Over the past 36 years of practicing personal injury law with a concentration on cases involving sexual abuse and sexual molestation and with Owen Patterson & Owen’s recent resolution of the Mira Monte School sexual abuse cases, in Los Angeles, it has become clear that the pendulum that balances the scales of justice continues to swing in a continuing effort to provide the protection of the law for those who are the most vulnerable. Unfortunately, one constant is that, while it swings seeking the proper balance, invariably, extremes emerge before the system corrects and heads back to the center.
One of the extremes that has manifest itself, in dramatic fashion over the past decade is the devastating plight of children who become the victims of predators.
Predators whose focus is the sexual abuse of children have usually discovered a treasure trove of information in the online world of the internet. It continues to be a broad source of detailed and personal identifying information used in their constant search for victims. Simple bits of information such as, nicknames, names of pets, parents names, best friends names, or addresses are the sexual predators’ tools used to establish the element of trust necessary in creating an abusive and longer lasting relationship with a young victim.
New and more strict controls have been implemented by the Federal Trade Commission. It has implemented, changes to the 1998 Children’s Online Privacy Protection Act (“COPPA”), in an effort to establish effective guidelines restricting the gathering of personal identifying information about children under the age of 13 who are surfing the internet or working online doing homework or playing games.
Effective as of July 1, 2013, website operators, online services and any company seeking the attention of preteens must comply with considerably more strict requirements before they can gather and use personal identifying information of children viewers..
The U.S. Chamber of Commerce and lobbyists for such online services have objected to the FTC arguing that the new standards set unnecessarily burdensome and not required by current legislation or any court rulings. Although they were unable to obtain a delay in the implementation of the regulations the FTC has provided a method for corporations to self regulate. It is referred to as the “Safe Harbor Program”.
The process allows the companies to participate in the FTC’s Safe Harbor Program enabling them to submit, for Commission approval, detailed and complex self regulatory guidelines that compliance with would implement the protections the rules intended.
Approval of a corporate plan would provide a buffer between the FTC regulatory division and those companies that elect to self regulate. It remains to be seen if this process will be effective in ensuring compliance.
At the FTC ‘s BCP Business Center website, one can review the entire plan recently presented by Aristotle International, Inc. A review of its approved plan succinctly sets forth the seven program requirements.
Under the Children’s Privacy Compliance Program, member companies are required to prevent any possibility of unfair or deceptive acts or practices in connection with the collection, use, and/or disclosure of personal information from and about children on the Internet. Specifically, member companies must comply with the following seven program requirements:
Requirement 1 (Notice/Disclosure of Information): Member companies must post a prominent link that is clearly labeled Privacy Policy or such similar notice that links the parent or child to a description of the member’s information collection, use, and disclosure practices.
Requirement 2 (Direct Notice to Parents): Member companies must make reasonable efforts to ensure that a parent of a child receives notice of the Member’s practices with regard to the collection, use, or disclosure of personal information from children, including notice of any material change in the collection, use, or disclosure practices to which the parent had previously consented.
Requirement 3 (Prior Verifiable Parental Consent): Members must obtain verifiable consent before any collection, use, display or disclosure of personal information from children or a persistent identifier unless permitted to collect the child’s name, online contact information, or a persistent identifier under one of the exceptions to prior verifiable parental consent set forth in sec. 312.5 (c) the Final Rule.
Requirement 4 (Access and Review): Member companies must provide parents with the ability to access and review their child’s personal information, to delete it, and to refuse to permit its further use or maintenance.
Requirement 5 (Restrictions on Information Collection): Member companies must not condition a child’s participation in a game, the offering of a prize, or another activity on the child’s disclosing more personal information than is reasonably necessary to participate in such activity.
Requirement 6 (Confidentiality, Security and Integrity of Information): Member companies must establish and maintain reasonable procedures to protect the confidentiality, security, and integrity of personal information collected from children.
Requirement 7 (Compliance and Enforcement): Member companies must implement effective and meaningful compliance and enforcement mechanisms that ensure that they comply with their information policies and practices.
As is usually the case and as the requirements confirm,the key to protecting the children is parental involvement. It is not enough that the plaintiff’s bar and the District Attorneys prosecute the pedophiles, we all have to be aware of and use the tools that support the efforts to intercept and prevent the deviant behavior.