Marketing to Children Online: A Manager's Guide to the Children's Online Privacy Protection Act

Article excerpt

Increasing numbers of businesses are incorporating the Internet into their business plans, and many have identified children as an important target. The focus on children is not surprising, given that they are one of the fastest growing Internet demographic groups, with nearly 27 million expected online by 2005. (1) Beyond the size of this group, children are an important marketing target due their significant disposable income (2) and increasing predisposition to spend their money online. (3)

The potential for successful online marketing to children, as with all online consumers, is increased when a business establishes a relationship with the child. (4) Establishing a relationship requires that a business understand the child (through the acquisition of personal information and the monitoring of on-site behaviors) and then customize the child's experience in light of this information. While this is not technically difficult to do, these activities must be conducted in accordance with federal regulations, specifically the Children's Online Privacy Protection Act (COPPA). A business not in compliance with COPPA's provisions risk harm from both negative publicity and significant fines. (5)

There is evidence that many Web sites are still not complying with COPPA's requirements. (6) Two reasons for noncompliance are intuitively reasonable. First, some site managers may have directed their designers not to comply, and, as a result, may only do so when faced with FTC intervention and fines. Second, site managers may wish to comply, but the complex rules prevent them from knowing exactly what is required of them. In response to this reason for noncompliance, several "layman's" rule explanations have been created. (7) However, even a simplified presentation of the rules may not be sufficient for these managers, as there may still be a gap between this version and identifying specific, concrete ways to implement the rules. This may be particularly true in areas of COPPA that are ambiguous, that is, where the regulations require action but are ambiguous in terms of the specific behaviors required for compliance.

This paper addresses this situation by clarifying ambiguities in COPPA rules and by presenting specific examples of compliance and noncompliance behaviors. (8) examples and recommendations can be used by marketers with currently active sites to evaluate their level of compliance (and any resulting need for site modification) and by managers whose sites are still in the planning stages.

The Children's Online Privacy Protection Act (COPPA)

COPPA protects the privacy rights of young children by presenting regulations that guide the collection, use, and dissemination of children's personal information collected online by two types of commercial Web sites: (1) sites or online services that explicitly target children aged 12 and under, and (2) sites that have specific areas designed and targeted toward children aged 12 and under. The Federal Trade Commission (FTC) makes a determination of age targeting through an evaluation of site "subject matter, visual or audio content, age of models, language ... advertising promoting or appearing on the Web site ... empirical evidence regarding audience competition ... and [the use of] animated characters and/or child-oriented activities and incentives." (9) Importantly, a Web site that is felt to target children 12 and under cannot escape COPPA's provisions by claiming that children under this age cannot visit, by making personal information requests "optional," or by asking for visitors' ages in a way that e ncourages them to lie. (10)

According to COPPA, Web sites that target and collect personal information from children 12 and under must meet five types of privacy criteria, summarized below:

* Notice. A child-directed Web site must display a link to a description of its information collection practices on the home page of its site and at each area where it collects personal information from children. …