With the arrival last year of a tech-savvy superintendent in the Ithaca City School District, we’ve started to see some welcome changes in how our son Tristan’s 7th grade teachers are operating. They’ve responded to the superintendent’s call for increased use of technology by accepting many homework assignments electronically; they’ve also created class blogs for summarizing what goes on in class and for listing homework assignments. On the whole, we’re tremendously happy to see Tristan checking the blogs for what to do, submitting his homework in Google Docs, taking part in NaNoWriMo for English class, asking out-of-class questions of the teachers via email, and generally using the same kind of tools that we employ in our day-to-day work.
There has been one dark cloud in this otherwise bright picture. Tristan won’t be 13 until January, but to participate fully in these technology initiatives, he has needed to set up a number of accounts, including a Google account and a Blogger account, among others. Thanks to the 1998 Children’s Online Privacy Protection Act (COPPA) in the United States, however, Google, Apple, and many other companies, most notably Facebook, include a blunt line like this in their terms of service:
You must be at least thirteen (13) years of age to use the Service.
(In a move that has caused much online distress, if a child with a pre-existing Gmail account now provides an under-13 birthdate to another Google site, like YouTube, Google disables that account and threatens to delete it entirely unless the parent takes over ownership.)
The drafters of COPPA were aware that there would be legitimate reasons for parents to want their under-13 children to have accounts with certain online services, of course, so they provided for a way out via “verifiable parental consent.” Therein lies the problem. The allowed approaches include:
Giving parents a form to print, fill out, sign, and return via mail or fax.
Require the parent to use a credit card in connection with a transaction.
Obtain consent via email accompanied by a digital signature or digital certificate verified by a physical form or credit card.
Our Services are not directed to people under 13. If you become aware that your child has provided us with personal information without your consent, please contact us at email@example.com. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we take steps to remove such information and terminate the child’s account.
But the blunt rejection of underage children by most sites is how we’ve ended up in a situation where parents are being asked to teach their children that it’s not just acceptable, but often necessary, to lie on the Internet. That certainly wasn’t the intent of COPPA, but a recently released study from danah boyd of Microsoft Research; Eszter Hargittai of Northwestern University; Jason Schultz of the University of California, Berkeley; and John Palfrey of the Harvard Law School looks in more depth at just what parents do and don’t do in relation to COPPA’s age restrictions, focusing on Facebook.
For instance, they found that:
55 percent of 12-year-olds have a Facebook account (along with 32 percent of 11-year-olds and 18 percent of 10-year-olds). In short, there are a lot of underage Facebook users. I’m sure that there are also tons of underage users of services from Google, Apple, Yahoo, and Microsoft.
82 percent of parents were aware that their children had created Facebook accounts, and of those, 64 percent helped to create the account, with even higher percentages of parents participating when the children were underage. The point here is that the vast majority of parents were notified of the age limit, and, in fact, 90 percent of parents helping underage children to create accounts acknowledged being aware of the age limit.
35 percent of parents thought that the age limit was a recommendation (like the PG-13 MPAA movie rating), not a requirement. And 78 percent felt that it was acceptable to allow an underage child to sign up for a service for a variety of reasons, largely bolstered by parental monitoring of online activities. So we can see that many parents don’t take the age limit seriously, either not seeing it as a requirement or seeing it as a rule that can be broken.
Most tellingly, in response to the question, “Who should have the final say about whether or not your child should be able to use Web sites and online services?” 93 percent of respondents said the parent should. 3 percent felt the company providing the service should have the final say. And amusingly, only 2 percent said that the government should have the final say, which matched exactly with the 2 percent of parents who said that the child should have the final say. (Snarky logic would thus conclude that parents trust the government and their children equally in this regard. Speaking as the parent of a 12-year-old who can’t be relied on to tie his shoes, that’s not a ringing endorsement of governmental regulation.)
Finally, when asked what role government should play in setting age limits on the use of Web sites, 48 percent felt that the government should require a recommended age rating, like movie ratings. 35 percent felt the government shouldn’t do anything, and only 18 percent felt the government should be enacting laws like COPPA.
With regard to the requirement for deception, the study’s authors point out that although adults may provide inaccurate information in online profiles (such as on dating sites), parents are uncomfortable with encouraging children to lie online. They write:
Providing inaccurate age information can also violate Web sites’ Terms of Service and enable risky interactions. Parents of elementary- and middle-school-aged children may not want their children to pretend as though they are in high school when interacting with other teenagers and, yet, providing a false age on Facebook conveys this incorrect impression. Because of this, strict age requirements often put parents in an uncomfortable position. So long as deception is the only means of access, parents are forced to choose between curtailing their children’s access and condoning lying. This is not an easy choice for many parents to make.
Ironically, danah boyd said in an interview with On the Media that police officers lecturing students in online safety also sometimes recommend that children lie about their location, which has resulted in there being more people online claiming to be from Afghanistan and Zimbabwe (the first and last countries when listed alphabetically) than there are people in those countries.
In the end, Tonya and I come down squarely in agreement with the majority of parents. Tristan hasn’t wanted a Facebook account, but we signed him up for Twitter several years ago so we could communicate with him in brief bursts when we were travelling (now he has a text message-enabled cell phone for arranging pickups from school events), and we certainly wouldn’t prevent him from getting school-related accounts because of COPPA. In fact, for any account that Tristan sets up online, whether it’s with Pandora, Edmodo, or Google, we ask that he get our permission if he must lie about his age and that he write down all the login information on a sticky note (which we keep handy in case he forgets it — this has already resolved one late-night homework crisis). Eventually, we’ll have to move all those sticky notes into a system that Tristan maintains himself, although password wallet software isn’t currently a realistic option given the variety of computers he uses but cannot control.
Like many other parents, we think he’s mature enough to handle the places online where he’s going to end up, we monitor what he does online, and we feel that a clearly worded recommendation (and encouragement for parents to stay involved) would be far more effective than COPPA’s age limits and accompanying unintended consequences.