Friday, September 15, 2006

FTC Slaps Xanga with Largest Ever COPPA Fine

When a website knowingly violates kid's privacy
by taking their personal information illegally
and without parental consent, that act is a
violation of the federal law known as COPPA.


FTC-Slaps-Xanga-with-Largest-Ever-COPPA-Fine audio post - click to play
It also is a form of identity theft when you
use the unauthorized information collected on
kids to earn a profit.

Well, that is exactly what Xanga.com did over a
5 year period by knowingly accumulating and
disclosing the personal profile information
of 1,700,000 (million) kids to anyone with
access. That access, not just limited to
Xanga.com members, also included anyone who
conducted searches through Google and Yahoo.

Children’s Online Privacy Protection Rule,
otherwise
known by it's acronymn (COPPA)
protects the privacy
of children under the
age of 13. It also requires
any commercial
website to provide clear disclosure
to this
effect and parental consent being required.


But, not just disclosure and consent - actual controls
to insure under age kids are not registering
anyway
.

What got Xanga.com the largest fine ever issued by
the FTC for COPPA violations was the fact the owners
evidently knew their website would allow kids to
register - even after providing the required birthdate
entry field.

In practical terms, Xanga had a lock on their front door,
but never used it to keep out kids 13 and under.

Why?

Because in this instance Xanga was the identity thief.
The value of 1.7 million under age members
evidently
outweighed any fine deterrence to
this point.


However, the FTC made a striking point of dispelling
that myth as the $1,000,000 fine they slapped against
Xanga.com and their primary owners was 2x any
previous
fine assessed. And, 60% of that total fine
is due within 5 days of the Xanga owners signing the
consent decree with the federal government.

I can say from personal experience consulting with a
major artist & entertainment portal in 1999, COPPA was
and still is a major concern in operational procedures
being above reproach. That company went to great lengths
and considerable expense to eliminate any doubt the data
they possessed could be considered "tainted" and thus in
violation of COPPA.

I personally saw them walk away from an over 400,000
customer database worth tens of millions of dollars in
revenue solely for the reason they could not verify
those names were valid for use under the COPPA
law
.

Xanga.com, in contrast, perpetrated the worst and opposite
extreme. They knowingly collected, trafficked, & made
available the personal identities of innocent children
the law known as COPPA is designed to protect.

So, our tip for today is simple and direct. If you have
children under the age of 13, they must have your explicit
consent to provide their personal identifying information
to a commercial website. Furthermore, if your children 13
and under are members of Xanga.com or any of the other
major social networking sites like MySpace.com or
Facebook
, they have put themselves and those sites at risk
with COPPA - not to mention the child predators who use
identity theft collection techniques to hunt down their victims.

For those instances, you can simply delete your child's account.
Also, use these convenient links to remove your child's Xanga
personal information from Google or Yahoo.

4 Comments:

At 6:39 AM, Anonymous Anonymous said...

Serves them right getting that huge fine.

As a parent of 3 kids all age 13 or less, it makes me really angry they even were allowed to get by for so long stealing all those identities.

Why isn't someone checking these companies to catch this behavior sooner?

 
At 12:14 AM, Blogger agent99 said...

Anonymous:

You raise an excellent point of "why isn't someone checking these companies....?"

The FTC is likely the closest entity we have in America to a being the "watch dog" you refer to.

However, the harsh reality of identity theft legislation and enforcement is one of money.

The real money, for now, is on the side of business.
Lawmakers need money and lot's of it to get elected and stay elected. So, even so called independent "watch dog" agencies like the FTC find themselves in the peculiar position of having to placate American businesses for political and economical reasons which sometimes may preclude them from making the type of lasting impact you suggest with your question.

However, on the plus side for the FTC, the current chairman herself was an identity theft victim a few years ago with DSW. So, every six months or so it seems we get a high profile company made an example of to keep the general public's faith in the system.

DSW ID Theft Fine


But, the real identity theft fighting force in America appears to not be the FTC, but rather the individual state attorney generals.

Especially the 20 - 30 who've lead the charge in securing mandatory breach disclosure and credit freeze laws for their citizens....often times in the face of fierce lobbying efforts from the financial services and data brokerage industries.

Congressman Attempts to Dismantle 22 States Tougher Identity Theft Laws

With all of that said, the best thing we can share with you is to take personal responsibility over your own data wherever possible.

Adopt a practice of denying unnecessary exposure of your name by opting out.

Axciom Marketing List Opt-Out

Credit Prescreen Marketing List Opt-Out


Also, practice early detection of suspicious activity with your credit and banking accounts.

Get a Burgular Alarm for your Credit

Plus, most people we first encounter have not the faintest idea there are literally well over 400 other databases your personal information could be contained within and just waiting for an identity thief to harvest. Even worse,
because these personal information databases are not well known, the identity theft can remain hidden against you for months - even years.

That's why we advocate you to check out your public information profile for any criminal warrants or tax liens outstanding against your good name.

Why your Public Information is Golden - To an Identity Thief

Major Reasons to Know What Minor Blacklists Have on You

Finally, just practice simple steps like cross cut shredding your old bank statements or installing a lockable mail box can make a world of difference in not being an easy mark to the often times identity theft crimes of opportunity.

 
At 12:23 AM, Blogger agent99 said...

By the way, all of those comments as well as mostly this entire web site blog is focused on identity theft prevention tips for one simple reason.

Id Theft Secrets About Us

We were identity theft victims ourselves and uncovered many of these items in the course of fighting back against credit fraud.

So, if we can help at least 1 other person from the financial and emotional ravages from identity theft and credit fraud, we've achieved our mission.

Id Theft Secrets Mission

Let us know how we're doing by leaving a comment anytime one of our articles or podcasts really resonated with you.

 
At 12:12 PM, Anonymous Anonymous said...

Thanks alot Agent 99 for all of this great information and especially for identity theft and anti-stalking defense tips for our children.

I wanted to let you in a small success story since I read your article and the need for detection even though it may be a bit off topic for classic identity theft.

My wife and I discovered our 13 year old son had secretly opened up a Myspace.com site this past summer.

How we found out by it was one of his teachers called us Thursday explaining our son's Myspace.com page had someone who had posted disparaging remarks about another instructor at his school.

While our son I was not the person who made the remarks, someone else did and thus his identity was revealed as the "guilt by association".

The odd twist in this affair was that our son did not open up his own free standing account on Myspace, but rather was able to open up an sub account as what I would call an affiliate of the actual Myspace member.

As my husband and I understand it kind of a back door way to evidently skirt around COPPA.

Anyway, his identity was revealed and needless to say we've shut down that Myspace.com site.

Thank you so much again for your help.

I'm sure other mothers out there would find your tips helpful in not only protection from identity theft but also from kid stalkers and teenage pranksters using someone elses "borrowed" identity.

 

Post a Comment

<< Home