Children's Online Privacy Protection Act

• S 2326.  Children's Online Privacy Protection Act.  The lead sponsor is Sen. Richard Bryan (D-NV).   Cosponsors are Sen. John McCain (R-AZ) and Sen. Conrad Burns (R-MT).
• HR 4667.  Children's Online Privacy Protection Act.  Sponsored by Rep. Ed Markey (D-MA).

Summary.  These companion bills would require that any website or online service that is directed to children obtain parental consent before collecting information from children under the age of 13. Enforcement authority would be given to the Federal Trade Commission.  It would also allow states to bring prosecutions under the Act.  The key clause of the S 2326 RS (reported by Senate Commerce Committee on 10/1/98) provides:

"Not later than 1 year after the date of enactment of this Act, the Commission shall promulgate ... regulations that ...  require that the operator of any website or online service that collects personal information from children or the operator of a website or online service that has actual knowledge that it is collecting personal information from a child --- (i) provide notice on the website of what information is collected from children by the operator, how the operator uses such information, and the operator's disclosure practice for such information; and (ii) to obtain verifiable parental consent for the collection, use, or disclosure of personal information from children;"

The bill is also heavily loaded with definitions, exceptions, and exemptions.

Status.  While Congressional committees have devoted considerable time to studying the issue of privacy in cyberspace the proposals to regulate the online privacy of children were not filed until very late in this session.  Sen. Bryan introduced the bill on September 17, 1998.  The Senate Communications Committee held a hearing on September 23, 1998.  The full Senate Commerce Committee passed an amended version of the bill by a unanimous voice vote on October 1.  It may be passed in the Senate as an amendment to the Internet Tax Freedom Act.

Legislative History, with Links to Related Materials.

• 7/21/98, House Commerce Committee holds hearing on Internet privacy.  (Story | FTC Statement.)
• 7/31/98, Vice President Al Gore, accompanied by Commerce Secretary Daley and FTC Chairman Pitofsky, called for legislation to protect children's online privacy.  (Story | Transcript of Speech | White House Press Release.)
• 7/17/98, S 2326 IS introduced in Senate by Sen. Bryan.
• 9/23/98, Senate Communications Subcommittee holds hearing on collecting personal information from children over the Internet.  (Story | Burns Statement | Pitofsky Statement.)
• 10/1/98, S 2326 RS approved by Senate Commerce Committee.  (Story.)
• 10/2/98, full Senate adopts Amendment Number 3679 by unanimous "voice vote," thereby attaching S 2326 RS to S 442, the "Internet Tax Freedom Act."  (Story.)

Tech Law Journal Stories.

• Gore Announces Electronic Privacy Plan, 5/15/98.
• FTC Wants More Power to Regulate Net, 6/5/98.
• Commerce Holds Privacy Conference, 6/23/98.
• Industry Privacy Alliance Formed, 6/23/98.
• Daley Urges Industry to Self Regulate, 6/24/98.
• House Holds Hearing on Internet Fraud, 6/26/98.
• FTC Announces That Spam is Annoying, 7/15/98.
• FTC Wants Power over Internet Privacy, 7/22/98.
• Gore Announces Privacy Initiative, 8/1/98.
• Senate Hearing on Children's Online Privacy, 9/23/98.
• Senate Committee OKs Children's Privacy Bill, 10/2/98.

Related Resources.

• The Center for Democracy and Technology's website has an online privacy section.
• NTIA's privacy links.
• The Privacy Page.  (Good source for news.)
• Online Privacy Alliance.  (Industry group.)

Other Online Privacy Bills.

HR 1367.  "Federal Internet Privacy Protection Act of 1997."   Sponsored by Rep. Barrett (WI).  This bill was introduced on April 17, 1997, and referred to the Committee on Government Reform and Oversight.  It would prohibit federal agencies from making available through the Internet certain confidential records with respect to individuals, and to provide for remedies in cases in which such records are made available through the Internet.  The records affected are those "maintained by an agency with respect to the education, financial transactions, medical history, or employment history of the individual" and which "contains the name or the identifying number, symbol, or other identifying particular assigned to the individual."

HR 2368.  "Data Privacy Act of 1997."  Sponsored by Rep. Billy Tauzin (R-LA).  This bill was introduced on July 31, 1997, and referred to the House Commerce Committee, and the Communications Subcommittee.  It provides for the establishment of a computer interactive services industry working group which shall establish voluntary guidelines: (1) limiting the collection and use, for commercial marketing, of personal information obtained from individuals through any interactive computer service; (2) relating to the distribution of unsolicited commercial electronic mail; and (3) providing incentives for following such guidelines. Prohibits: (1) the commercial marketing use of certain Government information regarding an individual that is obtained through the use of any interactive computer service without the individual's prior consent; and (2) the display of any individual's social security number through the use of any interactive computer service, with specified exceptions.  It also prohibits the commercial marketing use of any personal health and medical information obtained through an interactive computer service unless: (1) the person has obtained prior consent of the individual to whom such information relates for such use; or (2) such use is otherwise authorized by law.