Press Releases

Press Statement, Center for Digital Democracy (CDD) and Campaign for a Commercial-Free Childhood (CCFC), 12-14-20 Today, the Federal Trade Commission announced (link is external) it will use its to 6(b) authority to launch a major new study into the data collection practices of nine major tech platforms and companies: ByteDance (TikTok), Amazon, Discord, Facebook, Reddit, Snap, Twitter, WhatsApp and YouTube. The Commission’s study includes a section on children and teens. In December, 2019, the Campaign for a Commercial-Free Childhood (CCFC), Center for Digital Democracy (CDD) and their attorneys at Georgetown Law’s Institute for Public Representation urged the Commission to use its 6(b) authority to better understand how tech companies collect and use data from children. Twenty-seven consumer and child advocacy organizations joined that request. Below are statements from CDD and CCFC on today’s announcement. Josh Golin, Executive Director, CCFC: “We are extremely pleased that the FTC will be taking a hard look at how platforms like TikTok, Snap, and YouTube collect and use young people’s data. These 6(b) studies will provide a much-needed window into the opaque data practices that have a profound impact on young people’s wellbeing. This much-needed study will not only provide critical public education, but lay the groundwork for evidence-based policies that protect young people’s privacy and vulnerabilities when they use online services to connect, learn, and play.” Jeff Chester, Executive Director, CDD: "The FTC is finally holding the social media and online video giants accountable, by requiring leading companies to reveal how they stealthily gather and use information that impacts our privacy and autonomy. It is especially important the commission is concerned about also protecting teens— who are the targets of a sophisticated and pervasive marketing system designed to influence their behaviors for monetization purposes." For questions, please contact: jeff@democraticmedia.org (link sends e-mail) See also: https://www.markey.senate.gov/news/press-releases/senator-markey-stateme... (link is external)

For Immediate Release September 24, 2020 Contact: Jeff Chester (202-494-7100) jeff@democraticmedia.org (link sends e-mail) A Step Backwards for Consumer Privacy: Why Californians Should Vote No on Proposition 24 Ventura, CA, and Washington, DC: The Center for Digital Democracy (CDD) announced today its opposition to the California Privacy Rights Act (CPRA), also known as Proposition 24, which will appear on the November 2020 California general election ballot. Prop 24 does not sufficiently strengthen Californians’ privacy and may, in fact, set a new lower and thus more dangerous standard for privacy protection in the U.S., according to its analyses. “We need strong and bold privacy legislation, not weaker standards and tinkering at the margins,” declared CDD Policy Director Katharina Kopp. “Prop 24 fails to significantly limit data uses that undermine our privacy, increase corporate manipulation and exploitation, and exacerbate racial and economic inequality. This initiative allows the much more powerful companies to set unfair terms by default. It also condones pay-for-privacy schemes, where corporations would be allowed to charge a premium (or eliminate a discount) in exchange for privacy. These schemes tend to hurt the already disadvantaged the most,” she explained. CDD intends to work with allies from the consumer and privacy communities to inform voters about Prop 24 and how best to protect their privacy. The Center for Digital Democracy is a leading nonprofit organization focused on empowering and protecting the rights of the public in the digital era.

FOR IMMEDIATE RELEASE Contacts: Susan Grant (link sends e-mail), CFA, 202-939-1003 May 5, 2020 Katharina Kopp (link sends e-mail), CDD, 202-836 4621 White House Must Act To protect privacy and ensure equity in responding to COVID-19 pandemic Groups Tell Pence to Set Standards to Guide Government and Public-Private Partnership Data Practices and Technology Use Washington, D.C. – Today, 15 leading consumer, privacy, civil and digital rights organizations called on the federal government (link is external) to set guidelines to protect individuals’ privacy, ensure equity in the treatment of individuals and communities, and communicate clearly about public health objectives in responding to the COVID-19 pandemic. In a letter to Vice President Michael R. Pence, who leads the Coronavirus Task Force, the groups said that the proper use of technology and data have the potential to provide important public health benefits, but must incorporate privacy and security, as well as safeguards against discrimination and violations of civil and other rights. Developing a process to assess how effective technology and other tools will be to achieve the desired public health objectives is also vitally important, the groups said. The letter (link is external) was signed by the Campaign for a Commercial Free Childhood, Center for Democracy & Technology, Center for Digital Democracy, Constitutional Alliance, Consumer Action, Consumer Federation of America, Electronic Privacy Information Center (EPIC), Media Alliance, MediaJustice, Oakland Privacy, Parent Coalition for Student Privacy, Privacy Rights Clearinghouse, Public Citizen, Public Knowledge, and Rights x Tech. “A headlong rush into technological solutions without carefully considering how well they work and whether they could undermine fundamental American values such as privacy, equity, and fairness would be a mistake,” said Susan Grant, Director of Consumer Protection and Privacy at the Consumer Federation of America. “Fostering public trust and confidence in the programs that are implemented to combat COVID-19 is crucial to their overall success.” “Measures to contain the deadly spread of COVID-19 must be effective and protect those most exposed. History has taught us that the deployment of technologies is often driven by forces that tend to risk privacy, undermine fairness and equity, and place our civil rights in peril. The White House Task Force must work with privacy, consumer and civil rights groups, and other experts, to ensure that the efforts to limit the spread of the virus truly protect our interests,” said Katharina Kopp, Director of Policy, Center for Digital Democracy. In addition to concerns about government plans that are being developed to address the pandemic, such as using technology for contact tracing, the groups noted the need to ensure that private-sector partnerships incorporate comprehensive privacy and security standards. The letter outlines 11 principles that should form the basis for standards that government agencies and the private sector can follow: Set science-based, public health objectives to address the pandemic. Then design the programs and consider what tools, including technology, might be most efficacious and helpful to meet those objectives. Assess how technology and other tools meet key criteria. This should be done before deployment when possible and consistent with public health demands, and on an ongoing basis. Questions should include: Can they be shown to be effective for their intended purposes? Can they be used without infringing on privacy? Can they be used without unfairly disadvantaging individuals or communities? Are there other alternatives that would help meet the objectives well without potentially negative consequences? Use of technologies and tools that are ineffective or raise privacy or other societal concerns should be discontinued promptly. Protect against bias and address inequities in technology access. In many cases, communities already disproportionately impacted by COVID-19 may lack access to technology, or not be fairly represented in data sets. Any use of digital tools must ensure that nobody is left behind. Set clear guidelines for how technology and other tools will be used. These should be aimed at ensuring that they will serve the public health objective while safeguarding privacy and other societal values. Public and private partners should be required to adhere to those guidelines, and the guidelines should be readily available to the public. Ensure that programs such as technology-assisted contact tracing are voluntary. Individual participation should be based on informed, affirmative consent, not coercion. Only collect individuals’ personal information needed for the public health objective. No other personal information should be collected in testing, contact tracing, and public information portals. Do not use or share individuals’ personal information for any other purposes. It is important to avoid “mission creep” and to prevent use for purposes unrelated to the pandemic such as for advertising, law enforcement, or for reputation management in non-public health settings. Secure individuals’ personal information from unauthorized access and use. Information collected from testing, contact tracing and information portals may be very revealing, even if it is not “health” information, and security breaches would severely damage public trust. Retain individuals’ personal information only for as long as it is needed. When it is no longer required for the public health objective, the information should be safely disposed of. Be transparent about data collection and use. Before their personal information is collected, individuals should be informed about what data is needed, the specific purposes for which the data will be used, and what rights they have over what’s been collected about them. Provide accountability. There must be systems in place to ensure that these principles are followed and to hold responsible parties accountable. In addition, individuals should have clear means to ask questions, make complaints, and seek recourse in connection with the handling of their personal information. The groups asked Vice President Pence for a meeting to discuss their concerns and suggested that the Coronavirus Task Force immediately create an interdisciplinary advisory committee comprised of experts from public health, data security, privacy, social science, and civil society to help develop effective standards. The Consumer Federation of America (link is external) is a nonprofit association of more than 250 consumer groups that was founded in 1968 to advance the consumer interest through research, advocacy, and education. The Center for Digital Democracy (CDD) is recognized as one of the leading NGOs organizations promoting privacy and consumer protection, fairness and data justice in the digital age. Since its founding in 2001 (and prior to that through its predecessor organization, the Center for Media Education), CDD has been at the forefront of research, public education, and advocacy.

Contact: Jeffrey Chester, CDD, jeff@democraticmedia.org (link sends e-mail), 202-494-7100 Josh Golin, CCFC, josh@commercialfreechildhood.org (link sends e-mail), 339-970-4240 Children’s privacy advocates call on FTC to require Google, Disney, other leading companies to disclose how they gather and use data to target kids and families Threats to young people from digital marketing and data collection are heightened by home schooling and increased video and mobile streaming in response to COVID-19 WASHINGTON, DC and BOSTON, MA – March 26, 2020 – With children and families even more dependent on digital media during the COVID-19 crisis, the Campaign for a Commercial-Free Childhood (CCFC) and the Center for Digital Democracy (CDD) called on the Federal Trade Commission (FTC) to require leading digital media companies to turn over information on how they target kids, including the data they collect. In a letter to the FTC, the advocates proposed a series of questions to shed light on the array of opaque data collection and digital marketing practices which the tech companies employ to target kids. The letter includes a proposed list of numerous digital media and marketing companies and edtech companies that should be the targets of the FTC’s investigation—among them are Google, Zoom, Disney, Comcast, AT&T, Viacom, and edtech companies Edmodo and Prodigy. The letter—sent by the Institute for Public Representation at Georgetown Law, attorneys for the advocates—is in response to the FTC’s early review of the rules protecting children under the Children’s Online Privacy Protection Act (COPPA). The groups said “children’s privacy is under siege more than ever,” and urged the FTC “not to take steps that could undermine strong protections for children’s privacy without full information about a complex data collection ecosystem.” The groups ask the Commission to request vital information from two key sectors that greatly impact the privacy of children: the edtech industry, which provides information and technology applications in the K-12 school setting, and the commercial digital data and marketing industry that provides the majority of online content and communications for children, including apps, video streaming, and gaming. The letter suggests numerous questions for the FTC to get to the core of how digital companies conduct business today, including contemporary Big Data practices that capture, analyze, track, and target children across platforms. “With schools closed across the country, American families are more dependent than ever on digital media to educate and occupy their children,” said CCFC’s Executive Director, Josh Golin. “It’s now urgent that the FTC use its full authority to shed light on the business models of the edtech and children’s digital media industries so we can understand what Big Tech knows about our children and what they are doing with that information. The stakes have never been higher.” “Although children’s privacy is supposed to be protected by federal law and the FTC, young people remain at the epicenter of a powerful data-gathering and commercial online advertising system," said Dr. Katharina Kopp, Deputy Director of the Center for Digital Democracy. “We call on the FTC to investigate how companies use data about children, how these data practices work against children’s interests, and also how they impact low-income families and families of color. Before it proposes any changes to the COPPA rules, the FTC needs to obtain detailed insights into how contemporary digital data practices pose challenges to protecting children. Given the outsize intrusion of commercial surveillance into children’s and families’ lives via digital services for education, entertainment, and communication, the FTC must demonstrate it is placing the welfare of kids as its highest priority.” In December, CCFC and CDD led a coalition of 31 groups—including the American Academy of Pediatrics, Center for Science in the Public Interest, Common Sense Media, Consumer Reports, Electronic Privacy Information Center, and Public Citizen—in calling on the FTC to use its subpoena authority. The groups said the Commission must better assess the impacts on children from today’s digital data-driven advertising system, and features such as cross-device tracking, artificial intelligence, machine learning, virtual reality, and real-time measurement. “Childhood is more digital than ever before, and the various ways that children's data is collected, analyzed, and used have never been more complex or opaque,” said Lindsey Barrett, Staff Attorney and Teaching Fellow at IPR’s Communications and Technology Law Clinic at Georgetown Law. “The Federal Trade Commission should shed light on how children's privacy is being invaded at home, at school, and throughout their lives by investigating the companies that profit from collecting their data, and cannot undertake an informed and fact-based revision of the COPPA rules without doing so.” "Children today, more than ever, have an incredible opportunity to learn, play, and socialize online,” said Celia Calano, student attorney at the Institute for Public Representation. “But these modern playgrounds and classrooms come with new safety concerns, including highly technical and obscure industry practices. The first step to improving the COPPA Rule and protecting children online is understanding the current landscape—something the FTC can achieve with a 6(b) investigation." ###

Contact: Jeff Chester, CDD (jeff@democraticmedia.org (link sends e-mail); 202-494-7100) David Monahan, CCFC (david@commercialfreechildhood.org (link sends e-mail); 617-896-9397) Groups Praise Sen. Markey and Google for Ensuring Children on YouTube Receive Key Safeguards BOSTON, MA & WASHINGTON, DC—December 18, 2019—The organizations that spurred the landmark FTC settlement with Google over COPPA violations applauded the announcement of additional advertising safeguards for children on YouTube today. The Campaign for a Commercial-Free Childhood (CCFC) and the Center for Digital Democracy (CDD) commended Google for announcing it would apply most of its robust marketing protections on YouTube Kids, including no advertising of food or beverages or harmful products, to all child-directed content on its main YouTube platform. The groups also lauded Senator Markey for securing (link is external) a public commitment from Google to implement these long-overdue safeguards. The advocates expressed disappointment, however, that Google did not agree to prohibit paid influencer marketing and product placement to children on YouTube as it does on YouTube Kids “Sen. Ed Markey has long been and remains the champion for kids,” said Jeff Chester, CDD’s executive director. “Through the intervention of Sen. Markey, Google has finally committed to protecting children whether they are on the main YouTube platform or using the YouTube Kids app. Google has acted responsibly in announcing that its advertising policies now prohibit any food and beverage marketing on YouTube Kids, as well as ads involving ‘sexually suggestive, violent or dangerous content.’ However, we remain concerned that Google may try to weaken these important child- and family-friendly policies in the near future. Thus we call on Google to commit to keeping these rules in place, and to implement other needed safeguards that children deserve,” added Chester. Josh Golin, Executive Director of CCFC, said, “We are so grateful to Senator Markey for his leadership on one of the most crucial issues faced by children and families today. And we commend Google for implementing a robust set of advertising safeguards on the most popular online destination for children. We urge Google to take another critical step and prohibit child-directed influencer content on YouTube; if this manipulative marketing isn’t allowed on children’s TV or YouTube Kids, it shouldn’t be targeted to children on the main YouTube platform either.” ###

Washington, December 11, 2019 In comments filed today in response to the Federal Trade Commission’s review of COPPA, the Center for Digital Democracy, the Campaign for a Commercial-Free Childhood, the American Academy of Pediatrics, and a total of 19 advocacy groups faulted the FTC for failing to engage in sufficient enforcement and oversight of the children’s privacy law. The groups suggested how COPPA can better protect children’s privacy, and urged the Commission not to weaken the law to satisfy industry’s thirst for more data about kids. The advocates also urged the FTC first to investigate the children’s “kid tech” market before it proposes any changes in how to implement its rules. The following can be attributed to Jeff Chester, Executive Director, Center for Digital Democracy: “Children are at greater risk today of losing their digital privacy because the FTC has failed to enforce COPPA. For years, the Commission has allowed Google and many others to ignore the landmark bipartisan law designed to protect children under 13. It’s time for the FTC to stand up to the big data companies and put the interests of young people and families first.” The following can be attributed to Josh Golin, Executive Director, Campaign for a Commercial-Free Childhood: “This is a critical moment for the future of children’s online privacy. The ink is barely dry on the FTC’s first major COPPA enforcement, and already industry is mobilizing to weaken the rules. The FTC should not make any changes to COPPA until it uses its authority to learn exactly how Big Tech is collecting and monetizing our children’s data.” The following can be attributed to Kyle Yasuda, MD, FAAP, President, American Academy of Pediatrics: “Keeping children safe and healthy where they learn and grow is core to what pediatricians do every day, and today more than ever before that extends to the digital spaces that children inhabit. The Children’s Online Privacy Protection Act is a foundational law that helps hold companies accountable to basic standards of safety when it comes to children’s digital privacy, but it’s only as effective as its enforcement by the Federal Trade Commission. Before any major changes are made to COPPA, we must ensure that the FTC is doing its part to keep children safe wherever they engage online.” The following can be attributed to Laura Moy, Associate Professor of Law, Director of the Communications and Technology Law Clinic, Institute for Public Representation at Georgetown University Law Center: “A recent survey showed that the majority of Americans feel that ‘the threat to personal privacy online is a crisis.’ We are at a critical point in our nation’s history right now—when we are deciding whether or not to allow companies to track, profile, and target us to an extent that compromises our ability to be and make decisions for ourselves. At the forefront of that discussion are children. We must protect the next generation from inappropriate tracking so that they can grow up with privacy and dignity. To make good on that, the FTC must thoroughly investigate how companies are collecting and using children’s data, and must enforce and strengthen COPPA.”

EMBARGOED UNTIL DECEMBER 5, 2019 AT 12:01 AM Contact: Jeffrey Chester, CDD, jeff@democraticmedia.org (link sends e-mail), (202) 494-7100 Josh Golin, CCFC, josh@commercialfreechildhood.org (link sends e-mail); 617-896-9369 Leading child advocacy, health, and privacy groups call on FTC to Investigate Children’s Digital Media Marketplace Before Proposing any Changes to Privacy Protections for Children Threats to young people from digital marketing and data collection must be analyzed to ensure meaningful safeguards under the Children’s Online Privacy Protection Act (COPPA). WASHINGTON, DC and BOSTON, MA – December 5, 2019 – A coalition of 31 advocacy groups is urging the Federal Trade Commission to use its subpoena authority to obtain information from leading digital media companies that target children online. In comments filed today by the Institute for Public Representation at Georgetown and organized by Center for Digital Democracy (CDD) and the Campaign for a Commercial-Free Childhood (CCFC), the coalition explained the opaque data and digital marketing practices targeting kids. The comments are filed with the FTC as part of its early review of the rules protecting children under the Children’s Online Privacy Protection Act (COPPA). The advocates’ call was supported by Sesame Workshop, the leading producer of children’s educational programming, in a separate filing. To better assess the impacts on children from today’s digital data-driven advertising system, and features such as cross-device tracking, artificial intelligence, machine learning, virtual reality, and real-time measurement—the advocates urge the commission to gather and analyze data from leading companies that target children. Any proposed changes to COPPA must be based on empirical data, which is consistent with calls by Commissioners Wilson, Phillips, and Simons that rulemaking must be evidence-based. In their comments, the organizations ask the FTC to use its authority under rule 6(b) to: - Examine today’s methods of advertising to children and their impact, including their discriminatory effects - Examine practices concerning data collection and retention - Illuminate children’s presence on “general audience” platforms and those platforms’ awareness of children’s presence - Identify how the data of children is being used by contemporary data platforms, including “marketing clouds,” “identity management” systems, in-house data management platforms, and data brokers - Illuminate the efficacy—or lack thereof—of safe harbors Groups that have signed the comments are Campaign for a Commercial-Free Childhood; Center for Digital Democracy; American Academy of Pediatrics; Badass Teachers Association; Berkeley Media Studies Group; Center for Science in the Public Interest; Children and Screens; Color of Change; Common Sense Media; Consumer Action; Consumer Federation of America; Consumer Federation of California; Consumer Reports; Consumer Watchdog; Corporate Accountability; Defending the Early Years; Electronic Frontier Foundation; Electronic Privacy Information Center; Obligation, Inc.; Parent Coalition for Student Privacy; Parents Across America; Parents Television Council; P.E.A.C.E. (Peace Educators Allied For Children Everywhere) (link is external); Privacy Rights Clearinghouse; Public Citizen; Public Knowledge; The Story of Stuff; TRUCE (Teachers Resisting Unhealthy Childhood Entertainment); UnidosUS; United Church of Christ; and U.S. Public Interest Research Group (U.S. PIRG). …. The following can be attributed to Kyle Yasuda, MD, FAAP, President, American Academy of Pediatrics: “As children become more digitally connected, it becomes even more important for parents, pediatricians and others who care for young children to understand how digital media impacts their health and development. Since digital technology evolves rapidly, so must our understanding of how data companies are engaging with children’s information online. As we pursue the promise of digital media for children’s development, we must design robust protections to keep them safe based on an up-to-date understanding of the digital spaces they navigate.” The following can be attributed to Josh Golin, Executive Director of Campaign for Commercial-Free Childhood: As kids are spending more time than ever on digital devices, we need the full power of the law to protect them from predatory data collection -- but we can't protect children from Big Tech business models if we don't know how those models truly work. The FTC must use its full authority to investigate opaque data and marketing practices before making any changes to COPPA. We need-to-know what Big Tech knows about our kids." The following can be attributed to Katharina Kopp, Director of Policy, Center for Digital Democracy (CDD): “Children are being subjected to a purposefully opaque ‘Big Data’ digital marketing system that continually gathers their information when they are online. The FTC must use its authority to understand how new and evolving advertising practices targeting kids really work, and whether these data practices are having a discriminatory, or other harmful impact, on their lives.” The following can be attributed to James P. Steyer, CEO and Founder of Common Sense: "Kids and families have to be the priority in any changes to COPPA and in order to do that, we must fully understand what the industry is and isn’t doing when it comes to tracking and targeting kids. Tech companies are never going to be transparent about their business practices which is why it is critical that the FTC use its authority to look behind the curtain and shed light on what they are doing when it comes to kids so that if any new rules are needed, they can be smart and well-informed." The following can be attributed to Katie McInnis, Policy Counsel, Consumer Reports: "We’re glad the FTC is asking for comments on the implementation of COPPA through the 2013 COPPA rule. But the Commission should have the fullest possible picture of how children's personal information is being collected and used before it considers any changes. It’s well-documented that compliance with COPPA is uneven among apps, connected toys, and online services. The FTC must fully understand how kids’ personal information is treated before the 2013 rule can be modified, in order to ensure that children and their data are protected.” The following can be attributed to Marc Rotenberg, President, Electronic Privacy Information Center (EPIC): “The FTC should complete its homework before it proposes changes to the regulations that safeguard children’s privacy. Without a clear understanding of current industry practices, the agency’s proposal will be ill-informed and counterproductive." The following can be attributed to Lindsey Barrett, Staff Attorney and Teaching Fellow, Institute for Public Representation, Georgetown Law: The FTC should conduct 6(b) studies to shed light on the complex and evolving profiling practices that violate children’s privacy. Children are being monitored, quantified, and analyzed more than ever before, and the Commission cannot make informed decisions about the rules that protect them online based on limited or skewed information about the online ecosystem. The following can be attributed to Robert Weissman, President, Public Citizen: “The online corporate predators are miles ahead of the FTC, employing surveillance and targeting tactics against children that flout the protections enshrined in COPPA. The first thing the FTC should do is invoke its investigative powers to get a firm grasp on how Big Tech is systematically invading children’s privacy.” The following can be attributed to Cheryl A. Leanza, Policy Advisor, UCC OC Inc.: “In the modern era, our data are our lives and our children’s lives are monitored and tracked in more detail than any previous generation to unknown effect. Parents seek to pass on their own values and priorities to their children, but feel subverted at every turn by unknown algorithms and marketing efforts directed to their children. At a minimum, the FTC must collect basic facts and trends about children and their data privacy.” The following can be attributed to Eric Rodriguez, Senior Vice President, UnidosUS: “All children should have the right to privacy and live free from discrimination, including in digital spaces. Latino children are targeted by digital marketing efforts and with real consequences to their health and wellbeing. UnidosUS urges the Commission to use its authority and study how children of color operate in the digital space, what happens to their personal data, and how well they are protected by COPPA. Only then can the Commission take effective and objective action to strengthen COPPA to protect an increasingly diverse youth population.”

SUBJECT: CCFC and CDD statement on today’s YouTube inquiry by Senator Markey Campaign for a Commercial-Free Childhood and the Center for Digital Democracy, whose complaint led to the FTC settlement (link is external) which requires YouTube to change its practices to comply with federal children’s privacy law, applaud Senator Ed Markey for writing to Google (link is external) to inquire about YouTube’s child-directed advertising practices. “To its credit, Google has developed a robust set of safeguards and policies on YouTube Kids to protect children from advertising for harmful products and exploitative influencer marketing. Now that Google has been forced to abandon the fiction that the main YouTube platform is exclusively for ages 13 and up, it should apply the same protections on all child-directed content, regardless of which YouTube platform kids are using.” Josh Golin, Campaign for a Commercial-Free Childhood “Google should treat all children fairly on YouTube and apply the same set of advertising and content safeguards it has especially developed for YouTube Kids. When young people view child-directed programming on YouTube, they should also be protected from harmful and unfair practices such as ‘influencer’ marketing, exposure to ‘dangerous’ material, violent content, and exposure to food and beverage marketing.” Jeff Chester, Center for Digital Democracy

Subject: Which digital privacy proposals in Congress make the grade? Nov. 21, 2019 Contact: David Rosen, drosen@citizen.org (link sends e-mail), (202) 588-7742 Susan Grant, sgrant@consumerfed.org (link sends e-mail), (202) 387-6121 Caitriona Fitzgerald, fitzgerald@epic.org (link sends e-mail), (617) 945-8409 Katharina Kopp, kkopp@democraticmedia.org (link sends e-mail), (202) 836-4621 Campaign for a Commercial-Free Childhood · Center for Digital Democracy · Color of Change · Consumer Federation of America · Consumer Action · Electronic Privacy Information Center · Parent Coalition for Student Privacy · Privacy Rights Clearinghouse · Public Citizen · U.S. PIRG NOTE TO REPORTERS Grading Digital Privacy Proposals in Congress When it comes to digital privacy, we’re facing an unprecedented crisis. Tech giants are spying on our families and selling the most intimate details about our lives for profit. Bad actors, both foreign and domestic, are targeting personal data gathered by U.S. companies – including our bank details, email messages and Social Security numbers. Algorithms used to determine eligibility for jobs, housing, credit, insurance and other life necessities are having disparate, discriminatory impacts on disadvantaged groups. We need a new approach. Consumer, privacy and civil rights groups are encouraged by some of the bills that recently have been introduced in Congress, many of which follow recommendations in the groups’ Framework for Comprehensive Privacy Protection and Digital Rights in the United States (link is external). The framework calls for baseline federal privacy legislation that: - Has a clear and comprehensive definition of personal data; - Establishes an independent data protection agency; - Establishes a private right of action allowing individuals to enforce their rights; - Establishes individual rights to access, control and delete data; - Puts meaningful privacy obligations on companies that collect personal data; - Requires the establishment of algorithmic governance to advance fair and just data practices; - Requires companies to minimize privacy risks and minimize data collection; - Prohibits take-it-or-leave-it or pay-for-privacy terms; - Limits government access to personal data; and - Does not preempt stronger state laws. Three bills attained the highest marks in the recent Privacy Legislation Scorecard (link is external) compiled by the Electronic Privacy Information Center (EPIC): - The Online Privacy Act (H.R. 4978 (link is external)), introduced by U.S. Reps. Anna Eshoo (D-Calif.) and Zoe Lofgren (D-Calif.), takes a comprehensive approach and is the only bill that calls for a U.S. Data Protection Agency. The bill establishes meaningful rights for individuals and clear obligations for companies. It does not preempt state law, but it lacks explicit anti-preemption language, which would make it more effective. - The Mind Your Own Business Act (S. 2637 (link is external)), introduced by U.S. Sen. Ron Wyden (D-Ore.), requires companies to assess the impact of the automated systems they use to make decisions about consumers and how well their data protection mechanisms are working. It has explicit anti-preemption language and holds companies accountable when they fail to protect privacy. The private right of action should be broader, and the bill needs clear limits on data uses. - The Privacy Rights for All Act (S. 1214 (link is external)), introduced by U.S. Sen. Ed Markey (D-Mass.), has important provisions minimizing data collection and delinking user identities from collected data, and prohibits bias and discrimination in automated decision-making. It also includes a strong private right of action and bans forced arbitration for violations. It does not preempt state law, but it lacks explicit anti-preemption language, which would make it more effective. Two bills are plainly anti-privacy. The Information Transparency & Personal Data Control Act (H.R. 2013 (link is external)), introduced by U.S. Rep. Suzan DelBene (D-Wash.), falls woefully short. It provides few protections for individuals, contains overly broad exemptions and preempts stronger state laws. The Balancing the Rights of Web Surfers Equally and Responsibility (BROWSER) Act (S. 1116 (link is external)), introduced by U.S. Sen. Marsha Blackburn (R-Tenn.), is based on the old, ineffective take-it-or-leave-it terms of use model, does not allow agency rulemaking, is weak on enforcement and preempts state laws. Both are bad, anti-privacy bills. Future federal privacy bills must make the grade. Additional privacy bills are expected to be introduced by U.S. Sen. Maria Cantwell (D-Wash.) and U.S. Rep. Jan Schakowsky (D-Ill.). Separately, U.S. Sens. Richard Blumenthal (D-Conn.), Roger Wicker (R-Miss.) and Josh Hawley (R-Mo.) may release their own bills. These leaders should strive to meet the standards that the framework lays out. Baseline privacy legislation must not preempt stronger state protections and laws – such as the California Consumer Privacy Protection Act (link is external) that takes effect in 2020, biometric data protection laws such as those in Illinois (link is external) and Texas (link is external), and data breach notification laws (link is external) that exist in every state. States must be allowed to continue serving as “laboratories of democracy,” pioneering innovative new protections to keep up with rapidly changing technologies. In addition, federal privacy legislation must include a strong private right of action – a crucial tool consumers need to enforce their rights and change the behavior of powerful corporations – and establish safeguards against data practices that lead to unjust, unfair, manipulative and discriminatory outcomes. For more information, see these fact sheets (link is external). Please contact any of the individuals listed above to speak with an expert. ###

Contact: David Monahan, CCFC (david@commercialfreechildhood.org (link sends e-mail); 617-896-9397) Jeff Chester, CDD (jeff@democraticmedia.org (link sends e-mail); 202-494-7100) Will the FTC Weaken Children’s Privacy Rules? Invited Advocates Raise Concerns About Upcoming COPPA Workshop, Plans to Undermine Federal Protections for Kids October 7 D.C. lineup dominated by tech industry supporters WHAT: The Future of the Children’s Online Privacy Protection Act Rule (COPPA): An FTC Workshop (link is external) WHEN: October 7, 2019, 9:00 am ET WHERE: Constitution Center, 400 7th St SW, Washington, DC WORKSHOP PRESENTERS FOR CAMPAIGN FOR A COMMERCIAL-FREE CHILDHOOD (CCFC) AND CENTER FOR DIGITAL DEMOCRACY (CDD): THE CHALLENGE: In 2012, the FTC approved new safeguards to protect children’s privacy in the digital era, heeding the advice of child advocates, consumer groups, privacy experts and health professionals. But now the Commission has called for comments (link is external) on COPPA three years before a new review is mandated by statute. The questions posed by the Commission, as well as public comments made by FTC staff, make privacy advocates wary that the FTC’s goal is to roll back COPPA safeguards rather than strengthen protections for children. Concerns about the FTC creating new loopholes or supporting industry calls to weaken the rules are heightened by the FTC’s speaker list for this workshop, replete with tech and marketing companies and their lawyers and lobbyists, with just a few privacy and children’s advocates at the table. The advocates are also concerned that the FTC is contemplating this action just weeks after its most significant COPPA enforcement action to date—requiring major changes to Google’s data collection practices on YouTube—a move that could result in rules being changed before those new practices have even been implemented. Children and families need increased COPPA enforcement, not weaker rules. The key problems, the advocates note, are the lack of enforcement of the law by the FTC; the failure of the agency to protect children from unfair marketing practices, such as influencers; and the need to maintain the strongest possible safeguards—whether in the home, school or on mobile devices. Speakers at the workshop include: Josh Golin, Executive Director, CCFC Will participate in a panel entitled Scope of the COPPA Rule. Katharina Kopp, Ph.D., Deputy Director, Director of Policy, CDD Will participate in a panel entitled Uses and Misuses of Persistent Identifiers. Laura M. Moy, Associate Professor of Law, Director, Communications & Technology Law Clinic, Georgetown University Law Center Will participate in a panel entitled State of the World in Children’s Privacy. Josh, Katharina, and Laura are available for questions in advance of the workshop, and will also be available to speak with press on site. See video of Future of COPPA Workshop here: https://www.ftc.gov/news-events/audio-video/video/future-coppa-rule-ftc-... (link is external) https://www.ftc.gov/news-events/audio-video/video/future-coppa-rule-ftc-... (link is external) ###

Press Statement Google YouTube FTC COPPA Settlement Statement of Katharina Kopp, Ph.D. Deputy Director Center for Digital Democracy August 30, 2019 It has been reported that Google has agreed to pay between $150 million and $200 million to resolve an FTC investigation into YouTube over alleged violations of a children's privacy law. A settlement amount of $150-200 million would be woefully low, considering the egregious nature of the violation, how much Google profited from violating the law, and given Google’s size and revenue. Google’s unprecedented violation requires an unprecedented FTC response. A small amount like this would effectively reward Google for engaging in massive and illegal data collection without any regard to children’s safety. In addition to assessing substantial civil penalties, the FTC must enjoin Google from committing further violations of COPPA and impose effective means for monitoring compliance; the FTC must impose a 20-year consent decree to ensure Alphabet Inc. acts responsibly when it comes to serving children and parents. ------ In April, 2018, the Center for Digital Democracy (CDD) and the Campaign for Commercial-Free Childhood (CCFC), through their attorneys at Georgetown Law’s Institute for Public Representation (IPR), filed an FTC complaint (link is external) detailing YouTube’s COPPA violations. Twenty-one other privacy and consumer groups signed on to CCFC and CDD’s complaint, which detailed how Google profits by collecting personal information from kids on YouTube, without first providing direct notice to parents and obtaining their consent as required by law. Google uses this information to target advertisements to children across the internet and across devices, in clear violation of COPPA.