Major Telecom Carriers Raise COPPA Concerns

"In particular, AT&T is concerned that the Commission’s proposed expansion of the definition of the term ‘personal information’ to include geolocation data and persistent identifiers even in instances where such data are not associated with individually identifiable information is overly broad and unworkable, while doing little (or nothing) to further children’s online privacy beyond the current COPPA framework,” AT&T said. “Similarly, the Commission’s decision to jettison the ‘Email-plus’ or ’sliding scale’ mechanism for obtaining parental consent may well be premature. We do not believe that the removal of a widely-known and understood consent mechanism is the proper approach to stimulate innovation."

Getting rid of email-plus as a consent mechanism “is particularly unjustified when the Commission has not articulated any instances where the deployment of email-plus led to fraudulent consent,” AT&T said. “The elimination of the email-plus mechanism may in fact sow confusion in the market, especially where the proposed alternatives may be impractical or unworkable."

Verizon raised similar concerns in its filing. The FTC is wrong to treat “persistent identifiers,” without more details, as personal, and to add geolocation information that identifies a street name and city or town, but not an individual, to the definition of personal information, Verizon said. “These elements, standing alone, neither individually identify a person nor permit the physical or online contacting of a person -- which is what the statute requires before the Commission can modify the personal information definition,” Verizon said.

Also wrongheaded, Verizon said, is the FTC proposal to consider factors “such as musical content and the presence of child celebrities or celebrities who appeal to children,” when determining whether a site or service is directed to children. The proposal is counter to Congress’s intent in approving COPPA, the carrier said. “Congress has said that a site or service is directed to children when that site or service targets children,” Verizon said. “But the Commission’s proposal to consider the presence of musical content and child celebrities on a site appears to be based on the belief that those elements are strong indicators of a website’s ‘appeal’ to children. The test is not whether elements on a particular site appeal to children; rather, the test, as Congress has defined it, is whether a site targets children.”

Proposed amendments to the COPPA rule “must strike an appropriate balance” between the goal of protecting children’s online privacy and making sure carriers and other industry players “are not unnecessarily burdened with new obligations that substantially undermine technological innovation and restrict choices and raise costs for consumers,” CTIA said. CTIA said the definition of personal information needs to be further clarified by the FTC. “CTIA is particularly concerned that the Commission may have exceeded its statutory authority with respect to expanding the definition of personal information to include stand-alone identifiers,” the group said. The proposed definition may lead to “unintended consequences, particularly with respect to geolocation information; the proposed stand-alone list of identifiers; the expanded list of multimedia … ; the internal operations exemption; and the role of multiple Operators,” CTIA said. The proposed new definition of “collect or collection” also should be “reevaluated to ensure that the final rule is narrowly tailored so as to not stifle nascent technological and product innovations,” CTIA said.