Udall: “We must prioritize protecting children in this increasingly online world”
Recent reports suggest thousands of mobile apps are illegally tracking kids’ online behavior
WASHINGTON – Today, U.S. Senator Tom Udall (D-N.M.) questioned leading data privacy advocates about legislative approaches to protecting consumers and safeguarding children’s privacy during a Senate Commerce Committee hearing titled “Consumer Data Privacy: Examining Lessons From the European Union’s General Data Protection Regulation and the California Consumer Privacy Act.” He questioned witnesses on the role large platforms should play in protecting children’s privacy online, and stressed the urgency of improving and modernizing the Children’s Online Privacy Protection Act (COPPA) to keep pace with rapidly evolving technologies.
Today’s hearing continued Udall’s ongoing efforts to champion strengthening consumer privacy rights. Last month, he pressed top officials from prominent technology companies and internet service providers directly about whether they were taking the appropriate steps to protect privacy rights for consumers, particularly for children, in New Mexico and across the country. In April, he advocated for stronger data privacy regulations to ensure that personal information wouldn’t be misused by internet companies.
In his opening statement, Udall pointed out the recent spate of privacy violations from major tech companies: “Since this committee held a hearing on how to protect consumer data two weeks ago, consumers have already been subjected to two extraordinary data breaches. Hackers accessed 50 million Facebook users -- although Facebook still does not know who the hackers are or which accounts were hacked. And Google just disclosed this week a security flaw that it discovered in March -- that affected hundreds of thousands of people using its Google+ social network.”
“It seems like hardly a week goes by that there aren’t new examples of how tech companies are just not doing enough to protect consumer privacy,” Udall continued. “As I stated in our last hearing, I’m particularly concerned about what this means for children. Parents often trust these platforms with their children’s information. As part of this privacy discussion, we must prioritize protecting children in this increasingly online world.”
While questioning the panel on best practices for ensuring compliance with COPPA, Udall asked: “A recent New York Times analysis found that both the Apple App Store and the Google Play Store have apps in their respective children’s or family sections that potentially violate COPPA. What specific role should platform owners play to ensure compliance on their platforms?”
In response, Alastair Mactaggart, Board Chair at Californians for Consumer Privacy, answered that compliance requires robust enforcement, and relying on platforms to police themselves is an exercise in futility: “In the hearing two weeks ago, the representative from Google said that they relied on the app developers to tell them whether or not it was a child directed app. And they relied on app developers to self-certify. This is a good example of the fact that you need really robust enforcement. It’s like… waiting [for you] to call the cops and tell them you’ve been speeding. It just doesn’t work, sir.”
Laura Moy, Executive Director and Adjunct Professor of Law at the Georgetown Law Center on Privacy & Technology, pointed to another gap in the law that should be fixed, saying: “There are incentives set up for those that have app stores to essentially have no knowledge of whether or not apps on their platform are directed to children.”
Recent reports have found that thousands of kids’ apps, including almost half of the nearly 6,000 free children’s Android apps in the Google Play Store, were violating COPPA by illegally tracking children’s online activities or sending children’s data to tracking companies. Additionally, in early September, New Mexico Attorney General Hector Balderas sued advertising platforms that develop Google Play Store apps for violating state and federal laws by collecting children’s data.