s ever-popular “Like” button. The company sent a 20-page letter to the FTC last week (hat tip: Business Insider), seeking changes to the law that would protect its plug-ins, which it views as free speech.
Here’s a “small” snippet of the lengthy document, where Facebook makes the case for plug-ins after citing educational sites, like Kahn Academy, that use them:
As the Commission evaluates the further changes proposed in the Supplemental Notice of Proposed Rulemaking (“SNPRM”), Facebook encourages the Commission to develop policies that take into account the significant impediments that a revised COPPA Rule could create for innovation and the ecosystem that shapes students’ online experiences. This social functionality, widely used by educational sites and apps, is dependent on plugins and could be threatened by a COPPA Rule that renders plugin providers responsible for the actions and motives of third parties and vice versa. Part of the value of many educational sites and services is that they are offered for little or no cost, which means that they often will not have the resources to meet burdensome compliance obligations.
Requiring these sites or services and plugin providers to monitor each others’ information practices could result in the eradication of integrated plugins and the powerful features they facilitate. Furthermore, barring sites and online services from using platforms or common mechanisms to comply with their COPPA obligations could chill innovation due to the cost of compliance. Facebook believes strongly in the importance of empowering parents to protect their children online, and we have been leaders in efforts to promote the safety of the minors, aged 13 to 17, who use our service. However, we have serious concerns that the confluence of changes proposed in the SNPRM—the expansion of the definition of “operator,” the potential for plugin providers to be subject to COPPA based on actions of website publishers of which they are unaware, and the lack of clarity around whether a plugin provider will violate COPPA by using data collected in order to operate the service of which the plugin is a part—all dramatically increase the risks faced by entities that wish to distribute plugins and other tools that enhance the utility and value of the Internet. In the aggregate, these changes exceed the authority that Congress granted to the Commission in COPPA. Just as Congress worried that unchecked liability would stifle the growth of the Internet when it adopted Section 230 of the Communications Decency Act and the Digital Millennium Copyright Act’s safe harbor provisions, the absence of clear standards around the circumstances under which liability attaches under COPPA is likely to create serious disincentives against growth in Internet technologies.
Tags: facebook, COPPA, Children’s Online Privacy Protection Act, SNPRM, Supplemental Notice of Proposed Rulemaking