Originally created 07/25/99

Web-based companies gather info on kids



WASHINGTON -- Despite a new federal law, many World Wide Web sites for children, citing high costs and inadequate technology, make only cursory attempts to obtain parental consent before collecting personal data on children younger than 13, according to industry officials and a new survey.

Industry officials who met this week with Federal Trade Commission officials for a review of the Children's Online Privacy Protection Act said they would be hard pressed to ensure 100 percent success on parental consent.

Some large companies said the cost related to obtaining parental consent exceeds $2 per child, with mid-size companies reporting a yearly cost of $50,000 to $60,000. With most Web-based companies yet to make profits, industry officials said trying to ensure complete parental consent will only add to their losses.

"Hasty regulations might boomerang. What we want to do is change over time," said Jeff Richards, executive director of Internet Alliance, an industry association that includes America Online Inc., International Business Machines Corp. and Microsoft Corp.

A random survey of 75 children's Web sites by the Washington-based Center for Media Education (CME) found that while 95 percent collect personal information from children, nearly three quarters (73 percent) post no privacy policies. Less than 6 percent try to get parental consent, and only 3 percent actually use a consent-verifying system in line with the law's requirements.

The law requires Web sites to make "any reasonable effort, taking into account available technology."

"If we don't create ground rules, we will create a culture which invades children's privacy. And this invasion will become the norm," said CME President Kathryn Montgomery.

At stake is a $500 billion annual children's market -- purchases that children influence either directly or indirectly. An estimated 17 million children and teens, 8.6 million of whom are 2 to 12 years old, already use the Internet.

Online research company Jupiter Communications estimates that 38.5 million children and teens will be online in 2000, when their online spending is projected to rise tenfold to $1.3 billion, from $123 million this year.

"What companies are actually doing is building a database which will help them sell, not just to these kids, but also to their kids 10 or 15 years later," said Jason Catlett, president and chief executive of Junkbusters Corp., an outfit that helps curb "spam," or junk e-mail.

Companies can use this data internally and possibly sell it, along with other information such as addresses. The cost of buying one adult e-mail address could be as much as 22 cents to 30 cents.

To obtain parental permission, Web sites now use such mechanisms as e-mails, faxes, toll-free numbers and credit card verification. But site operators have no system of verifying a parent's actual or digital signature. Moreover, many parents may not have credit cards or be online.

An aggressive parental-consent program can annoy young users, who then may turn to other, unsuitable sites. Some Web sites report significant drops in traffic after they mandated parental consent.

"The goal is to allow parents control over what their kids give out online," said Lee Peeler, associate director of the FTC's bureau of consumer protection. "We need to (strike a) balance between parental consent and driving kids away from these sites to adult sites."