In recent years, applications and online technology have increasingly been targeted at children. As a result of this child-focused technology, concerns have been raised about the privacy of the children using these products. Many of the producers of these technologies are small startups and therefore the discussion has remained rather minimal. However recently, a new product from Mattel has brought heightened interest to the topic of children’s privacy and technology. Mattel’s new “Hello Barbie” records the child’s words, transmits them to a cloud through the internet where it is then runs the recording through word recognition software and sends a tailored reply to the doll.1
This product, and similar technologies that collect information from children, has raised concerns about potential violations of the Children’s Online Privacy Protection Act.2 The act was passed in 2000 and requires organizations that collect this information to post prominent links on their websites that notifies parents of the information they wish to collect.3 The law also prohibits the collection of this information from children under the age of 13 without a parent’s consent.4 Obtainable verifiable parental consent in accordance with the law is rather onerous, allowing parents to consent through a variety of methods such as contacting trained personnel by calling a toll-free number, mailing in a consent form or paying with credit or debit card. 5 Parents are given the opportunity to review the information collected from their children and upon their request, the websites must delete the information.6
As with the Hello Barbie, privacy concerns have been raised with respect to the outpouring of educational applications flooding schools. Many of the programs record and analyze children’s responses to the material in order to customize the lessons to each student. The wide array of programs has made it difficult for administrators to control the use of the programs in classrooms and keep records of which applications are recording and storing information.7 Additionally, some of the programs expose schools to online security risks, with many districts experiencing data breaches that put students’ school records at risk.8
The information collection and data breaches are difficult to curtail because many of the applications are marketed directly to teachers, which allows them to circumvent federal privacy laws.9 Districts are still required to comply with COPPA as well as the Family Educational Rights and Privacy Act, but this legislation alone seems to leave school districts overexposed and consequently, they are left to deal with the issues on their own.( (Id.)) To deal with education specific privacy concerns, the Department of Education released a list of best-practice contract recommendations.( (Id.)) Unfortunately, it seems that these recommendations do little to address the privacy concerns that face school districts and parents across the country.
Ultimately, the ongoing concerns surrounding the Hello Barbie and educational technologies illustrate the need for additional legislation to better protect the privacy of children when using technology.
Alejandro Alba, Mattel’s talking Hello Barbie Doll Raises Concern Over Children’s Privacy, N.Y. Daily News (Mar. 16, 2014), http://www.nydailynews.com/news/national/mattel-barbie-raises-concern-children-privacy-article-1.2151019. ↩
16 C.F.R. § 312.5 ↩
Alan S. Gutternan, Business Transactions Solutions, Thomson Reuters, http://legalsolutions.thomsonreuters.com/law-products/WestlawNext/Business-Transactions-Solution-WestlawNext-PRO/p/100206115 (last visited Mar. 20, 2015). ↩
§ 16.17 Children’s Online Privacy Protection Act, SOITL S 16.17. ↩
Natasha Singer, Privacy Pitfalls as Education Apps Spread Haphazardly, N.Y. Times (Mar. 11, 2015), http://www.nytimes.com/2015/03/12/technology/learning-apps-outstrip-school-oversight-and-student-privacy-is-among-the-risks.html?_r=1. ↩