|From: Romain Carrere
Sent: Saturday, November 10, 2001 6:37 PM
It appears that the Federal Trade Commission's anticipation on the technology advances that would allow the identification of the user was unrealistic for the time it expected the technology to emerge. As a result, the sliding scale will expire soon, unless the Commission amends on April 21, 2002 the Children's Online Privacy Protection Rule to extend the sliding scale mechanism for an additional two years to April 21, 2004. My name is Romain Carrere, student at Bentley College, and I will present my opinion on the matter.
First and foremost, one must acknowledge that the FTC's online method of obtaining parental consent is not always reliable. In today's evolving time, children under 13 years of age are becoming increasingly Internet savvy and consequently, resourceful. A significant number of children have the peculiar aptitude to fabricate a spurious e-mail message that is allegedly from the parent or guardian. They also have the intellect of creating a bogus email account to receive the confirmatory e-mail from the operators of commercial web sites. To complete the fictitious agreement from the parent or guardian, the children would have to merely appropriate the letter confirming the parent's consent.
The fundamental question now arises: should another method of obtaining verifiable parental consent be used instead of the sliding scale? On the one hand, this process was working appropriately; thus, there is no definite need to change the method of authenticating parent's approval. On the other hand, as mentioned above, the current method presents an unreliable source of agreement from the parent or the guardian. Therefore, alternatives should be analyzed thoroughly prior to amending the Rule to extend the sliding scale mechanism for an additional two years.
The current availability of secure, reliable and affordable infomediary services or products is relatively low. While currently no solution can guarantee web operators' compliance with the COPPA, there are various solutions that would validate parent's approval. One solution could be to allow web site operators an indirect access to the Social Security Administration's database to verify the parent's social security number and mother's maiden name. Despite the fact that this solution offers quick and reliable online approval, parent or guardian might be skeptical in giving their social security number. Another solution, nevertheless, would be to ask for the parent's credit card number and address for informative purposes only. If the name, address and card number match, this will be an appropriate way to appropriate the agreement. Furthermore, parent or guardian will be less skeptical in giving credit card numbers if there is a promise that the credit card will not be charged.
Until small and inexpensive finger scanning devices connected to computers that electronically identifies the users become readily available, my advice to Mr. Jodie Bernstein, Director of the FTC's Bureau of Consumer Protection, is to first extent the COPPA's time period for at least 6 months and then to establish one of the above solutions.