RE: Children's online privacy. from Fred Andrews on 2012-11-07 (public-privacy@w3.org from October to December 2012)

From: Fred Andrews <fredandw@live.com>
Date: Wed, 7 Nov 2012 23:26:42 +0000
To: Mike O'Neill <michael.oneill@baycloud.com>, "public-privacy@w3.org" <public-privacy@w3.org>
Message-ID: <BLU002-W630FBA56FBCFFEC25D8E73AA6A0@phx.gbl>
Hi Mike,

The direction that Mozilla are taking, with web app. support, and app. markets, and the mozbrowser iframe, all appear to have some potential for addressing some of these privacy issues even though the work is not specifically targeted at this market.  For example, reputable and focused app. markets might emerge that cater to children's needs and impose sensible curated restrictions.  Packaged web apps could fit well within a 'download and run in a sandbox' model.  The mozbrowser iframe might support restricted browser implementations the could incorporate access lists.  For the children's market it may also be significant that Mozilla are targeting low end devices for Firefox OS.   I do not have any specific suggestions yet, but will keep exploring the possibilities.

cheers
Fred

From: michael.oneill@baycloud.com
To: public-privacy@w3.org
CC: fredandw@live.com
Date: Wed, 7 Nov 2012 11:30:20 +0000
Subject: RE: Children's online privacy.

Fred, I agree that child oriented UA s are needed, and this would tie in with a PUA remit by defining W3C recommended features. Also, the difficulty of assuming consent when the user is a child is another strong argument for privacy by default. I also think it would be a good idea to standardise capabilities to help parents restrict access to porn sites etc., either through blocking in a child oriented UA or (better) an explicit indication to websites of a child’s legal status (along with some future COPPA+ style legislation requiring websites to take notice). Mike From: Fred Andrews [mailto:fredandw@live.com] 
Sent: 07 November 2012 02:55
To: public-privacy@w3.org
Subject: Children's online privacy. Note sure if this has come up before but there is some interesting discussion about FTC rules relating to online privacy for children:

Here are the proposed changes:
http://ftc.gov/os/2012/08/120801copparule.pdf

NY Times article:
https://www.nytimes.com/2012/11/06/technology/silicon-valley-objects-to-online-privacy-rule-proposals-for-children.html

Slashdot
http://yro.slashdot.org/story/12/11/06/2239233/a-trail-of-clicks-culminating-in-conflict

Apple's response:
http://www.ftc.gov/os/comments/copparulereview2012/561789-00096-84317.pdf

IAB comments:
http://www.iab.net/media/file/IAB-Comments-COPPA-Rule-Review-16-CFR-Part-312-Project-No-P104503.pdf

ACT comments:
http://actonline.org/pressreleases/2012/09/26/ftc-taxes-apps-privacy-changes-result-in-quarter-billion-dollar-cost-to-education-app-developers/

The responses are interesting.  There is the 'show us the harm' tactic, the 'we don't control the platform' excuse, the 'damage to the economy' tactic, the 'destroy the market' tactic, the 'we have it all under control' tactic.  Sound familiar.

Part of my motivation for the PUA CG work is from seeing children today using what has become a spyware platform.  Most of the  web apps I see very young children using need no web access at all, apart from downloading their resources, and could well be run in a sandbox, avoiding many of the collection issues.  You see children being forced to sign up for email accounts just to download free apps (Windows 8 cough) and being channeled into using cloud storage.   What legacy is this to leave to the next generation?

I am quite hopeful that the PUA CG can deliver a platform that limits the UA monitoring in children's web applications.  I would like to let the FTC know that their concerns are not being ignored in the web platform, but my 'diplomatic' skills are a little challenged.

cheers
Fred
Received on Wednesday, 7 November 2012 23:27:13 UTC