CDD

program areas Digital Youth

  • Blog

    need-to-know 1076

    Programmatic Applied to Kids Market; Not Truly "COPPA Friendly"

    Announcing REX: the world’s first kid-safe programmatic exchange Today (link is external)marks a major milestone in the kids digital media industry. We’re extremely pleased to announce the launch of REX, the world’s first kid-safe, COPPA-compliant programmatic exchange. COPPA and GDPR forbid profile or cookie-based targeting which has, until now, removed all programmatic options (and hence automation) from the kids industry. Part of AwesomeAds (our kid-safe ad server) REX guarantees that all automated ad requests are 100% kid-safe and COPPA/GDPR compliant. For the first time ever, REX makes it possible for advertisers across the world to programmatically reach the kids audience in a fully compliant, 100% kid-safe way. The kids space hasn’t had this capability (in any compliant sense) until now. REX genuinely shifts the entire industry forward. How does it work? At this point, our engineering team (about a third of the company) is probably the most experienced technical team in the global digital kids’ sector. This was a pretty helpful starting point. REX acts as a comprehensive kid-safety filter; it removes all non-compliant elements from each ad tag to ensure nothing can track users, before placing every creative through our ad content review process. Only then is it served through our COPPA-certified AwesomeAds platform, earning our SAFE AD watermark. Explained by our Chief Product Officer, Joshua Wohle: “REX inserts itself between the publisher and the exchange, taking the role of a firewall. It inspects the requests going out, stripping it from any PII before sending it through to the exchange. The exchange then considers the request and buyers can start bidding on the inventory. Once the winning bid is returned to the publisher, REX again intercepts it and removes any trackers that could be collecting PII before sending it on to the publisher. All of this happens in real-time, allowing for a full programmatic flow whilst ensuring compliance to all parties involved.” In order to bring this unique offering to the kids industry, we’re working alongside Rubicon, one of the biggest programmatic exchanges in the world. They provide real-time bidding and integration with all buyer systems across the globe. Combining our infrastructure in kid-safe technology and our exclusive kids inventory with their real-time bidding architecture, we are able to open up programmatic to the world’s biggest trading desks and DSPs across the kids market.
  • Set-top Box market should be open, but consumers and privacy protected, CDD tells FCC

    Calls for Safeguards for sensitive data, including protecting youth, seniors, and use of ethnic/racial information in FCC"s Navigational Device Proceeding

    The Center for Digital Democracy (CDD), which works to empower and protect consumers in the digital marketplace, endorses the Federal Communications Commission’s (FCC) important proposal to provide both choice and competition in the provision of navigational devices for video and related content. CDD strongly believes that the FCC should proceed with its plan to allow third parties to build and sell navigational devices. We support giving these developers/providers access to the information proposed in the NPRM, including Service Discovery, Entitlement, and Content Delivery data. For decades, a handful of powerful cable—and now also telephone—companies have held a monopoly over the design, availability, and use of set-top boxes. This has resulted in greater costs to subscribers, including an especially unfair burden on low- or limited-income consumers. The set-top stranglehold has impaired competition and programming diversity, and has undermined consumer privacy. --- Full PDF of filing attached.
  • Advocates To FTC: Stop Google’s Deceptive and Unfair Practices on YouTube Kids

    New Complaints Also Urge Investigation of 17 Food and Beverage Companies For Violating Pledges Not to Target Junk Food to Children

    Washington, DC–Tuesday, November 24, 2015 –Two leading child advocacy groups filed new complaints today at the Federal Trade Commission (FTC), urging the Commission to stop Google from engaging in unfair and deceptive practices toward children on its YouTube Kids app for kids five and younger. In two related FTC filings submitted today, Campaign for a Commercial-Free Childhood (CCFC) and Center for Digital Democracy (CDD) also called on the FTC to broaden its investigation of YouTube Kids to include Google’s relationships with multichannel video programmers; food, beverage and toy companies; its major YouTube advertising and “unboxing” video partners; and companies that specialize in “influencer” and product placement marketing on YouTube.“Our new complaints underscore why the FTC needs to stop Google from engaging in what are nothing less than harmful, unethical, and irresponsible practices that target America’s youngest children,” explained Jeff Chester, Executive Director of the Center for Digital Democracy. “The Commission now has ample evidence that Google’s actions are unfair and deceptive and violate Section 5 of the FTC Act. We call on Chairwoman Ramirez and the other Commissioners to complete their investigation and commence legal action against Google so that children and their parents will be protected when they use YouTube Kids.”In one of the complaints (link is external) filed today, CCFC and CDD urge the Commission to hold 17 food and beverage manufacturers accountable for violating the self-regulatory pledges they made as members of the Children’s Food and Beverage Advertising Initiative (CFBAI). A review of YouTube Kids by CCFC and CDD found hundreds of commercials and promotional videos for products these companies had publicly pledged not to market to children under the age of 12. For example, even though the Coca-Cola Company has pledged to not market any beverages to children under 12, CCFC and CDD found 47 television commercials and 11 longer promotional videos for Coke and Coke Zero on YouTube Kids. Similarly, Mondelez International has pledged not to market Oreos to children, but CCFC and CDD found 31 TV commercials and 21 product placements for Oreos on YouTube Kids. In one 11-minute video, the YouTube star Evan of “EvanTubeHD” and his sister compete to identify 12 different flavors of Oreos. [Evan HD is distributed by the Walt Disney Company’s Maker Studios division].“Far from being a safe place for kids to explore, YouTube Kids is awash with food and beverage marketing that you won’t find on other media platforms for young children,” said CCFC’s Josh Golin. “The Commission should investigate why Google’s algorithms aren’t configured to keep junk food marketing off of YouTube Kids, and hold food and beverage companies accountable for violating their pledges not to target their most unhealthy products to children.” “Food companies and Google have teamed up for an end run around America's parents,” said Dale Kunkel, Professor of Communication at University of Arizona. “YouTube Kids delivers hundreds of junk food video promotions while Google claims it allows no food advertising on the app, and food companies promise the FTC they won't advertise products like Snickers and Oreos to children. It’s hard to believe this is all happening in broad daylight.”The second FTC complaint (link is external) filed today significantly expands upon the groups’ initial complaint filed on April 7, 2015 (link is external). It documents that many videos on YouTube Kids appear to result from relationships and payments between advertisers, YouTube creators, and various intermediaries, including multichannel video programmers and advertising agencies that specialize in “influencer” marketing. Because these relationships are not disclosed on YouTube Kids as required by the FTC’s Endorsement Guide, CCFC and CDD call on the FTC to investigate the contractual and other business connections between Google and its YouTube commercial partners and affiliates.The second complaint also explains how changes made by Google to YouTube Kids do not alleviate the problems raised in the original complaint—that YouTube Kids targets children with deceptive and unfair advertisements, and Google markets YouTube Kids to parents in a deceptive manner. “When Google launched YouTube Kids in February, it falsely told parents that ‘all advertisements in the YouTube Kids app must comply’ with its Ad Policy prohibiting ads for certain products, including food and beverages,” said Professor Angela Campbell of Georgetown University’s Institute for Public Representation, counsel for CCFC and CDD. “Instead of enforcing its Ad Policy, Google changed its policy so that it does not apply to traditional TV commercials or longer promotional videos. This is a major disservice to children and parents alike.”----See complaints attached.
  • Consumer Group Challenges Jest8’s Application for New COPPA Parent Verification Technology

    Tells FTC to “Just Say No” to Unproven, Unsafe Parental Consent Method

    Washington, DC - September 14,th 2015 - The Center for Digital Democracy (CDD) filed comments at the Federal Trade Commission (FTC) in response to an application from Jest8 Limited (trading as Riyo) for a new verifiable parental consent (VPC) method that purports to be in compliance with the Children’s Online Privacy Protection Act (COPPA). That act requires the operators of websites directed at children under 13 to obtain verifiable parental consent before collecting any personal information from a child. But as CDD’s detailed filing makes clear, Jest8’s system, which attempts to match a photo of a parent with a photo of that parent’s ID, fails on three fundamental counts: (1) it does not ensure that the person submitting the photographic evidence is, in fact, the parent; (2) it does not satisfactorily demonstrate that its facial recognition algorithms are sufficiently reliable to be deployed in the sensitive area of children’s privacy; and (3) it poses a severe risk to the consumer data that it collects in the process of undertaking its “Face Match to Verified Photo Identification,” with no assurance that it it will promptly delete such data as promised. The filing also raises questions about the applicant’s lack of any background on privacy issues, especially those that address the needs of children.“The FTC must ensure that a parent is actually authorizing the collection of their child’s data,” explained CDD executive director Jeff Chester. “Jest8 fails to provide any serious guarantee that a child’s privacy will be protected, and that their parent or guardian has made an informed decision.”CDD (through its predecessor, the Center for Media Education) spearheaded the campaign that led to the passage of COPPA in 1998. More recently, CDD successfully organized the effort to update and strengthen the COPPA rules in 2012, working with a coalition of consumer, child advocacy, and health organizations.A copy of CDD’s FTC filing is available at www.democraticmedia.org.The CDD's comments on Jest8's application, attached below.
  • Here you will find the CDD Presentation to Institute of Medicine of September 2015.
  • The Center for Digital Democracy (CDD), through its counsel, requests the following documents under the Freedom of Information Act (FOIA), 5 U.S.C. § 552, related to enforcement of the Children’s Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq.: All annual reports submitted to the Federal Trade Commission (FTC) by COPPA safe harbor programs for the reporting period of July 1, 2014 through June 30, 2015 as required by the COPPA Rule, 16 C.F.R. § 312.11(d)(1), including, for illustrative purposes, reports from the following safe harbor programs: Aristotle International Inc. Children’s Advertising Review Unit (CARU) Entertainment Software Rating Board (ESRB) iKeepSafe kidSafe Seal Program (kidSAFE) Privacy Vaults Online (PRIVO) True Ultimate Standards Everywhere (TRUSTe) CDD asks that if any of the requested records are stored electronically that the FTC provide the requested records to CDD in their native electronic format as required under FOIA. 5 U.S.C. § 552(f)(2). Request for Fee Waiver or News Media Fee Benefit CDD asks the FTC to waive all fees associated with this request because disclosure of the records is in the public interest or, alternatively, to limit any fees charged to CDD to reasonable duplication fees because it is a noncommercial request by a member of the news media. 5 U.S.C. §§ 552(a)(4)(A)(ii)(II), 552(a)(4)(A)(iii). CDD is entitled to a waiver of all fees associated with this request under FOIA’s public interest standard and relevant FTC regulations. 16 C.F.R. § 4.8(e). The regulations permit the FTC to waive all fees associated with a particular request when a requester demonstrates that (1) “disclosure will likely contribute significantly to public understanding of the operations or activities of the government” and (2) “that the request not be primarily in the commercial interest of the requester.” 16 C.F.R. §§ 4.8(e)(2)(i)-(ii). CDD’s request qualifies under both prongs of the FTC’s public interest fee waiver standard. First, disclosure of the annual reports provided to the FTC by COPPA safe harbor providers and any related correspondence will contribute significantly to the public’s understanding of the FTC’s oversight of private entities tasked with enforcing federal law. COPPA was designed to protect children’s privacy online, an issue of significant public importance that concerns parents, consumers, lawmakers, and the general public. The instant request concerns data on how actively private safe harbor providers are policing COPPA compliance by their members. Relatedly, the records will also disclose whether and how the FTC performs its oversight role with respect to the safe harbor programs.1 From the reports, the public can scrutinize both the safe harbors’ performance and the FTC’s actions in administering the safe harbor program under COPPA. Because CDD intends to publish the requested documents, the public at large will benefit from better understanding whether and how the FTC is protecting children’s privacy online. Full complaint attached.
  • Blog

    Facebook has been looking at an alternative to the 'Like' button

    Reading your facial expressions and sending your friends an appropriate cartoon face.

    Facebook has given us a bit more of an insight into some of the more experimental new products and apps its product team has been working on. Speaking at the Cannes Lions International Festival of Creativity, Facebook's chief product officer Chris Cox, showed off what could one day work as a more expressive version of the Like button. Instead of simply pressing Like, Cox said users could use their smartphones to take a selfie. But rather than just send that, the function could read the user's Facebook expression and transform it into an appropriate smiley/sad/frowning/indifferent face. Cox made it clear: "This is not on our roadmap, we don't know how to build this. It actually seems really hard, but it's the kind of thing unlocked by the power of all the different sensors on the phone." Read more at http://read.bi/1Ni1xJ5 (link is external)
  • Delving deeper into ecommerce, Twitter is testing some new ways to help users discover products within its network. First up are dedicated pages, which will feature images and videos about products, alongside information such as a description, price and an option to buy, book, or visit a brand’s Web site for more information. Within users’ timelines, they can now expect to see pages and collections of pages that are shared by influencers and brands. In addition, Twitter is also beginning to test new ways for people and brands to create and share Twitter collections of products and places. Users can now browse collections from various influencers, and get more information about featured products and places. Already, there’s Nike’s LeBron Elite collection; Reese Witherspoon’s Draper James Summer Picks; The Ellen Show’s Best of The Ellen Shop and HBO's #GoT Fan Favorites. “This is just the beginning,” Amaryllis Fox, a product manager at Twitter, promises on a new blog post. “In the coming months we’ll be testing more new experiences we hope give you the most personalized and relevant information about the places and things you want to explore.” While Twitter struggles (link is external) with its direction, ecommerce appears to part of its broader ambitions. Among other efforts, the company has been inviting advertisers to create credit-card-connected promotions, and share them with users directly in their timelines. With their credit cards, users can redeem the new “Twitter Offers” in stores without the need for a coupon or numerical code. Full article available at http://bit.ly/1GuVHOT (link is external)
  • EMBARGOED FOR USE AFTER THE REPORT IS LAID IN PARLIAMENT BY THE PRIME MINISTER ON THURSDAY 11 JUNE 2015 Today the Prime Minister published the Report of the Investigatory Powers Review, entitled ‘A Question of Trust’. It was submitted to him by David Anderson Q.C. Independent Reviewer of Terrorism Legislation. Quote David Anderson said: “Modern communications networks can be used by the unscrupulous for purposes ranging from cyber-attack, terrorism and espionage to fraud, kidnap and child sexual exploitation. A successful response to these threats depends on entrusting public bodies with the powers they need to identify and follow suspects in a borderless online world. But trust requires verification. Each intrusive power must be shown to be necessary, clearly spelled out in law, limited in accordance with international human rights standards and subject to demanding and visible safeguards. The current law is fragmented, obscure, under constant challenge and variable in the protections that it affords the innocent. It is time for a clean slate. This Report aims to help Parliament achieve a world-class framework for the regulation of these strong and vital powers.” The Report The Review was conducted by a small independent team under the leadership of David Anderson Q.C. It received almost 70 written submissions. Further evidence was taken from public authorities (at the highest level of security clearance) and from a wide range of organisations and individuals in the UK, California, Washington DC, Ottawa, Berlin and Brussels. Parts I-III of the Report (Chapters 1-12) inform the debate by summarising the importance of privacy, the threat picture, the relevant technology, external legal constraints, existing law and practice and comparisons with other types of surveillance, other countries and private sector activity. They also summarise the views expressed to the Review by law enforcement, intelligence, service providers and civil society. Part IV of the Report (Chapters 13-15) sets out five underlying principles and 124 separate recommendations. Taken together, they form the blueprint for a new law to replace the Regulation of Investigatory Powers Act 2000 [RIPA] and the dozens of other statutes authorising the collection of communications data. The key recommendations are summarised in paras 10-34 of the Executive Summary at the start of the Report. They include, in particular: a new law that should be both comprehensive in its scope and comprehensible to people across the world (Executive Summary, paras 10-11); maintaining, subject to legal constraints, existing capabilities relating to compulsory data retention as provided for by DRIPA 2014 and formerly under an EU Directive (ES, para 12); the enhancement of those capabilities (e.g. by requiring the retention of “weblogs” as proposed in the draft Communications Data Bill 2012, the so-called “snoopers’ charter”) only to the extent that a detailed operational case can be made out and a rigorous assessment has been conducted of the lawfulness, likely effectiveness, intrusiveness and cost (ES, para 13); the retention subject to legal constraints of bulk collection capabilities (the utility of which is briefly explained by reference to six case studies from GCHQ: Annex 9), but subject to additional safeguards and to the addition of a new and lesser power to collect only communications data in bulk (ES, paras 14-15); a new requirement of judicial authorisation (by Judicial Commissioners) of all warrants for interception, the role of the Secretary of State being limited to certifying that certain warrants are required in the interests of national security relating to the defence or foreign policy of the UK (ES, paras 16-17); measures to reinforce the independence of those authorising requests for communications data, particularly within the security and intelligence agencies (ES, para 21); a new requirement of judicial authorisation of novel and contentious requests for communications data, and of requests for privileged and confidential communications involving e.g. journalists and lawyers (ES, paras 25-27); the streamlining of procedures in relation to warrants and the authorisation of requests for communications data by local authorities and other minor users (ES, paras 19, 23-24); improved supervision of the use of communications data, including in conjunction with other datasets and open-source intelligence (ES, para 29); maintaining the extraterritorial effect in DRIPA 2014 s4, pending a longer-term solution which should include measures to improve the cooperation of overseas (especially US) service providers and the development of a new international framework for data-sharing among like-minded democratic nations (ES, para 20). the replacement of three existing Commissioners’ offices by the Independent Surveillance and Intelligence Commission: a new, powerful, public-facing and inter-disciplinary intelligence and surveillance auditor and regulator whose judicial commissioners would take over responsibility for issuing warrants, for authorising novel, contentious and sensitive requests for communications data and for issuing guidance (ES, paras 28-32); expanded jurisdiction for the Investigatory Powers Tribunal, and a right to apply for permission to appeal its rulings (ES, para 33); and the maximum possible transparency on the part of ISIC, the IPT and public authorities (ES, para 44). Other Reports The Report endorses some of the recommendations of the Intelligence and Security Committee of Parliament (“Privacy and Security”, March 2015). But the Report is broader in its scope, covering the activities of all 600 bodies with powers in this field and not just the security and intelligence agencies. It also departs from the ISC in recommending (a) that a new law should apply across the board (Report, 13.35-13.44), and (b) that interception warrants should be judicially authorised (Report, 14.47-14.57) A further Independent Surveillance Review, to be conducted under the auspices of the Royal United Services Institute (RUSI), was commissioned in March 2014 by the Deputy Prime Minister. It has not yet issued a report. Encryption There has been some recent media speculation on the subject of encryption, which it may be useful to correct. The position communicated by the security and intelligence agencies to the Review is summarised (Report, 10.20) as follows: “The Agencies do not look to legislation to give themselves a permanent trump card: neither they nor anyone else has made a case to me for encryption to be placed under effective Government control, as in practice it was before the advent of public key encryption in the 1990s. There has been no attempt to revive the argument that led to the Clipper Chip proposal from the NSA in the 1990s, when public key cryptography first became widely available. But the Agencies do look for cooperation, enforced by law if needed, from companies abroad as well as in the UK, which are able to provide readable interception product.” The Report recommends that in the digital world as in the real world, “no-go areas” for intelligence and law enforcement should be minimised (13.7-13.14). But as concluded at 13.12: “Few now contend for a master key to all communications held by the state, for a requirement to hold data locally in unencrypted form, or for a guaranteed facility to insert back doors into any telecommunications system. Such tools threaten the integrity of our communications and of the internet itself. Far preferable, on any view, is a law-based system in which encryption keys are handed over (by service providers or by the users themselves) only after properly authorised requests.” Notes for editors: Section 7 of the Data Retention and Investigatory Powers Act 2014 http://www.legislation.gov.uk/ukpga/2014/27/section/7/enacted (link is external) required the Independent Reviewer of Terrorism Legislation to examine: the threats to the United Kingdom; the capabilities required to combat those threats; the safeguards to protect privacy; the challenges of changing technologies; and issues relating to transparency and oversight; and to report to the Prime Minister on the effectiveness of existing legislation relating to investigatory powers, and to examine the case for a new or amending law. This Report is a result of his work on those issues. David Anderson Q.C. is a barrister practising from Brick Court Chambers in London, a Visiting Professor at King’s College London, a Judge of the Courts of Appeal of Guernsey and Jersey and a Bencher of the Middle Temple. He is an experienced advocate in the European Court of Human Rights and in the Court of Justice of the EU: http://www.brickcourt.co.uk/people/profile/david-anderson-qc (link is external). He has served on a part-time basis since 2011 as the Independent Reviewer of Terrorism Legislation, reporting in that capacity to the Home Secretary, to the Treasury and to Parliament on the operation of the UK’s anti-terrorism laws. Contact: For more information about the Independent Reviewer of Terrorism Legislation and for a full copy of the Report please go to: https://terrorismlegislationreviewer.independent.gov.uk (link is external) or contact his clerk kate.trott@brickcourt.co.uk (link sends e-mail). You can also follow David on Twitter: @terrorwatchdog
  • The Center for Digital Democracy (CDD), in its ongoing efforts to monitor the Federal Trade Commission’s enforcement of the Children’s Online Privacy Protection Act (COPPA), has filed a motion in the U.S. District Court of the District of Columbia challenging the FTC’s refusal to release important COPPA documentation. The case involves seven “safe harbor” programs, such as KidSAFE and TRUSTe, approved by the FTC to handle website compliance with COPPA regulations. CDD originally made its request in July 2014, under the Freedom of Information Act, seeking access to annual reports filed with the FTC by safe harbor organizations, as required by COPPA. In light of the commission’s failure to respond to that request within FOIA’s statutory time limit, CDD initiated the current legal proceeding in December 2014. Two months later, the FTC finally responded to CDD’s FOIA request, releasing heavily redacted annual reports amounting to less than half of CDD’s original request.As CDD’s court filing makes clear, the FTC has been overzealous in protecting the self-interest of the private Safe Harbor programs. CDD’s predecessor, the Center for Media Education, spearheaded the movement that led to the passage of COPPA in 1998. The regulation applies primarily to commercial websites that target children under 13, limiting the collection of personal information, providing a mechanism for parental involvement, and placing obligations on companies for adequate disclosure and protection of data. More recently, CDD led a coalition of child advocates, privacy groups, and health experts that successfully pressed for a revised set of regulations that update and clarify COPPA’s basic safeguards. These new regulations, which became effective in 2013, add new protections specifically designed to address a wide range practices on social media, mobile, and other platforms. Without the diligent oversight of the FTC, however, COPPA regulations will mean little in the rapidly evolving online marketplace. As it awaits a favorable ruling from the District Court, CDD remains committed to ensuring that COPPA is fully and fairly enforced. See the filed memo attached below.