Internet groups complained Monday that new Federal Trade Commission regulations to protect children's privacy online are financially burdensome to startup companies.
Under regulations that went into effect July 1, websites catering to children will no longer be able to collect a range of identifying information without obtaining verifiable parental consent.
The child protection regulations will now hold the owners of sites and apps frequented by children responsible for third-party services - such as plug-ins or ads - that collect personal information from visitors who say they're younger than 13. The third-party services will be held liable only if the FTC can prove they knowingly collected personal information from children.
Websites that want to use such ads to provide free content for children, or that want to collect personal information for interactive content, now have to either get parental consent or forgo the content altogether, as some tech experts worry they will do.
"The biggest challenge here is that the commission defines personal information in a way that is so incredibly broad," said Lydia Parnes, the former director of the FTC's Bureau of Consumer Protection and now a privacy lawyer, at a gathering of data experts and representatives of Internet companies in Washington.
The FTC estimates annual compliance costs for current Web services at $6,223 and new services at $18,670. Eighty-five to 90 percent of the Web services are run by small businesses. TechFreedom President Berin Szoka said those costs do not take into account the potential shift in online advertisers, or the effect of regulations on startups.
"The reality is, most of the sites and services, like Facebook or Twitter, don't have an option available for kids," said Szoka, whose organization sponsored the discussion. "What is it about the (children's) regulatory system that makes apps and sites from the largest to the smallest decide it's not worth doing?"
FTC attorney Kandi Parsons and Associate Director Maneesha Mithal said the new regulations are meant to update the Children's Online Privacy Protection Act of 1998. "Parents should be in the driver's seat," said Mithal, who works with Parsons in the FTC's division of privacy and identity protection. "I should know what information is being collected on children, what it's being used for and how it's being collected."
Regulators and advocates discussed how regulations would affect online advertising and kid-friendly websites during a panel discussion hosted by nonpartisan technology research group TechFreedom.
As concern over deceptive online advertising targeted at kids grew in the 1990s, Congress passed the protection act to enhance parental involvement and protect the privacy and security of personally identifiable information of children collected online.
The new regulations could affect a website such as PinewoodDerby.org, run by a Boy Scout troop, suggested Steve DelBianco, executive director of Internet advocacy organization NetChoice.
When new regulations took effect July 1, the Boy Scouts hired a lawyer to add a log-in and sign-up section to the site. Visitors are then prompted to provide a guardian's personal contact information, including birth date, phone number and Boy Scout council affiliate.
Explore further: US proposes tougher online privacy for children