Safe . AM .’s Post

The Senate recently passed two bills aimed at enhancing online safety for children: 1) Kids Online Safety Act (KOSA) 2) Children’s and Teens’ Online Privacy Protection Act (COPPA 2.0) KOSA focuses on requiring social media companies to better protect users under 17, including features to limit harmful content, and COPPA 2.0 extends privacy protections and restricts targeted advertising for those under 17. Specifically, COPPA 2.0 would: 1) Build on COPPA by prohibiting internet companies from collecting personal information from users who are 13 to 16 years old without their consent;   2) Ban targeted advertising (defined as advertising directed to an individual based on personal information obtained from that individual or group of individuals) to children and teens;  3) Revise COPPA’s “actual knowledge” standard, covering platforms that are “reasonably likely to be used” by children and protecting users who are “reasonably likely to be” children or minors;  4) Create an “Eraser Button” for parents and kids by requiring companies to permit users to eliminate personal information from a child or teen when technologically feasible; 5) Establish a “Digital Marketing Bill of Rights for Teens” that limits the collection of personal information of teens; and 6) Establish a Youth Marketing and Privacy Division at the FTC. https://lnkd.in/dtJeUciU The bills will likely undergo scrutiny and possible amendments in the House, and even if they pass, they may face legal challenges from tech companies concerned about potential impacts on free speech and privacy.

🚨 Exciting News in Online Privacy for the US and coming to the EU & UK Very Soon! 🚨 US Senate passes COPPA 2.0. A groundbreaking bill aimed at strengthening online privacy protections for anyone under age 17. This bipartisan effort has: 🚫 Banned targeted advertising to kids and teens. 🔒 Enhanced privacy measures for children and teens. 🗑️ Introduced an eraser button, empowering parents and kids to delete personal information. In light of these new regulations, Crumbless AI technology, aligns perfectly with the goals of COPPA 2.0 by providing a safer, tracker-less, digital environment. By eliminating the need for tracking browser cookies, Crumbless AI ensures users can enjoy a personalised online experience by focusing on frame of mind without compromising their privacy. 🌐💪 #OnlinePrivacy #DigitalSafety #COPPA2.0 #CrumblessAI

Website operators are explicitly or implicitly required to honor "universal opt-out" signals such as Global Privacy Control that users can select in their browser. Such signals are mean to make privacy decisions easier for consumers (and for websites) by letting them set one control instead of navigating opt-out instructions on every site they visit. Plot twist: not all browsers provide a universal opt-out option within the browser itself. A proposed California law would close this gap, forcing both the website and browser sides of the equation to support universal opt-out. #privacy #smallbusiness

Interesting results in this paper! "Digital Advertising and Market Structure: Implications for Privacy Regulation" by Daniel Deisenroth, Utsav Manjeer, Zarak Sohail, Steven Tadelis, and Nils Wernerfelt "Digital advertising, which uses consumer data to target ads to users, now accounts for most of global ad expenditures. Privacy concerns have prompted regulations that restrict the use of personal data. To inform these policy debates, we develop an equilibrium model of advertising and market structure to analyze the impact of privacy regulation on market outcomes. We test the model’s predictions using the launch of Apple’s App Tracking Transparency feature" The results "are economically meaningful in magnitude and suggest potential harms to both firms and consumers from privacy regulation." https://lnkd.in/eudp_s9g 

A #classaction lawsuit alleging #privacy violations was filed on February 1, 2024 against the New England Patriots football 🏈 team by a Massachusetts resident -- Anthony Serra (on behalf of himself and all others similarly situated) -- in federal U.S. District Court for the District of Massachusetts. The suit alleges the team intentionally and knowingly track and monitor, without obtaining consent, users' website traffic on their mobile app (hereafter "App"), and then share user location and personal data with 3rd parties in violation of the federal Video Privacy Protection Act (#VPPA). More specifically, App users click on an ad or view a video which, without their knowledge, transmits via an intermediary application programming interface (#API) layer to third parties (e.g. Google and Rover Labs Inc | *note: not defendants in the suit) a user’s information, including exact geolocation coordinates, advertising IDs, and video content consumption. The API owner (e.g. Google) then retains the data for its own use (e.g. maximizing advertising revenue). It joins a spate of similar VPPA class action lawsuits filed in U.S. state and federal courts over the last two years. For instance, on Wednesday a class action lawsuit was filed in a Florida federal court by GolfPass subscribers against GolfNow and NBCUniversal claiming the companies, without consent, collect and share consumers’ personally identifiable information (#PII) with Meta via a back-end tracking tool -- Facebook's Meta pixel -- embedded into the GolfPass website, thereby violating the VPPA. Of note, the federal VPPA does provide an exception for digital service providers to share user data with third parties such as Google. The compliance mechanism enabling this exception, however, requires the platform to obtain consent to opt in from its users. Moreover, the consent standard must be "informed, written, and the user has to be given the opportunity, in a clear and conspicuous manner, to elect to withdraw on a case-by-case basis from ongoing disclosures." A number of VPPA lawsuits notably have not survived with the trend seemingly favoring defendants gaining early dismissals. Other VPPA claims reached out-of-court settlements, however. A class action lawsuit filed early in 2022, for example, alleged violation of the VPPA when the Boston Globe integrated the Meta pixel tracking functionality onto sections of their website. One year later the case settled for $5 million. Ironically, the Boston Globe lawsuit originated in the same Massachusetts courthouse as the claim against the Patriots. Copy of legal complaint courtesy of Duane Morris LLP: https://lnkd.in/eZSVgwdm *Note: Bloomberg Law article written by Christopher Brown blocked by paywall Quintel Intelligence #sportslaw #dataprivacy

From IAPP journalist Lexie White yesterday, a lovely article on the impact that universal [user] opt-out mechanisms (UOOM) are having under the #ColoradoPrivacyAct (#CPA). Browsers such as DuckDuckGo and Firefox, as well as select privacy add-ons, are helping consumers to avoid spam and marketing tracking, but are also presenting inverse challenges to business growth. ** https://lnkd.in/gB27FZFh ** #data #colorado #privacy #protection #legal #marketing #spam #browsers #tech

In our Science Magazine piece published last year (https://lnkd.in/dKvsPYNh), my co-authors and I emphasized the importance of using scientific insights when regulating children's exposure to and use of various digital platforms, such as for gaming, financial, and social purposes. We discussed the challenges in enforcing such regulations and highlighted the roles of relevant agencies, including the Federal Trade Commission (FTC), in effectively implementing these laws. Utilizing its power to protect children as consumers, something I have written about in the context of gamification of finance (https://lnkd.in/gbYpX3Vg) this week, the FTC has fined NGL Labs, the company behind the anonymous digital platform and messaging app NGL, as well as its founders $5 million, and banned the app from serving minors. The FTC and the Los Angeles District Attorney’s Office alleged that NGL Labs marketed the app to children, misled users into purchasing premium accounts, and made false claims about its AI moderation tool. The app also sent fake messages to users to encourage them to pay for a premium service that did not deliver on its promises. This first-of-its-kind ruling reflects the FTC’s commitment to enhancing children’s privacy protections and preventing cyberbullying. NGL co-founder Joao Figueiredo disputed some allegations but accepted the settlement to improve the app. The ruling may pave the way for further regulations on children’s online privacy!

When marketing goes wrong.

Have you heard the news? COPPA 2.0 is officially here! What exactly does this mean? In a nutshell, The Children and Teens’ Online Privacy Protection Act empowers parents with the additional tools to protect their children online, mandating consent for data collection, and banning targeted ads for those under 17 years old, which a stark shift from the former age restriction of under 13 years old. Ensure you’re in the know on this important legislation and learn more about all that COPPA 2.0 entails by clicking the link below: https://bit.ly/3LXcGVS Playwire is a KidSafe COPPA-certified partner, dedicated to brand safety. Stay tuned for more news about the recent COPPA 2.0 announcement and how it affects your ad monetization and marketing strategies! #COPPA2 #COPPA #BrandSafety #COPPACertified #AdMonetization

While attending the IAB Tech Lab's privacy event last month, I was struck by the countervailing forces pulling at the adtech industry as it looks to adapt to what IAB Tech Lab CEO Tony Katsur dubbed The Great Shift. The conference centered around Google's Privacy Sandbox, a set of technical proposals through which Chrome, the world's top browser, would be reforged into an advertising platform where data sharing is restricted by design. The Sandbox and what it means for the digital market embodies a new kind of regulatory 'normal' -- where competition authorities can referee privacy changes and privacy regulators influence market matters. Is this a bad thing? I'm not so sure. Privacy 𝘪𝘴 a set of negotiated tradeoffs. As I listened to panelists dissect the commercial and operational implications of these and broader privacy changes (e.g. 15+ US state privacy laws etc), it became harder to see this industry as merely self-regulated. At some point, a line from a Dr. Seuss book came to mind and inspired the theme of this recap blog. '𝘗𝘰𝘭𝘪𝘤𝘺𝘮𝘢𝘬𝘦𝘳𝘴 𝘮𝘦𝘢𝘯𝘵 𝘸𝘩𝘢𝘵 𝘵𝘩𝘦𝘺 𝘴𝘢𝘪𝘥 𝘢𝘯𝘥 𝘴𝘢𝘪𝘥 𝘸𝘩𝘢𝘵 𝘵𝘩𝘦𝘺 𝘮𝘦𝘢𝘯𝘵. 𝘈𝘥𝘵𝘦𝘤𝘩 𝘪𝘴 𝘳𝘦𝘨𝘶𝘭𝘢𝘵𝘦𝘥 𝘰𝘯𝘦-𝘩𝘶𝘯𝘥𝘳𝘦𝘥 𝘱𝘦𝘳𝘤𝘦𝘯𝘵.' #digitalprivacy #digitalgovernance Lucid Privacy Group