The Children’s Online Privacy Protection Act (COPPA) has been on the books for years and is enforced by the Federal Trade Commission (FTC). COPPA basically prohibits companies from collecting personal information from children under the age of 13 without parental consent. The FTC has an impressive record of enforcement actions under COPPA and compliance with … Continue Reading
Nintendo has shut down some NNID logins and has told Switch owners to lock down their accounts following a series of fraudulent attacks. Nintendo has confirmed that it suffered an attack by hackers who accessed some accounts and are using PayPal accounts linked to the accounts to purchase items fraudulently. According to Nintendo, approximately 160,000 … Continue Reading
Kids are at home all day now, remote learning and surfing the web more than ever before. Parents are working from home too, and understandably are not always able to monitor and supervise their children’s computer use as much as they should or would like to. Scammers, fraudsters and evil doers know this and are … Continue Reading
As someone who has been married a long time (longer than the Internet has existed), I never experienced the online dating scene. Everyone has their own opinion on the topic, and without getting into the merits of online dating, there is risk for children, which is the subject of this privacy tip. The Federal Trade … Continue Reading
Last week, two Senators, Senator Edward J. Markey of Massachusetts and Senator Richard Blumenthal of Connecticut sent a letter to the Federal Trade Commission (FTC) regarding apps designed for children and whether they are in compliance with the Children’s Online Privacy Protection Act (COPPA), See 15 U.S.C. 6501 and regulations at 16 C.F.R. Part 312 … Continue Reading
Protecting the privacy of our children is inherent to parenting. Parents guard against posting pictures of their children on social media or restrict the amount of time and the types of access they have on electronic devices. They may also set parental controls regarding content and try their best to protect their children. But what … Continue Reading
It is one thing to steal our identity as an adult, but children are defenseless against this type of fraud. According to Experian, it handles 25,000-30,000 cases of identity theft and fraud every year and a whopping 17 percent affected children and the estimate is that it will affect up to 25 percent of children … Continue Reading
The Federal Trade Commission (FTC) approved TRUSTe’s proposed modifications to their Children’s Online Privacy Protection Act (COPPA) safe harbor program this week. COPPA requires, among other things, that commercial website and mobile app operators that knowingly collect personal information from children under age 13 post comprehensive privacy policies on their websites and in their mobile … Continue Reading
We previously reported about the microphone and video capabilities of Echo technology [view related post]. The FBI is also concerned about this technology being used in toys that are connected to the Internet. The FBI is so concerned that yesterday, it issued a Public Service Announcement that warns consumers that Internet-connected toys “could present privacy … Continue Reading
Last week, the Federal Trade Commission (FTC) issued a six-step compliance plan to assist businesses with compliance with the Children’s Online Privacy Protection Act (COPPA). It provides clarity on who is covered by and must comply with COPPA and how companies can get parental consent. It also outlines a six-step compliance plan. New companies that … Continue Reading
On April 6, 2017, New York Attorney General Eric Schneiderman (AG) announced that he has settled an investigation against TrustE for alleged violations of failing to adequately prevent illegal tracking technology on children’s websites, including Hasbro.com and Roblox.com. TrustE has agreed to pay the State $100,000 in the settlement and adopt measures to strengthen its … Continue Reading
On February 27, 2017, news reports disclosed a major security breach involving Spiral Toys, the seller of the CloudPets brand of internet-connected stuffed animals. The Bluetooth-connected CloudPets toys allow users to exchange voice messages between the toys and applications on smartphones or tablets. An investigation by cybersecurity researcher Troy Hunt revealed that customer data for … Continue Reading
In the wake of the holiday season, it seems that even toys are not immune from privacy and security pitfalls. Two “connected” toys, Genesis Toys’ My Friend Cayla and i-Que robot, have been accused of violating U.S. and European privacy, security and advertising laws. The toys at issue provide children with an interactive experience via … Continue Reading
On December 6, 2016, The Electronic Privacy Information Center, The Campaign for a Commercial Free Childhood, The Center for Digital Democracy and Consumers Union filed a Complaint and Request for Investigation, Injunction and Other Relief (Complaint) with the Federal Trade Commission (FTC) against Genesis Toys (Genesis) and Nuance Communications (Nuance) regarding alleged violations of the … Continue Reading
On September 14, 2016, the Department of Education (DOE) issued a “Dear Colleague Letter” to provide guidance on the application of the Family Educational Rights and Privacy Act (FERPA) to the disclosure of student medical records in the context of litigation. FERPA generally prohibits a school from disclosing personally identifiable information from a student’s education … Continue Reading
On May 13, 2016, the Department of Justice and the Department of Education issued a “Dear Colleague Letter” (DCL) describing reasonable steps to protect transgender students under Title IX of the Educational Amendments of 1972 (Title IX) as well as the Family Educational Rights and Privacy Act (FERPA). Title IX prohibits discrimination on the basis … Continue Reading
If the Hello Barbie complaints weren’t enough, now it has been announced that researchers determined that the kids’ toys, the Fisher-Price Smart Toy Bear and the hereO GPS watch, had some serious security vulnerabilities. The Smart Toy Bear’s backend programming used unsecured application programming interfaces (APIs) to allow portions of software code to interact. Sounds … Continue Reading
We wrote previously about the “Hell No Barbie Campaign” and the recent lawsuit against Mattel for its Hello Barbie doll privacy violations, but through all this hype, we have yet to learn exactly what Hello Barbie is truly capable of. In a new report, Hello Barbie isn’t so bright. First, in order for Hello Barbie … Continue Reading
It seems that 2016 will mean MORE child identity theft. Why? Because with the increased amount of data collection from children and young adults at schools, health care facilities, retailers, and by advertising companies, hackers can gain access to centralized data systems with a plethora of high-value information from children. However, perhaps 2016 is also … Continue Reading
LAI Systems, LLC (LAI) and Retro Dreamer agreed to pay civil penalties of a combined $360,000 to settle charges issued by the Federal Trade Commission (FTC) that they violated the Children’s Online Privacy Protection Act (COPPA) by allowing advertising companies to use persistent identifiers, collected through their mobile apps, to elicit specific advertisements to children. … Continue Reading
On Monday, December 14, the Federal Aviation Administration (FAA) announced a “user-friendly” online aircraft registration system for owners of drones (or more officially called “small unmanned aircrafts”) that weigh more than 0.55 pounds but less than 55 pounds. This registration is a statutory requirement that applies to all types of aircrafts. Anyone who has owned … Continue Reading
We reported last month ago about the release of Mattel’s new Hello Barbie (and the “Hell No Barbie Campaign”), with the capability to ‘carry a conversation’ with a child using speech recognition software and storage of conversations in the cloud. This week, in Los Angeles Superior Court, two moms filed a class action on behalf … Continue Reading
This week, the Federal Trade Commission (FTC) determined that companies covered by the Children’s Online Privacy Protection Act (COPPA) can use facial recognition technologies to match a parent’s photo on a government-issued identification to “selfies” that the parent submits via mobile phone or webcam as a method of verifiable parental consent, as required by COPPA. … Continue Reading
As a general rule, the Children’s Online Privacy Protection Act (COPPA) requires operators of websites (including mobile apps) directed to children under the age of 13 to obtain verifiable parental consent before collecting personal information from those users. COPPA sets forth a non-exhaustive list of acceptable methods for obtaining parental consent. For example, operators can … Continue Reading
