The Better Business
Bureau said Friday that a Web site operated by book publisher Harper Collins did not comply with children's privacy rules.
The Ruby Redfort site, touting a book series that features a
13-year-old girl detective, didn't have procedures in place to obtain verifiable parental consent before collecting names, street addresses and email addresses from children, the BBB's Children's
Advertising Review Unit said in its decision.
The federal Children's Online Privacy Protection Act prohibits Web site operators from knowingly collecting personal data about children under
13 without first obtaining their parents' permission. (Harper Collins is based in the U.K., but must comply with the children's privacy law because it advertised its site in the U.S. via the magazine
, according to CARU.)
The site invited visitors to sign up in order to receive a Ruby Redfort bookmark, and to “win some neat prizes.” Visitors who did
so had to provide their usernames, email addresses, first and last names and full street addresses, according to CARU.
The site also asked visitors to check a box indicating whether they
were younger than 16, and if so, whether they had their parents' permission to sign up. But the site operators didn't take any steps to verify parental consent, according to CARU.
reports that the publisher said it only used the data “internally” and never sent the information to outside companies for their commercial use. But CARU faulted Harper Collins, noting
that even if data about minors isn't shared, Web site operators are still required to obtain parental consent before collecting personal information about users under 13.
investigation, Harper Collins revised its data collection practices. “The Web site currently asks for age in a neutral manner and employs a session cookie to prevent children from going back and
changing their age to avoid parental permission requirements. The operator also agreed to add a method of parental consent that complies with COPPA requirements for all visitors under the age of 13
from the U.S.,” CARU wrote in its decision.
Privacy advocate Jeff Chester, executive director of the Center for Digital Democracy, says that the incident “reveals that major
online companies are thumbing their nose at COPPA.”
Hudson Kingston, legal director for the Center for Digital Democracy, adds that the FTC should investigate the publisher in order
to make sure the company isn't still using the information it collected from minors.
Harper Collins did not respond to a request for comment by Online Media Daily