Tag: COPPA

Posted in gaming, kids, marketing, online advertising, tween, web business

How to do this “kids entertainment thing” right

Posted on by Joi

I was on a panel at GDC this year called “Monetization of teens in a safe and legal way.”  I was joking before the panel that it sounded like “How to make money off of kids.”  Then I found out that it was QUITE the controversial session pre-conference.  If only I would have known, folks, I would have spiced it up a bit more. 😉

But in reality, that’s what all of us in kids entertainment are doing – making our living from figuring out ways to get kids to like our stuff and have their parents/caregivers pay for it.  

Sounds insidious, but we ARE in a capitalist society.  If you are going to pick something to make money off of, kids entertainment is a pretty fun choice for your own work happiness levels.  And it IS possible to do it in a non-sinister way, with high integrity and keeping an eye on your ethics.  It’s easy – just make games/cartoons/toys that don’t suck.  

LOL right? But really – make products that kids will love AND their parents will love.  Parents will be more prone to not mind paying for your product for their kids if it’s beautiful, fun and their kids like it.  Add a layer of learning in there and you are good as gold.  Make any of those factors superficial or not focus on it at all, you are going to start to see that revenue/profit fall.

Of course, you will have to make it legally and safely too.  But these should be pretty “Duh!” statements, right?

Legal – It is not difficult to comply with the regulations.  You will get fined or shut down if you are doing things illegally, so figure out what features trigger what laws (or hire someone who can help you), then decide whether to comply or remove the feature.  Easy as that.

Safe –  It’s also not hard to make your game or toy safe, either.  Figure it out.  If you can’t, seriously, don’t make it at all.  If you aren’t safe, or don’t have that as a priority, why are you making things for children in the first place?  There are tons of other demographics you can work with who are less concerned with safety being a priority.  Go there and make your money.  Please.  Leave the kids space to those of us who care and will continue to bend over backwards to keep the kids safe – not because we have to, but because we want to and we feel it’s the right thing to do.  

Bonus advice: 
Stop busting the balls of the person(s) on your team who are fighting for these things.  Thank them for being that person and having that drive.  Don’t make it a hostile environment for someone to bring up those sorts of concerns.  If they are bringing it up, chances are one of your audience will too at some point, so consider it a fortuitous heads up, not annoying nuisance.  

And give that person a raise too while you are at it (or at least buy them lunch sometime).  Most of those people fighting for the underdog aren’t making the big bucks, so a little goes a long way.  🙂

Advertisement
Posted in gaming, kids, marketing, online community, tween, web business

GeekDad interview

Posted on by Joi

Image

My colleague, Bill Shribman over at WGBH, interviewed me for GeekDad.com recently.
Here’s a snippet:

You threw my daughter out of Animal Jam when she was making plans to meet a friend for lunch, which I thought was a pretty impressive catch. She thought she had mistyped “duck.” What other kinds of behaviors or activities have you interrupted?

Thanks – I always love it when we can turn a discipline from the game into a positive parent interaction. As far as other behaviors/activities, where do I start? Obviously, for COPPA compliance, players trying to give out personal information is a very high priority – that’s addresses, emails, and phone numbers – but even Skype and other instant messaging usernames, FaceTime handles, and any other methods where players would be communicating outside of the game and potentially sharing that personal info.

While there is no law around it (which most parents are surprised to learn) we are also very diligent regarding inappropriate behavior and conversations, including cyber dating, drugs/alcohol, violence, vulgar language, cyberbullying and anything else we have deemed inappropriate to be associated with our brand and within the younger demographic we attract.

Read more here: At Least 17 Reasons Why Your Kid May Be Playing Animal Jam

Posted in kids, virtual worlds, web business

My Commitment to Kids Online Safety & Privacy

Posted on by Joi

I have spent years working for various children’s brands trying to make sure that every community I oversee cultivates a culture that encourages and promotes appropriate behavior online for child audiences, while offering resources for their parents.

I am so lucky to currently work for a brand that supports me in this personal and professional mission.  I am proud to show off our new parents page.  We have a robust vision for our parent outreach and this is just one of our first steps toward that vision.  Check out my second video highlighting some of the many ways we work to do this at Animal Jam.

Screen Shot 2013-08-14 at 10.28.52 PM

Posted in gaming, kids, marketing, mobile, online advertising, online community, Safety/Privacy, trends, virtual worlds, web business

COPPA/FTC- you make it so difficult to help you out

Posted on by Joi

So I have a reputation as somewhat of a COPPA compliance warrior – so much so that my co-workers have been known to groan when I mention registration or database needs.  It’s an odd thing to have attributed to you, especially with no legal experience SLASH a general frustration with legal risk aversion in general.  But when you have been working on kids websites and communities for coming up on 15 years, you kinda get a hang for the ins and outs of the laws that surround it (or at least you SHOULD).

That’s the thing.  COPPA is required. It’s not a choice.  You have to comply.  If you don’t, you get in trouble – like super expensive trouble – in dollars and negative PR.  So you just do it.  I always find it odd when people brag about it or add it as a tagline to their branding.  It’s akin to saying – “My name’s Harry and just so you know, I definitely DON’T punch random strangers in the face.” Duh, Harry, but thanks for letting me know.

But COPPA compliance has become alot like speeding on the highway.  Many people obey the speed limit, but many more edge a bit over the line.  When they see a cop, they pull back and pretend that 55 is totes what they were driving the whole time. But then they inch back up to 65 or 70 the second they are in the clear.  I’ve heard some people actually see a speeding ticket every now and then as a valid cost of driving – a tax they are willing to budget for.

Much the same, companies have started inching over the compliance line on COPPA.  I actually have been in meetings with kids brand execs (NOT my current ones 😉 ) that considered having a slush fund set aside in case their was a sanction levied against them.  But even Pollyanna-well-intentioned brands sometimes find themselves inching toward or even over the COPPA line.  You know why?  Because it’s SUPER hard to comply to in the internet/digital culture that we are in right now.

COPPA was put in place to protect kiddos from nefarious marketers who wanted to sell personal info. It was not for predators or decency or to teach personal accountability in identity protection.  But, with our culture of fear, those are the things that people think it’s in place for.

Is it good that a byproduct of this rather draconian law imposed on site operators so they don’t profit from the sale of kids info, ALSO helps prevent kids from distributing personal details about themselves in public forums?  Maybe – but I’m not sure that that remote and avoidable byproduct outweighs the other hurdles the law imposes.

You see, the whole thing is predicated on parents being super engaged in their children’s online lives.  Ask a parent about this and they will undoubtedly say:

“YES! Of course, I want to know what is going on with my child online AND to help them make good decisions accordingly!  I am an amazing parent!”

This is evidenced in tons of surveys.  But do those surveys follow up with the parent (and I mean REALLY follow up – not just ask the parent in another survey) with a

“Ok, parent, but do you REALLY? Are you ACTUALLY the super engaged parent you painted yourself to be?”

Chances are, if that followup actually happened, the answer  would be dodged with an excuse about lack of time or understanding, lament of the speed of tech advancements or a bold faced lie.

Truth is that, anecdotally (albeit with my use-cases in the thousands), parents don’t know about COPPA and their assumed required involvement.  So we can demand verified parental consent til the cows come home, but if the parents don’t understand that is something that is needed, all the FTC is protecting is a child’s ingenuity to lie about their age, while simultaneously making it harder for an an ethical site operators to pay their staff while providing good content for kids.

Unless these impositions on the site operators are coupled with a robust (and effective) campaign to explain to parents WHY and HOW they need to be involved, COPPA is simply discouraging smaller brands away from quality content from kids, encouraging children and parents to learn truth-dodging techniques in registrations and forcing the nefarious operators deeper into the shadows to avoid detection.  Only bigger brands can afford the legal counsel needed to check that they are in the right.  The ones who can’t afford will simply not offer the content, or worse, slap a “over 13” stamp on it and skirt their responsibility.

The internet is based on communication channels – especially in the age of social media that is now the norm.  By starting from the false axiom of parental involvement and prohibiting use of the now standard means of communication until this involvement is verified, you are setting up either a web of lies OR limiting our next generations ability to learn how to use these channels correctly.  Both are horrible choices.

And don’t even get me started on how most of the mobile rules don’t even have a path to compliance…

Instead, we should flip the paradigm:

  • For the operators – we make the compliance voluntary and, therefore, honestly brag worthy.  Make it like shopping on a secure site – you get the security so that your customers feel safe.  If you don’t have that seal or badge or OK from the FTC, parents/kids would think twice before using their site.
  • For parents – we give them back their parenting responsibilities.  If they think their child shouldn’t be giving out info online, the parents should be punishing the children for breaking their house rules, not blaming the sites for making it too easy for their child to give out info.  And we should be helping parents understand this and how to do this – not assuming they are already there.
  • For kids – we teach them media awareness, basic stranger/danger skills and critical thinking.  If they aren’t ready for it – their parents shouldn’t be letting them use those sites – whether they are 8, 12, 15 or 17 years old.

I am not naive, I know this isn’t going to happen this year or even next.  But I am optimistic as to this happening at some point.  Until then, I will remain the compliance warrior, marching and marching on.  But I have 10 million+ kids and parents on my compliant site – so you better believe I’m gonna start the first steps toward a more rational model now.

Posted in kids, Safety/Privacy, web business

COPPA musings

Posted on by Joi

The annual FOSI conference held in DC last week really helped to articulate for me some of the current ambiguity in the COPPA legislation, specifically with it’s intention and it’s enforcement.

Currently, the law is written in such a way that it clearly intends to protect childrens’ personally identifiable information (PII) from being used for nefarious purposes by the websites collecting it or their third party partners.  Some of the changes being proposed (public comments are due by the end of Nov) help to update and articulate this point and make the criteria points a bit more salient with todays tech climate (i.e adding geo-location, behavioral advertising, etc).

One point that is hotly debated is Email Plus.  Currently, sites can use this method (sending notification emails to a parent informing them of a child’s intent to share PII), but the FTC is trying to remove this.  The reason for this being that the sites should, by in large, not be soliciting PII from children in the first place and if they are, they should be complying with the more rigid parental verification models detailed in the law.  As Amy Pritchard from Metaverse Modsquad articulated to me, “Email plus is being eliminated as a way to collect PII and use it internally, as most sites had used it as a best practice parental notification method.  In order to allow sites to continue to do this, the proposed changes allow for sites to collect the parent email address for purposes of notifying the parent that the child has become a member of [or registered for] the site.”

The informal debates that I heard and participated in at the FOSI conference dealt mostly in the intent of the law.  Most of us agreed that the law should protect a child’s PII from being used for anything other than to make the game play better.  For the most part, the consensus is that, except for specific situations, like contests, DOB and gender are really the only 2 pieces of child PII a site needs to collect, and these are allowed currently under COPPA.

The finer point that I recognized in our sometimes spirited debates was between solicited PII and passively collected PII.   A site should not solicit PII from kids, such as in the registration process, as most of this information is not needed for normal game-play (unless, again, they get verifiable parental consent).   But what if kids give PII freely, such as in chat or on forums/boards?  What, if any, sanctions should be levied unto the site in these scenarios?  The informal consensus was that the site should at least employ means of screening and moderating such content so as to make sure that this PII is not easily given and read on the site – but that this should not be legislated as part of COPPA.

Anne Collier wrote about this recently (http://www.netfamilynews.org/?p=30775) – “The proposed [COPPA] changes respond to the advent of social media (social network sites, virtual worlds, online games, apps, etc.) in that sites can “allow children to participate in interactive communities without parental consent so long as the operators take reasonable measures to delete all or virtually all children’s personal information before it is made public,” and companies will also have to hold third parties such as app providers to the same privacy standards their services are held to.”

I do not think that the intention of the law should be about teaching and protecting kids to be safe with their PII.  While this is an ethical and moral imperative that companies that target this demographic should abide by, I fall pretty firmly on the side that this should not be federally mandated.  Many of us, myself included, believe that the free market, and hopefully vocal parent groups and watchdog organizations, should be more of the gauge as to whether this is being done on individual sites.  In theory, educating and protecting kids from sharing PII in chat is a great idea, but those of use who have to DO that work, realize how difficult and sometimes impossible it is to be 100% effective.  I do not see how the government could keep up with or track down how effectively sites are at keeping up with that.

This was the 5th Annual FOSI conference, and it was very good to see more representation from practitioners, rather than just lobbyists, marketers, safety advocates, researchers and bloggers.  Hopefully, those of us with real-world/front-line experience in implementing these sort of laws can gain influence in the conversations so laws can be amended or written practically the first time, rather than after the fact (or not at all).

Posted in marketing, online community, trends, virtual worlds, web business

The Social Network… meh

Posted on by Joi

Just a short post to point out a conversation I have had with a bunch of friends about the movie, The Social Network.  After I watched it, I didn’t feel like I had watched a cinematic masterpiece.  I couldn’t see what everyone was freaking out about.  It was a fine couple hours, but really, what’s the big deal?

When I dug a bit deeper, I figured out that it was because I knew that story, really well.  Not just of Facebook, but of tons of late aughts start-ups and silicon valley gossip.  I read those stories in Valley Wag and Tech Crunch and all the other online rags as they happened.  I’ve eaten tacos with Twitter execs while discussing COPPA fines and defended multi-million dollar business plans to tech VCs.  I’ve felt the rush of hope with new bridge funding and the despair of multiple companies closing.  I’ve become jaded of this industry.  Almost bored with it’s dramas.

Maybe that’s why I have turned my focus to projects that have a little more “oompf” in the heart-department.  I want to be proud of my work on a societal level, not just career and/or bank account.  You would think children’s properties would be a fair choice, but oy!  don’t get me started on some of the Television Execs and Licensing people I’ve met. 😛

That’s not to say I don’t still pay attention a little.  I grew up a gal in America – I’ve been trained to absorb gossip, whether I like it or not.  At least I am getting better at the KIND of gossip I am absorbing (read: Please brain, less Kardashians!)

Posted in gaming, kids, marketing, virtual worlds

SOCIAL AND ONLINE GAMES LEGAL ROUND-UP

Posted on by Joi

SPEAKER/S: Mark Methenitis (The Vernon Law Group, PLLC)

10 legal developments for 2010

1. What happen with “Glider?”
– EULA violations can be considered copyright infringement
– don’t be afraid to sue, but only for big ones
– What happen to Worlds.com
– patents case

2. Why should I care if kids are making content
– kids cant enter in a contract
– kids do have a valid copyright that is licensed
– prent is license – get permission
– cc’s are implied consent
– unclear stil
– assent to machinima rules
– does cc to service (xbox live) assent to all games
– user content when there is no parental license

3. You’ll never take me alive COPPA
– 13 is magic number
– must post privacy policy
– regulation on controls PII
– verifiable parental consent
– parents choose whether 3rd
– minimize pii collected and maintain
– COPPA 2.0 (little COPPAs) – extends to 17 and under
– NJ, NC, GA, IL, ME all have separate
– looking more like francise sale regulations, comply with the most stringent state
– COPPA ties into CAN-SPAM
– ecards and forwrd to friend
– requires an opt out list
– might have a issue with inviter and invitee emails

4. what is govt talking about
– COPPA 2.0
– FTC report on explicit content in VW for minors
– recommends age screenign and segregation
– more self-regualtion and possible lang filters
– No news on FTCs look into Dig Rights Management
– concerns over possible regulation on dig dist related to consumer protection
– Always worried about predators

5 Europe rules are different
– Server rules on privacy are complicated
– adequately protected data transfers – encrypted
– have to spell it all out in TOS

6. Cookies in Europe
– 11/24/09 – new rules in force by 2011
– cant use cookies unless the user consents after getting “clear and comprehensive info”
– or stictly necessary to provide services explicity requested by the user
– browser settings can be considered consent not clear

7. Biz model changes when taxed
– all income earned by US companies is taxed when it’s receieved
– only earn income when points are spent, even in wallet system
– income earned outside of US is taxable in both places
– get acct in intl taxes and attourney

8. What do you mean I might be a bank
– virtual currency considered bank
– anythign that can be bought with cash now and then cashed out later or as refund
– besides the poss implications in banking regs, you then may also be uner financial institution privacy regs

9 Hedging currency
– if you are running a global micro-transaction model, you should probably at least look at hedging currency
– buy insurance against price fluctuations
– micro-transaction model may find it especially beneficial b/c transaction volume can be erractic and over a long period of time

10. Zynga Poker
– subject of online gambling investigations
– gambling=
– consideration (payment of something to participate
– chance random element determines outcome
– prize – thing of value to be won
– sweepstakes are governed under gambling law
– take out consideration rule (no purchase ness)
– some states require bonds to insure sweepstakes
– check your rules, dont just cut and paste

Posted in kids, marketing, online advertising, online community, Safety/Privacy, virtual worlds, web business

2 golden nuggets from Liisa’s firm

Posted on by Joi

Maine Kid’s Privacy Law Takes Effect September 12

As we have previously reported, the Maine governor signed a new law that: (1) puts an absolute prohibition on using personal information of a minor to market to the minor or to promote any course of action regarding a product to a minor – whether parental permission has been obtained or not and whether you know the person’s age or not; and (2) prohibits knowingly collecting personal information from children in Maine under 18 for “marketing purposes,” without first obtaining parental consent. The prohibited activity of using a minor’s personal information seems to be broadly drafted, and may include not just email and text messages sent to children in Maine – including those between 13 and 17, but also marketing messages sent directly to a child through social networking websites like Facebook and Twitter. It’s possible that it could also prohibit analyzing and internally using a minor’s personal information to determine how to market to individuals generally. The prohibition on collecting information for “marketing purpose” is similarly broad. Unfortunately, the exact meaning of the law is subject to multiple interpretations. The law allows not only for the Maine Attorney General to bring actions for violations, but also allows for a private right of action. Although many have objected to the law, an immediate delay or modification does not appear on the horizon. TIP: If you have an ongoing promotion, consider how you will address the eligibility requirements (for example, prohibiting all persons under 18, persons from the state of Maine who are under 18, voiding to Maine residents, or having a verifiable parental consent mechanism). If you do not currently collect date of birth for your marketing activities, consider doing so, or voiding Maine residents. For your existing database, consider separating out those who are under 18 and reside in Maine, and be sure not to send marketing materials to them.

For more tips, see our bulletin at: http://www.winston.com/siteFiles/Publications/4_ME_Tips.html.

Linking to a Non-Compliant Website Is a Violation of CARU Guidelines

The Children’s Advertising Review Unit (“CARU”) recently found that Kidz Bop LLC violated the CARU Guidelines when it contained a link on the Kidz Bop website to a website which allowed the collection of personally identifiable information from children without fully complying with CARU guidelines. The non-compliant website did not implement a neutral age-screening mechanism to filter children under 13, and various areas of the site collected personally identifiable information. CARU found that Kidz Bop could reasonably expect children under 13 to visit their website and CARU guidelines specifically provide that operators of websites which are for children or contain areas for children should not knowingly link to other websites that do not comply with CARU guidelines. In addition, the Kidz Bop website privacy policy did not include Kidz Bop’s contact information, as required by the Children’s Online Privacy Protection Act.

TIP: If you operate a website which is likely to appeal to children under the age of 13, ensure that your website is compliant with CARU Guidelines, including removing any links to websites which you know are not in compliance with the Guidelines.

Got these from The Winston & Strawn email newsletter.  To subscribe for yourself, go here:

http://www.winston.com/index.cfm?contentid=170

Posted in gaming, kids, Safety/Privacy, virtual worlds, web business

Engage Expo Slide Decks

Posted on by Joi

Hello all-

Finally got around to adding the powerpoint decks to my blog. Sorry it too so long. Let me know if you need anything else from me.

EngageExpo09 – COPPA Operational Slides

EngageExpo09 – Online/Offline Slides