Xanga, a social networking site with 25 million registered members, has been ordered by the Federal Trade Commission, which regulates the Children’s Online Privacy Protection Act (COPPA), to pay a $1 million fine for violating COPPA.
What Xanga did wrong was this: they said that children under 13 could not register, but they allowed children under 13 to register. Xanga CEO John Hiler claimed that many of the 1.7 million “under 13″ birth dates may have actually referred to pet birthdays, engagement dates and “born-again” dates for religious bloggers. This explanation might help with some of the bad PR, but COPPA is pretty black and white on the issue.
Like so many COPPA issues, it all comes down to the registration interface.
Ok, maybe that’s not so simple, in part because all those kids who get deleted are going to be angry. The only responsible reaction is to create a parental consent system for the kids. The effect would be similar, because signed parental consent is a huge barrier, but it’s better than saying “you’re too young” to an entire segment of your membership.
Ok, let’s take a look at Xanga’s registration and see what their new Chief Safety Officer has done.
Ok, so I just tried to sign up as a 10 year old, and I got this error message: “Sorry! Based on the information you provided, you are not eligible to register for a new account.” So far so good. And now I changed my age to 34 and tried again, and I got the same message. Kudos, Xanga.
If I remember correctly, that particular mechanism isn’t mandated by COPPA but rather recommeded highly by the Children’s Advertising Review Unit (CARU), which among many other things is a top COPPA watchdog.
Yeah, instead of playing World of Warcraft on a Sunday night I’m blogging about COPPA. Sue me.