A coalition of child advocacy groups is asking the Federal Trade Commission to investigate Cartoon Network (Turner) and Nickelodeon (Viacom) Web sites, among others, for what they say are unfair and deceptive acts in violation of the Children's Online Privacy Protection Act (COPPA).
Cartoon and Nick were keeping their powder dry until the complaints were officially lodged Wednesday, but a Nickelodeon source told Multichannel News that its site did not violate COPPA.
In addition to pushing the Federal Trade Commission to better enforce current law, the groups are urging it to wrap up its proposals to update the COPPA rules.
According to copies of the complaints to be filed Wednesday, the groups, which include Center For Digital Democracy, Consumer Federation of America, and Children Now, argue that the sites' use of "refer-a-friend" viral marketing techniques runs afoul of those protections, and they want the FTC to clarify that placing tracking cookies and soliciting e-mail addresses requires notice and parental approval.
In their complaint against Nick.com, the groups argue that online games that ask for e-mail addresses to share the game with friends are collecting personal info without the requisite notice that the addresses being collected will be used for marketing messages. They also claim the game's send-to-a-friend form makes no mention of parents, which they call a clear violation of COPPA requirements that Web operators make "all reasonable efforts" to give parents notice of information collection or sharing.
"Children's Privacy Advocates respectfully request that the FTC take prompt against Nickelodeon for its collection of personal information from children in violation of COPPA," according to the groups. "By failing to comply with its obligation to provide notice of its privacy practices and obtain verifiable consent from parents before collecting personal information from children, Nickelodeon endangers children's privacy, exposes children to intrusive marketing behind parents' backs, and violates the FTC's regulations."
The complaint against CartoonNetwork.com is similar. The groups argue that the site "collects personal information from children without giving clear and understandable notice to parents and without even attempting to obtain verifiable parental consent." Again the target is online games that ask the user to share them with a friend through an online form that solicits the friend's e-mail address.
While COPPA has an exemption from the consent requirement for one-time contact with a child "for the sole purpose of responding directly...to a specific request" from the child," the groups maintain that applies to information on that child, not personal information from a second child -- the friend whose e-mail has been supplied so they can share the game.
"When Cartoon Network collects the email address of a child's friend for the purpose of sending marketing messages to that friend, the child's friend has not requested that Cartoon Network send her anything. Thus, Cartoon Network's collection of email addresses is not exempt," according to the group.
The goal of the complaints is partly to light fire under the FTC. Jeff Chester, executive director of the Center for Digital Democracy, suggests the FTC has been too slow to make changes to COPPA to keep up with sophisticated online marketing techniques. "They have been slow to update their rules," he said "How could companies like Time Warner and Viacom possibly think that giving them the e-mail addresses of their friends is permissible either in terms of privacy or marketing practices."
"Cartoon Network takes its compliance with the Children's Online Privacy Protection Act very seriously. We will review any allegations closely," the company said in a statement, adding that it had no further comment having not seen the complaints.
Nickelodeon declined comment, but according to a company source familiar with the programmer's online practices who asked to speak on background, Nick.com does not store or record the e-mail addresses from those friends, and that, under COPPA, no parental notification is needed when only a name and e-mail address are being requested.
Also targeted in the complaint were sites run by Subway, General Mills, and McDonalds that also employ the share-with-friends functionality.