FTC's Attempt To Broadly Expand Misguided Child Protection Law Will Chill Innovation

from the well-meaning,-but-bad-policy dept

We've written a few times about the Childrens Online Privacy Protection Act (COPPA) and how it was put in place without any data and without much concern for unintended consequences. As danah boyd has shown in her research, COPPA hasn't necessarily done much to protect children. Instead, it's made parents teach their kids it's okay to lie about their age. It's also why so many websites have seemingly arbitrary restrictions on kids under the age of 13. It's one of those "think of the children" laws that people want to like because it sounds good, and no one wants to support big businesses preying on children. But, the reality is that it has tremendous problems -- unintended consequences that limit various services -- and does little to actually protect children.

And, of course, the FTC wants to expand it even further.

They're asking for comments on the proposed changes in the rules, and if you develop websites or apps, you might want to speak up. CDT has put together a letter people can sign if they don't want to write up some comments themselves. They also have explained many of the problems with the new proposals. For example, it expands what COPPA applies to in very broad ways, potentially creating liability for developers without them even realizing it:

The FTC plans to put COPPA obligations on plugin developers if they “know or have reason to know” that their plugin has been installed on a children’s site. “Plugins” include analytics providers, advertising networks, social media plugins, embedded videos, or anyone else who provides third-party code for websites. Under the FTC's proposed change, if plugin developers receive a user’s IP address through a plugin that’s been installed on a children’s site, they could face legal liability for collecting children’s personal information.

It’s unclear how a plugin or platform like Twitter is supposed to “know or have reason to know” that someone has cut and pasted a line of their code into a children’s site. The FTC says that plugin developers “will not be free to ignore credible information brought to their attention.” But the FTC doesn’t say what counts as “credible.” Would developers have to assume every random e-mail is a credible tip that could saddle them with legal liability? Even if the FTC did provide clarity, though, it would still be extraordinarily burdensome to place legal obligations on plugin developers based on the actions of others.

The end result would almost certainly involve those companies putting a lot more limits on their apps, and create a huge cost (and potential liability) for all sorts of plugin and app writers. But there's an even bigger problem. While COPPA was clearly limited at sites directed at children, the FTC seems to think this wasn't enough, because other sites not directed at children might still attract children... and so they want this problematic rule to expand to sites who don't even cater to children:

Things get worse with the FTC’s second major proposal: expanding the scope of sites deemed “directed to children” from sites aimed primarily at a very young audience to include sites and services that are “likely to attract an audience that includes a disproportionately large percentage of children under 13 as compared to the percentage of such children in the general population.”

This convoluted standard raises a number of serious issues. Not only is it difficult for site operators to gauge what proportions of their audience fall into arbitrary age buckets, but the FTC also gives operators no sense of what it means for an audience to be “disproportionately” composed of children in comparison to the general population. If a site’s audience is 20 percent children, is it disproportionately composed of children? What about at 30 percent? It’s not clear from the language, and it won’t be clear to website operators trying to run their sites while staying within the bounds of the law.

In fact, as CDT notes, this change almost certainly will do the exact opposite of what the rule intends. That is, it will make sites feel they need to collect more data about who is accessing their sites to make sure that they know if their audience includes kids, in which case they'll have to take steps. But that means they'll be... collecting more data about kids -- which is exactly what COPPA is supposed to stop.

The FTC folks who support COPPA are certainly well meaning, but they seem to have little concern or interest about the real impact of the law and their specific rules around it, and how it not only fails to help protect children, but puts a serious damper on innovation as well.

Filed Under: apps, coppa, ftc, plugins, privacy, unintended consequences

WordPress Accused Of Copyright Infringement For Its Famed 'Hello Dolly' Sample Plugin

from the wtf dept

If you've ever installed or used the ultra-popular blogging platform software WordPress, you're quite familiar with the Hello Dolly plugin that is part of the default install. If it's enabled, then you get a short lyric from the song in the corner of the admin-only dashboard. It was basically just a fun simple plugin, mostly used to demonstrate the plugin functionality of WordPress. However, as Craig points out, some folks in the WordPress community are pointing out that, technically the plugin may be violating the composer's copyright. It does not appear that the composer, Jerry Herman, cares or has complained about this, but some in the WordPress community worry that every install of this WordPress plugin may technically be infringing -- and they've filed a bug asking WordPress parent corporation Automattic to indemnify users of the plugin and/or explain if the song has been licensed..

The whole thing, of course, is pretty ridiculous, but seeing as we have seen a growing number of copyright complaints over lyrics sites, you could see a potential lawsuit. Of course, it's hard to see how the use of such lyrics in the plugin -- in any way -- cause any harm to the song or the composer. In fact, chances are it has done the exact opposite. But such is the state of copyright laws today that doing something as simple and as fun as creating the Hello Dolly plugin may have made copyright infringers out of millions of bloggers. Of course, there's a pretty strong argument for fair use in this case, but tragically, due to copyright law customs, you can't know if it's really fair use until after there's an actual lawsuit. Hopefully, this is all moot and no one actually sues. But it's a rather sad statement that a plugin famous for this description:

This is not just a plugin, it symbolizes the hope and enthusiasm of an entire generation summed up in two words sung most famously by Louis Armstrong: Hello, Dolly.

might have to be killed of due to copyright fears. Thanks, copyright, for killing off a symbol of hope and enthusiasm of an entire generation.

Filed Under: copyright, hello dolly, jerry herman, lyrics, plugins, wordpress
Companies: automattic, wordpress

Eolas Is Baaaaaaaaack; And It's Suing Everyone Over Embeddable Web Widgets

from the because-otherwise... dept

Well, here we go again. As you may recall, Eolas is a company that claimed to hold a patent (5,838,906) on browser plugins. The company sued Microsoft, and a long drawn-out battle ensued. Even though web inventor Tim Berners-Lee presented prior art and asked the USPTO to invalidate Eolas' ridiculously broad and obvious patent, the USPTO eventually upheld the patent (after initially rejecting claims). Even as Microsoft began presenting evidence that it actually had made use of the technology in question before Eolas applied for its patent, losses in the courts and the Supreme Court's refusal to hear the case eventually resulted in Microsoft agreeing to settle rather than continue to fight.

Since then (two years ago), plenty of people have been waiting for the other shoe to drop, concerning Eolas' plans to sue others. Now we know why it waited. It's now received a new patent -- a continuation patent, which is often used to abuse the patent system by putting forth a broad patent, then filing for continuations to make changes that let an earlier "invention" cover technologies that later become popular. In this case, the new patent (7,599,985), which basically just extends the earlier patent on browser plugins, and extends it to javascript widgets. Yes, those embeddable widgets used all over the web? It appears that Eolas thinks that those are infringing and everyone should pay up.

The new lawsuit has been filed against Adobe, Amazon, Apple, Blockbuster, Citigroup, eBay, Frito-Lay, Go Daddy, Google, J.C. Penney, JPMorgan Chase, Office Depot, Perot Systems, Playboy Enterprises, Staples, Sun, Texas Instruments, Yahoo, and YouTube. Apparently, starting small isn't part of the plan. Not surprisingly, Eolas filed in Eastern Texas using McKool Smith -- one of the most popular law firms representing patent holding firms in East Texas.

I am honestly curious how patent system defenders, who are also programmers, can defend this. I'm sure non-programmers will claim that the patent is valid, but I can't imagine how anyone who has any knowledge of basic programming principles can claim that such a patent is valid. In the meantime, tons of companies doing an incredibly basic thing on the web will now have to waste millions of dollars fighting a ridiculous patent lawsuit. How is this promoting innovation in any way shape or form?

Filed Under: browsers, embeddable, patents, plugins, widgets
Companies: adobe, amazon, apple, blockbuster, citigroup, ebay, eolas, frito-lay, godaddy, google, j.c. peney, jpmorgan chase, microsoft, office depo, perot systems, playboy, stabples, sun, texas instruments, yahoo, youtube