Viacom, Mattel, Hasbro, And JumpStart Violated Children’s Online Privacy Protection Act By Allowing Illegal Third-Party Tracking Technology At Websites For Barbie, Nick Jr., My Little Pony, American Girl, Hot Wheels, And Dozens Of Others
Companies Agree To Pay Penalties Totaling $835,000, Adopt Comprehensive Reforms To Protect Children From Improper Tracking
“As a founding member of the IDESG, PRIVO understands the level of commitment, subject matter expertise and vision required to bring the Registry to life,” said PRIVO Co-founder and CEO Denise Tayloe. “We are very proud to be one of the first services to hold ourselves accountable to the IDEF requirements that support a privacy-preserving, interoperable, secure, easy-to-use credential for families we serve, in order to protect and enable young users to engage and transact online.”
Children growing up in post-1950s America have been raised with the mantra, “Don’t talk to strangers.”
But digital age kids need to know much more than the traditional perils of taking candy from someone they don’t know. The Internet has made it tricky to protect the identities of children, and this creates real dangers that extend from the online to offline world.
CREATING A MINORS TRUST FRAMEWORK
Privacy Vaults Online Inc., or PRIVO, an identity and consent service provider, has been working on an initiative to help parents and companies gain a better understanding of COPPA. “There’s rampant noncompliance,” says Denise Tayloe, president and CEO of PRIVO. “Companies either don’t understand it all, or they do understand it and they think they can fly under the radar.”
Its PRIVO iD is an online identity credential for families based on a trust model called the Minors Trust Framework. PRIVO has been developing that framework through a grant from the National Strategy for Trusted Identities in Cyberspace (NSTIC), a White House initiative that aims to support collaboration between the private sector, public advocacy groups and public-sector agencies.
In working to support the White House’s National Strategy for Trusted Identity in Cyberspace (NSTIC) initiative, PRIVO has developed the Kid’s Privacy Manifesto, a set of online privacy best practices that parents should expect and even demand from online service providers.
Privacy Vaults Online, Inc. (PRIVO) certifies client compliance with regulations related to children’s privacy. The company delivers services for registration and parental permission management.
PRIVO was awarded $3.2 million in 2013 to pilot tools for keeping failies safe online and helping service providers comply with the Children’s Online Privacy Protection Act (COPPA). The end goal is a solution that provides families with COPP-compliant, secure credentials.
The Childrens Online Privacy Protection Act (COPPA), first enacted by the Federal Trade Commission in 1998, requires websites to get parents’ consent before collecting any personal information from kids under age 13. Because of the cost and hassle of complying with COPPA, many websites just block kids from using them altogether.
Enter PRIVO, an online credentialing service based in McLean. Until now, PRIVO has sold its service to businesses that want to better navigate COPPA. Now, the company is rolling out a beta version of its service that will allow parents to create a PRIVO iD directly. Kids can use that ID to access any number of websites that support PRIVO, just as an adult might use her Google account to log in to Pinterest or another third-party site.
“We’re a trusted third-party service that handles children’s identification and parents’ authorization online,” Denise Tayloe, president and CEO of PRIVO, says. The company is also part of the safe harbor program, which means it works with companies, even ones that don’t use PRIVO’s credentialing system, to stay in compliance with COPPA.
Right now, businesses use PRIVO to verify that kids actually have their parents’ permission to be active on their websites and mobile apps. Tayloe counts NASA and Moshi Monsters among her current roster of clients.
“Kids are being marginalized,” says Tayloe. “They can’t get to services that are being marketed to them. Many parents don’t even know there’s a law [COPPA]. Kids know that there is a law, but they don’t know what it is.”
PRIVO’s online ID service to parents by mid-April. PRIVO will also be raising a $10 million Series B round in the spring. The company previously raised $1.8 million in 2014 and $750,000 in 2013; they currently employ 11 full-time and have 8 full-time contractors on staff. “We’re looking for global partners, both strategic and venture,” she says.
Click here to see the article
A problem solver knows the correct balance for the given situation and can address a topic from multiple viewpoints. With something like COPPA compliance, there are multiple parties involved such as businesses, parents and kids. It’s important to understand the respective needs of everyone. By being a problem solver I’ve been able to lead sides to equitable solutions. Everyone is happy and it works!
How has your previous employment experience aided your tenure at PRIVO?
As a previous accounting auditor, I know numbers. Understanding numbers and how they work in business I feel, has given me a huge advantage over most entrepreneurs. When first founding PRIVO with my brother, we created our own business plan, revenue schedule and capitalization tables internally, so I know my company from the inside out.
Being an auditor also drew on my natural instinct to know all the details. Knowing the details of the COPPA regulation so intimately puts me in a unique category in the Privacy and Identity protection industry. Having been in this industry since the very beginning, I’m proud to say that PRIVO is becoming the yardstick by which others are measured.
Click here to read the full article.
Let’s face it, it is not difficult to circumvent age-restricted websites by lying about your age, which somehow my neighbor’s one-month-old girl has managed to do on Facebook. I have never seen so many baby selfies.
Children using the Internet and engaging online is a good thing, in my opinion, because exposing children to technology, especially the importance of understanding how it works, is an incredibly important skill for them to learn and master. It is also very dangerous for innocent young children who are subject to predators online, but also for legitimate businesses trying to operate ethically but not recognizing that they might be attracting young eyes to their websites.
Federal legislation to protect children online, called COPPA, or Children’s Online Privacy Protection Act, was passed in 1998. It is fairly strict though straightforward, and as industries and advertisers continue to evolve, especially in the area of how to attract, interact with and monetize young online consumers, understanding the impact of COPPA on your business is crucial.
I struck a conversation with widely-cited online privacy expert, Denise G. Tayloe, the co-founder and CEO of PRIVO, an FTC-approved, neutral third-party COPPA Safe Harbor and identity and consent service provider and consultancy firm. I asked her to share tips for entrepreneurs and business managers who are looking to stay compliant with COPPA.
Click here to read full article.
The new tools include a discovery platform and a simplified online registration solution, called the PRIVO iD, that provides safe interoperable sign-on credentials across apps, sites and games. The tools make it easier for parents to navigate and manage across a host of participating top trafficked sites including Toca Boca, Elf on the Shelf, A+E Networks (Planet H), Outfit 7, Garfield (Paws Inc.) and many others.
PRIVO’s Directory is a comprehensive listing of hundreds of online sites, mobile apps, and partner profiles where parents can view thorough descriptions of services, privacy policies, and information on member companies – like Moshi Monsters, Houston Texans Toro Kids Club, Rocket 21, Marked Private and others. The Directory enables parents to make educated choices on which online services to pre-approve their kids’ access by utilizing the PRIVO iD.
“Our personal information is something we should be able to share on our own terms with choice,” said Denise G. Tayloe, CEO and co-founder of PRIVO. “Creating a safe online environment that respects and protects child privacy is a top priority for so many parents and businesses. By pioneering custom tools like the Directory and PRIVO iD, PRIVO is making that experience easy, simple and safe for parents and companies alike.”
“As a government agency built on engaging with today’s youth and tomorrow’s leaders, protecting children’s online privacy is a top priority for NASA,” says Nona Cheeks, chief of innovation partnerships programs (ITTPO) at NASA Goddard Space Flight Center. “We are excited to be participating in PRIVO’s directory as a means to engage safely with our youth community.”
Click here to read the full press release.
September 19, 2014 – PRIVO becomes Cyber Security Awareness Month Champion PRIVO today announced that it has become a Champion of National Cyber Security Awareness Month (NCSAM) 2014, joining a growing global effort among colleges and universities, businesses, government agencies, associations and non-profit organizations to promote online safety awareness. Celebrated every October, National Cyber Security Awareness Month was created as a collaborative effort between government and industry to ensure everyone has the resources needed to stay safer and more secure online.As an official Champion, PRIVO recognizes its commitment to cybersecurity and online safety. Coordinated and led by the National Cyber Security Alliance (NCSA) and the Department of Homeland Security, NCSAM has grown exponentially since its inception, reaching consumers, small and medium-sized businesses, corporations, educational institutions and young people across the nation and internationally. This year marks the 11th year of NCSAM. For more information about National Cyber Security Awareness Month and how to participate in NCSAM activities, visit http://www.staysafeonline.org/ncsam. You can also follow and use the #NCSAM hashtag on Twitter throughout the month.
OutFit7 shows support for PRIVO’s Online Privacy Matters Campaign with press release. OutFit7 – On April 18, 2014, Outfit7 is cooperating with PRIVO in its Online Privacy Matters campaign, which aims to protect minors and their families’ identities online. “As a leading entertainment company operating in the digital space, and a family-orientated business which aims to protect users’ identities and foster a safe environment online, we are proud to support PRIVO’s Online Privacy Matters campaign,” said Iza Login, Co-Founder and Deputy CEO of Outfit7. Please visit the OutFit7 website for the full release – http://outfit7.com/press-releases/.
Denise Tayloe, PRIVO’s CEO & President, was selected to speak at the ID360 Conference about the Minor’s Trust Framework. Austin, Texas – On April 9-10, 2014, The Center for Identity will host the third annual ID360 at The University of Texas at Austin, bringing together thought leaders from every angle of identity management including researchers, industry leaders, policy makers and technologists. This year’s forum will also feature the announcement of a new partnership between the Center for Identity and the State of Texas on Thursday, April 10. Data storage, mobile threats, security breaches, and growing concerns among consumers are the focus of the third annual ID360 Global Forum on Identity. The security breach at Target, among others, and concerns over government surveillance put identity management and protection in the national headlines. With this year’s theme: “Identity: Cradle to Grave,” ID360 will tackle the management of identity theft, fraud, and privacy over the lifetime of individuals, businesses, and devices. ID360 will feature executives and senior staff from the AARP, CSID, Gemalto, HID Global, IBM, LexisNexis, Lifelock, MorphoTrust, National Institute for Standards and Technology, NYC Bureau of Vital Statistics, TransUnion, U.S. Secret Service, U.S. Federal Bureau of Investigation, U.S. Department of Justice, PRIVO and others. The conference agenda can be viewed here. The conference will take place April 9 and 10 at the AT&T Executive Education and Conference Center in Austin, Texas. For more information or to register, please visit identity.utexas.edu/id360. https://identity.utexas.edu/interact/news
February 20, 2014- Digital Kids Conference a “Hot Spot” at Toy Fair, 2014 New York, NY: Tech guru’s, app designers, intellectual property attorneys, industry leaders and world class virtual world internet architects such as “Dubit” created a “Hot Spot” at the 2014, American International Toy Fair at Javits Center this past week in New York City. Top of the list of priorities in the cyber world are companies that protect the privacy of children such as Privo. PRIVO – Privacy Vaults Online, Inc., is a FTC-approved, safe harbor who works with app developers, websites and other online services to make sure their existing or proposed properties are compliant with COPPA (The Children’s Online Privacy Protection Act), in addition to providing a Single Sign On (SSO) service through the Global K[id]™ Network allowing families and educators to easily and securely sign into and manage consent to their favorite sites, apps and games across the internet that are certified COPPA compliant. PRIVO has many years of being in the trenches to provide expert, yet realistic advice to help your online property grow and prosper while adhering to COPPA. Click here to read the full press release
Collecting kids’ data online is a sticky problem for Internet companies, which are required to obtain consent from parents first. One company is trying to make the process easier, thanks to a $3.2 million federal grant — but children’s privacy watchdogs say kids’ data shouldn’t be turned over at all.
For online companies and services, getting parental consent to collect data from kids under 13 isn’t just good practice. It’s the law. Congress passed the Children’s Online Privacy Protection Act (COPPA) in 2001, and the Federal Trade Commission updated those rules last summer. In short: Kids under 13 can’t grant permission for companies to collect their information. If you run a site or other online service that wants to collect personal information from a child under 13 — or you own a site aimed at children — you need parental consent before taking any data.
The rules apply to lots of personal information you might expect, like a child’s full name or an email address. But it also includes other data, such as IP addresses or website tracking cookies, that can be used to identify a user over time and across the Web. Protecting children’s privacy is a worthy goal, but it’s currently a complex process for both parents and companies.
Privacy Vaults Online, known as PRIVO, wants to fix that problem with a single system that solves two problems: verify parents’ identities for companies looking to get consent for children’s data, and create a one-stop shop to review those companies’ requests. PRIVO received the grant last fall and announced its plan this week, which includes partnering with Verizon for identity confirmation and other technical needs.
“Basically, even if you’re just trying to send the kid a newsletter, you might need to tell Mom,” said PRIVO CEO Denise Tayloe. “It can get really complicated and confusing, and we’re trying to streamline that process,”
Click here to read the full article
January 29, 2014- Verizon Teams With PRIVO to Enable Identity Pilot to Protect Online Activities of Millions of Children NEW YORK and McLEAN, Va. – Privacy Vaults Online Inc., known as PRIVO, has assembled a team of leading technology and identity companies and government agencies, including Verizon Enterprise Solutions, to enable a pilot program aimed at safeguarding the online activities and personal information of children. The program will be funded by a two-year federal grant valued up to $3.2 million. Under the pilot, PRIVO will establish the Minors Trust Framework, a collection of policies and online tools that provides parents more control over the online activities of their children and helps businesses address the requirements of the Children’s Online Privacy Protection Act of 1998, or COPPA. Verizon’s cloud and identity management technologies will help enable the framework, which will support the use of privacy-enhancing login credentials by families, teachers and businesses. The online identity credentials – delivered through Verizon’s Universal Identity Services – will indicate parental consent, helping to reduce the capture of sensitive information about a child, and enabling easier, more secure online access to digital content from computers, gaming consoles and mobile devices such as smartphones and tablets. In addition, PRIVO will help parents authorize and monitor their child’s use of specific content and applications through an easy-to-use portal, while reducing the number of user-name and password combinations a family must manage. PRIVO expects 1 million credentials to be issued under the Minors Trust Framework by the end of 2014, with a total of 10 million by the pilot’s end in 2015. Click here to read the full press release
Coordinated and led by the National Cyber Security Alliance (NCSA), Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. The day, January 28, commemorates the 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.
For more information about Data Privacy Day, the DPD Champions program, and how to participate in DPD activities, visit http://www.staysafeonline.org/data-privacy-day/. You can also follow Data Privacy Day on Twitter at @DataPrivacyDay and the hashtag #DPD2014. Data Privacy Day updates and privacy tips are also available on Facebook at https://www.facebook.com/DataPrivacyNCSA
October 17, 2013 – Facebook changes privacy settings for teens Facebook is relaxing its rules for teenagers. The 13- to 17-year-old set now has the option to share photos, updates and comments with the general public on Facebook. That means strangers, and companies collecting data for advertisers and marketing companies, will be able to see select posts. Strangers will also be able to “follow” teens they don’t know and see their public posts in the main news feed. The changes will take effect immediately, the company announced… Click here to see more.
October 1, 2013 – Episode 113: NSTIC pilot winner PRIVO PRIVO – Privacy Vaults Online Inc. – was established to enable web sites to comply with COPPA – the Children’s Online Privacy Protection Act. Denise Tayloe, co-founder and CEO of PRIVO, spoke with Regarding ID’s Gina Jordan about the pilot award for the National Strategy for Trusted Identities in Cyberspace. Click here to see more.
September 17, 2013 – NIST Awards Grant to PRIVO to Improve Online Security and Privacy The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) today announced more than $7 million in grants to support the National Strategy for Trusted Identities in Cyberspace (NSTIC). The funding will enable five U.S. organizations to develop pilot identity protection and verification systems that offer consumers more privacy, security and convenience online. These new pilots build on the successful launch of five NSTIC pilots awarded in 2012. Click here for more.