The debate over personal data on the Internet and how it is used is always heated, but it becomes even more so when it involves children.
Nearly two dozen children advocacy groups are reportedly teaming up this week to file at least five separate complaints with the Federal Trade Commission against some very large global corporations, such as McDonald's and General Mills, which heavily depend upon business from kids and their parents.
Specifically, the Web sites in question in the complaints are HappyMeal.com, Nick.com, ReesesPuffs.com, SubwayKids.com, TrixWorld.com, and CartoonNetwork.com.
Groups such as the Center for Digital Democracy and the Center for Science in the Public Interest argue that these businesses are acting in violation of the Children’s Online Privacy Protection Act, which requires parental consent before Web sites can ask for any personal information about children under the age of 13.
The problem here, according to the advocate groups, is that the Web sites in question are targeting children with brand-related online games that ask for friends' e-mail addresses without any kind of requirement for parental consent. Thus, the kids participating in the brand-related games and other activities are offering up personal data about other kids without their consent (or that of their parents).
Attorney Laura Moy, representing the Center for Digital Democracy, told The New York Times that these businesses are "doing an end run around the law" that is supposed to protect children's privacy.
Under the law, they can’t just collect e-mail addresses from kids and send them marketing material directly. So they are embedding messages saying, ‘Play this game and share it with your friends,’ in order to target the friends.
However, most of these businesses targeted in the complaints are defending their actions.
General Mills represenative Tom Forsythe told The San Francisco Chronicle that "send-to-a-friend e-mails" are protected under the act so long as the full name and e-mail address of the sender is never collected and the recipient's e-mail address is "purged immediately following the sending of the message."
This story was first posted as "Privacy dispute emerges involving personal data, kids and marketing" on ZDNet's Between the Lines.