Dive Brief:
- Data privacy rights, particularly for children, were front and center at a House subcommittee hearing Wednesday that focused on three bills aimed at limiting online companies’ storage and use of consumer data.
- Several lawmakers and witnesses said including more protections for children’s data would be crucial under the proposed American Privacy Rights Act, which would set national consumer data privacy rights. They also stressed the importance of prohibiting targeted advertising to children and teens — as included in the proposed Children and Teens’ Online Privacy Protection Act, or COPPA 2.0.
- Representatives from both sides of the aisle, along with witnesses, also agreed that the current momentum building around the issue in Congress might be the best chance for passing comprehensive federal data privacy legislation.
Dive Insight:
The proposals aiming to bolster data privacy protections, particularly COPPA 2.0, could impact how schools navigate contracts with ed tech companies that often handle sensitive student data.
Endorsement for updates proposed for COPPA 2.0 came from 11 education groups in a letter to several members of the Senate Health, Education, Labor and Pensions Committee and House Energy and Commerce Committee on Wednesday. The groups, which the Association of School Business Officials, the Consortium for School Networking, the National School Boards Association, and AASA, The School Superintendents Association, endorsing are members of the Federal Education Privacy Coalition.
The groups wrote that the proposed COPPA 2.0 “finds the right balance between enhancing child and teen privacy protections online and enabling schools to effectively incorporate edtech into the classroom.” The bill would allow schools to offer students access to ed tech platforms once a vendor contract is signed and the school has thoroughly vetted the ed tech company for privacy and security safeguards, they said.
Additionally, the groups supported the bill's proposal to expand online privacy protections for children from those 13 and under to those 17 and under.
During Wednesday’s House Innovation, Data, and Commerce Subcommittee hearing, panel Chair Rep. Gus Bilirakis, R-Florida, said in his opening statement that passing bills like COPPA 2.0 and KOSA is a critical safety measure.
“We know that big tech has failed, ladies and gentleman, to prioritize the health and safety of our children online, resulting in significant increase in mental health conditions, suicide and drug overdose deaths.” Bilirakis said. “It’s time for big tech to be held accountable for facilitating this activity and manipulating our kids to keep them addicted to their screens for longer than ever before.”
Ava Smithing, advocacy and community director for the Young People’s Alliance, shared how targeted advertising and algorithmic changes on Instagram shaped her eating disorder when she was a teen.
“They stored my insecurity as data and linked it to all my accounts across the internet,” Smithing said. “They used my data to infer what other types of ads and content I might ‘like,’ leading me down a pipeline from bikini advertisements to exercise videos to dieting tips and finally to eating disorder content.”
Smithing expressed support for both the proposed Kids Online Safety Act and COPPA 2.0, stressing the importance for social platforms to give users a way to opt out from targeted advertising or even turn off targeted advertising by default.
Data privacy standards appear to be stronger in APRA than in COPPA 2.0, said witness Samir Jain, vice president of policy at the Center for Democracy and Technology. He suggested that data protections instead be included in one place for both adults and children,“It’s helpful to have this all in one place, because we don’t want to inadvertently protect kids less than we do adults.”
Additionally, Jain said there’s a need to create a youth privacy division within the Federal Trade Commission to help develop better children’s data privacy policies later on.
A different viewpoint came from the Software and Information Industry Association, which sent a letter to the chair and ranking member of the House Energy and Commerce Committee prior to the hearing.
SIIA said COPPA 2.0’s age verification requirement could cause operators to require all users to verify their age, not just children, which would increase privacy and cybersecurity risks due to the additional amount of information provided. The association also said banning targeted advertising via COPPA 2.0 could unintentionally lead online providers to charge for access to their services, which would “have a notable impact on the digital divide.”