Amazon Faulted on Child Privacy
A dozen national consumer-protection groups have asked the Federal Trade Commission to investigate the giant online retailer Amazon.com Inc. for allegedly violating the 1998 Children's Online Protection Privacy Act, or COPPA.
The Seattle-based Amazon.com collects and disseminates children's personal information without parental review and consent, as well as without giving parents the power to edit or delete such information on the Web site, the April 22 complaint to the FTC alleges.
Educators need to help counter the commercial exploitation of children on the Internet and teach students to be savvy about protecting their own online privacy, said Kathryn Montgomery, the president of the Center for Media Education. The Washington-based center is one of the groups that lodged the complaint.
"Schools are a key point of access to the Web, and educators need to educate their students about their roles and rights as [online] consumers," Ms. Montgomery said.
The federal law, enacted in April 2000, requires online companies that collect information from children to post their privacy policies, notify parents of their information-collection practices, and get verifiable parental consent, among other steps, before they take personal data on children under age 13 or disseminate it to others.
"Amazon has been a big disappointment in terms of online privacy," said Chris Jay Hoofnagle, the deputy counsel for the Washington-based Electronic Privacy Information Center, another consumer protection group lodging the complaint. "If one directs a commercial Web site to children, certain data protections should be triggered, and Amazon has none of these requirements."
But a spokesman for the online retailer said Amazon.com is not subject to COPPA because the site targets adults, not children, as its customers. The company, which is best-known as a bookseller, is the online retailer for toy companies such as Toys R Us and sells toys such as Lego sets, Pokemon video games, and Barbie dolls.
"This is a general- audience site, with children's products to be bought by adults," said Bill Curry, the Amazon spokesman. "We [have] had children post inappropriate information in the bodies of product reviews, and we have filters and screens for this, but occasionally, some things sneak through. When we find out, we remove it."
However, a quick Web search of the Amazon.com site using the words "I am 11" found at least seven Amazon product reviews in which children had posted their full names, ages, and home cities and states.
Stiff Fines Levied
If the FTC does find Amazon in violation of the children's- privacy law, that would send up warning flares nationwide to some online retailers, who may then change their Web sites to comply with COPPA, said Peter P. Swire, a professor at the Moritz College of Law at Ohio State University and the chief adviser on privacy and data protection for President Clinton from 1999 to 2001.
Congress passed the privacy law overwhelmingly, Mr. Swire noted, and it enjoys wide public support.
"You don't want to have bouncy cartoon characters asking a 9-year-old for detailed information about the family," he said. "There's broad consensus that young children should not be enticed into handing out personal information."
FTC spokeswoman Claudia Bourne Farrell said last week that agency officials were reviewing the complaint but the agency would not disclose whether they would investigate Amazon.com.
Other companies have recently paid some stiff fines for violating the law.
In February, the FTC fined Salt Lake City-based Mrs. Field's Original Cookies Inc. $100,000 and the Hershey, Pa.-based Hershey's Food Corp. $85,000 for collecting children's private information on their Web sites without prior parental consent.
In 2001 and 2002, the FTC fined six companies a total of $175,000 for violating COPPA.
In addition, the FTC warned 50 online children's Web sites last year that they had to comply with COPPA.
Vol. 22, Issue 34, Page 12Published in Print: May 7, 2003, as Amazon Faulted on Child Privacy