Not too long ago, learning about spending and saving as a child meant putting extra money in a piggy bank and figuring out how to balance a checkbook. Now, the growth of the online marketplace presents new hazards for children and teenagers, most of which go undetected by parents.
Smartphones and the expansion of mobile networks in particular have become a double-edged sword. Children can access the Internet more easily, but parents have to worry about their children releasing personal and financial information to cyber criminals.
Until two months ago, the Children's Online Protection Policy Act, or COPPA, which was passed in 1998, did not address the particular threats of today's mobile space. The original law mostly dealt with online websites and their ability to collect, distribute, or use the personal information of children under 13. The Federal Trade Commission, or FTC, tackled this issue in December of last year, when it updated the Act. (View COPPA here
Now "personal information” that cannot be collected
includes children’s photographs, videos, and geographical information. Kid-directed apps and websites must seek parental permission before collecting and sending this information and the online behavior patterns of children to third parties.
However, developers of ads and software only have to adhere to this ban on personal information gathering if they possess "actual knowledge
" that the website or app featuring their content targets children. For example, Facebook's
(NASDAQ:FB) “Like” button software and advertisements hosted by ad networks will not land their creators in legal trouble if they lack any way of knowing that the hosting site aims its content at children.
Additionally, parental consent is required
before collecting so-called "persistent identifiers," which are pieces of code that identify users over time and across multiple websites, such as protocol addresses and mobile device IDs. Companies may only use this information for internal purposes.
FTC Chairman Jon Leibowitz has said
that he believes the changes “strike the right balance between protecting innovation that will provide rich and engaging content for children, and ensuring that parents are informed and involved in their children’s online activities.”
Here Come the Online Kids' Shopping Sites?
Even before the COPPA laws go into effect on July 1 of next year, a few companies already have begun to capitalize on the demand for better online protection for children and teenagers.
One such company is Virtual Piggy
(OTC:VPIG), a provider of online security platforms that launched in 2008. Founder and CEO Jo Webber, Ph.D,. created Virtual Piggy as a free service for parents to monitor and control how their children shop online. The relatively small company -- it has a market cap of $102.46 million -- says it aims to create a safe environment where the under-21 demographic can learn how to spend and save.
If you find it odd to imagine young children shopping on the Internet unsupervised, you're probably not a parent. According to research from PlayScience released in October of last year, 30% of children between the ages of 6 and 10 spend $1,000 or more per year online. Of this age demographic, 24% have shopped on the Web without parents. For children between the ages of 11 and 15, 57% have shopped online without parents, and 35% purchase $1,000 or more electronically in a year.
Of course, no credit card provider can issue a credit card to a teenager or a child, but most online sites are designed for credit card payments. That means the under-18 demographic lacks a way to transact online by themselves in a safe way. Virtual Piggy created its service as a solution to this problem.
Here's how it works: Parents create an account on Virtual Piggy and establish allowances, spending limits, and notification controls. Parents also determine at which of the over 80 Virtual Piggy merchant-partners a child may shop. At the time of purchase, a child checks out using Virtual Piggy by selecting it as a payment option. (The Virtual Piggy icon only appears if a merchant has partnered with the site.) Virtual Piggy then checks to see whether the purchase is parent-approved before forwarding the necessary billing and shipping information to the company. The child never inputs his or her name, e-mail address, credit card number, or address.
In simple terms, Virtual Piggy functions as a "family wallet," one that also operates on mobile devices. The company generates revenue by licensing its service to merchants; those merchants benefit because Virtual Piggy makes them COPPA-compliant as well. In fact, Virtual Piggy complied with the recent COPPA amendments even before the FTC officially passed them. "We built our system from scratch to be above and beyond COPPA. Our system is the only technology in the world where a child can transact anonymously under the conditions established by the parents," says Webber.
Virtual Piggy has a tight integration with PayPal (NASDAQ:EBAY), which the FTC has just classified as an “alternative payment system.” Using PayPal has the dual benefit of being a safe payment method that doesn't reveal personal information and also being a means of obtaining parental consent. PayPal's account rules already require the account owner to be at least 18 years old, so children have to ask their parents for permission to use it.
When asked if the company has been in talks with major online retailers like Amazon
(NASDAQ:AMZN), Webber said Virtual Piggy has been in talks with other companies, but she could not divulge the information nor could she mention specific retailers.
So far, the company seems to be operating without any direct competitors, though one service that's similar in some ways is BillMyParents
(PINK:BMPI). Like Virtual Piggy, it allows parents to control their children's spending. BillMyParents operates in the realm of prepaid cards. If a child or teenager uses their Justin Bieber prepaid card (see Would You Give Your Kids a Justin Bieber Debit Card?
), the service notifies parents of the purchase. If parents don't like the purchase, they can deactivate the card.
The card from BillMyParents appears to allow more flexibility than Virtual Piggy as children can shop at most stores, minus obvious taboo locations, such as liquor stores.The stringency of Virtual Piggy does have its upside, however; through the site, parents can prevent unwanted purchases before they happen. The prepaid card system only notifies parents after something questionable has been purchased.
Reports have it that household names, such as American Express
(NYSE:AXP) and JPMorgan
(NYSE:JPM), have been eyeing the multi-billion-dollar prepaid-card market
, attracted to its fee structures. Unlike Virtual Piggy, BillMyParents charges a monthly fee of $3.95 and may charge users one of several penalty fees, like a $3 fee for not using the card for 90 days. The Laws Are Too Tough, or Not Tough Enough
Not surprisingly, not everyone is happy with the new COPPA laws. The Wall Street Journal reports
that several members of Congress, such as Senator John D. Rockefeller IV, will push for stronger online privacy regulations. (Rockefeller is leading the Senate's extensive investigation
into the data industry.) Jeffrey Chester, executive director of the Center for Digital Democracy said that “the FTC's decision was a step in the right direction but left loopholes for companies to mine kids' data inappropriately.”
For her part, Webber says she holds a favorable view of the new rules, calling them "common sense laws." But she also describes the amendments as “softer” than expected, saying she had anticipated "harder" changes for the industry.
In particular, Webber was surprised that the FTC didn't make it more difficult to obtain parental consent, since e-mail alone can easily be faked. She offers the example of a child creating an e-mail account and claiming the account belonged to his or her parents to play a game on Disney
(NYSE:DIS) without his or her parent’s knowledge and unbeknownst to the website. Indeed, many parent advocacy groups had actually pushed for removal of e-mail as a legal method of obtaining parental consent, according to Webber.
Although the FTC originally worried about the ease by which children can circumvent this parental check, it found no evidence of harm caused by this method and decided a change in the law would have been "inappropriate," placing a heavy financial burden on the industry. Plus, apps and websites that procure
consent via e-mail can only use the data for internal usage and can't legally share the information with third parties.
Webber predicts that adjusting to the new advertising rules will prove most burdensome for websites aimed at children and online retailers. She explains, "The FTC will not go after the advertisers; it will go after the website operators. This means websites that do cater to children will either have to eliminate advertisements or scrutinize the ads that go on their website to make sure the ads don’t solicit children for identifiable information." The Wall Street Journal
article also quotes Joe Potter, president of the Application Developers Alliance, who said “that talented and responsible developers will abandon the children’s app marketplace." According to ChannelNewsAsia
, the mobile application industry grew by by 68% from $8.5 billion in sales to $14.3 billion last year (for all sites, not just those aimed at children), but stricter regulations will slow down the burgeoning industry.
James Ryan, Vice President of Marketing at AnchorFree
, a provider of Internet security software, tells Minyanville that developers need to take more responsibility with the way they collect data. He anticipates further "governmental and parental backlash" in the form of additional legislation aimed at app developers, particularly against developers of kid's apps and kid's developers. Last month, the FTC ordered data brokers to reveal the information
they have collected on online consumers.
Webber and many others believe that larger app providers should
be more tightly regulated when it comes to children's apps. Webber points to Apple
(NASDAQ:AAPL), which has found itself with some lawsuits related to apps in its stores that encourage children to input identifiable information and participate in unreasonable transactions. The FTC, however, exempted companies like Apple and Google
(NASDAQ:GOOG) after both companies launched serious lobbying efforts. (Apple, for example, met with FTC officials five times in the fall of last year to challenge the original regulation that would hold it accountable.) Webber says, “Some of the biggest companies in the world are still able to get around the laws.”