Subscribe to this Blog
Today's Blogs
    The Checkup:

Sony Violates Children's Privacy Act

Sony BMG Music Entertainment has a privacy notice on its Web sites that users under the age of 13 can't participate in Web page activities. But, in reality, the site accepted registrations from children who entered a date of birth indicating that they were under 13, the Federal Trade Commission says.

In a settlement announced yesterday, Sony Music agreed to pay $1 million to resolve charges that it violated the Children's Online Privacy Protection Act, also known as COPPA. According to the FTC, Sony Music not only collected and maintained the information on nearly 200 musical artists' Web sites, but the company also "disclosed personal information from thousands of children under the age of 13 without their parents' consent."

Working as I have at a Web site for so long, I've often wondered about COPPA. Its mission is a good one -- to protect vulnerable children. And most sites do all they can to keep children at bay and safe. Sites that cater to children often contemplate ads they allow -- if any -- and require parental consent for children to use them. They limit social networking interactions of young children. But registration forms are computers and easy to trick. What's to stop a 12-year-old from lying on the form and saying he's 14 or 41 or 100 for that matter? And how many of us parents really read a site's fine print legalese privacy policy before allowing our children to use those sites?

Do you think COPPA is the answer to protecting children online? Is there one?

By Stacey Garfinkle |  December 12, 2008; 10:30 AM ET  | Category:  Elementary Schoolers , Tweens
Previous: Lesson Plan for Parents: How to Play | Next: Has Obama Discipline Struck Your House?


Since the fine was for accepting applications that listed an age under 13, Sony BMG is definitely at fault here. I'd say 1 million dollars is a bargain-basement fine for the offense.

As to protecting the privacy of children online, that responsibility falls on the shoulders of the parents. If the vast majority of parents would monitor what their children do, the problem would be solved.

If websites that your children are interested in using post hard to locate and even harder to understand privacy policies, simply drop them an email and tell them so. I guarantee that if enough people do that, the privacy policies will soon be easily located and written in every-day language.

Posted by: pagun | December 12, 2008 11:35 AM | Report abuse

Yes, parents are (or should be) the ones ultimately responsible for their children's on-line safety. Not that I have any objection to a little bit of help from well-thought-out regulations that are vigorously enforced.

The computer our kids use is in the kitchen, not in their room anymore. And nobody signs up for anything on any web-site without asking DH first - I'm generally at work when the requests happen - and he does a thorough checkout of the site and its terms. Sometimes the kids don't get approval for a particular site either. But when that happens, they do get an explanation of what was objectionable. Over time, they've learned what will and won't be approved, and their requests for sign-ups have become less likely to be turned down because they're learning to recognize what will violate our standards.

Posted by: SueMc | December 12, 2008 1:57 PM | Report abuse

Is COPPA the answer? No, of course not. Why not?
1. It's too easy to lie when you're asked for a birthdate. Just give them a random date that's in the "approved" range.
2. It doesn't really "protect" children from anything. The filters are okay, but they often screen out "objectionable" content that's only objectionable to those with specific political opinions, and they're too easy for attackers to get around.

In the cited case, Sony was incredibly stupid (or just didn't bother testing their software). They deserved the fine, and more. Sony's done much worse, though, like installing a rootkit to attack your system when you listened to a music CD. So it's not surprising.

And if you want a good analysis of a lot of the issues, read about the Lori Drew/Megan Meier issue. Start here:

Bottom line: if you want to control what your children do on the computer, rely on your own parental supervision.

Posted by: ArmyBrat1 | December 12, 2008 2:50 PM | Report abuse

"Bottom line: if you want to control what your children do on the computer, rely on your own parental supervision."

Usually AB's technology advise is spot-on, but not this time. Most cell phones now have web access. Supervision is not as simple as it was in the 90s. "Put the computer in the den and not in the bedroom" won't address kids' mobile web access and use.

COPPA is only one tool. CARU, the Children's Advertising Review Unit, is the children's arm of industry self-regulation. They do a lot more to go after rogue advertisers than the federal government (enforcers of COPPA) does. If you care about this issue, avail yourself of the filtering and other tools provided by Sprint, Verizon, Microsoft and others. Check out the guidance for parents available from the Family Online Safety Institute at

Current statistics from FOSI distributed at a conference last Thursday in DC indicate that, while a majority of parents SAY they are interested in kid safety, including privacy protection, less than 20% of parents actually USE the tools freely available to them, whether from mobile services vendors or Internet website vendors. I suppose worrying takes less time out of parents' busy, busy (*cough*) lives than action. It takes more than parental supervision, though, if you really want to ratchet up your awareness and your teen's safety. It takes parental thought and action.

The Lori Drew story? It is a distraction - like stranger abduction stories. The real threat is not that some psycho mom is going to encourage your child to harm himself. It's that you will not have armed your preteen or teen with the necessary tools to identify risk and protect his private information from others.

Posted by: CindyLouHoo666 | December 15, 2008 9:14 AM | Report abuse

The comments to this entry are closed.


© 2010 The Washington Post Company