Ctrl + N
Lawmakers and consumer advocates are blasting federal and state regulators' record children’s digital privacy settlement with Google’s YouTube as another slap on the wrist. They say it underscores it's time to update a decades-old children online privacy law.
Google will pay $170 million in an agreement brokered by the Federal Trade Commission and New York's attorney general to settle allegations that its YouTube service violated a law protecting children's privacy online. The agreement will also require YouTube to make significant changes to better protect children’s privacy online, such as requiring content creators to indicate whether a video is intended for children and turning off targeted ads on those posts.
The fine far exceeded the agency’s recent record fine for allegedly violating children’s privacy, a $5.7 million penalty against Musical.ly (now known as TikTok). But critics noted it probably will draw little blood from Google because it amounts to less than two days of the company’s profits.
“The FTC let Google off the hook with a drop-in-the-bucket fine and a set of new requirements that fall well short of what is needed to turn YouTube into a safe and healthy place for kids,” said Sen. Ed Markey (D-Mass.), one of the original authors of the landmark 1998 Children’s Online Privacy Protection Act (COPPA). “YouTube knowingly broke the law by tracking kids in order to rake in advertising dollars without the requisite notice to and permission from parents. This settlement makes clear that this FTC stands for ‘Forgetting Teens and Children.’"
The pushback underscores mounting concerns the federal government lacks have the resources or authority to hold tech giants with deep coffers accountable. The swift backlash to the newly announced fine feels a bit like deja vu just months after critics from both parties blasted the FTC's settlement with Facebook in a wide-ranging privacy probe as an early Christmas present to the social networking giant.
That's pushing some critics to say it's time for Congress to update COPPA, which was enacted years before the explosion of video-streaming services and social networks. Markey has co-sponsored legislation with Sen. Josh Hawley (R-Mo.) to update the law, but it hasn't advanced in Congress. Currently COPPA applies to Internet users only under the age of 13, but the senators want to expand it to cover everyone under the age of 16. Their legislation would also require companies to create an “eraser button” that would allow children and parents to delete any data they share with the social network.
Every day I lose more confidence in the FTC. This paltry fine is an insult to every parent in America who has had their children’s privacy violated. When big bureaucracy & Big Tech becomes allies, parents & families lose. Something has to change https://t.co/UJZuGEUUmN— Josh Hawley (@HawleyMO) September 4, 2019
James Steyer, the founder and chief executive of the children’s privacy advocacy group Common Sense, told me in a statement yesterday that the YouTube settlement was “another example of the failed leadership out of Washington D.C.” He thinks Markey and Hawley’s update to COPPA should just be the beginning of privacy reform in Washington, and he has been calling lawmakers to pass a strong, federal privacy law that would not undermine or preempt a new state privacy law in California slated to take effect next year.
In an interview earlier last month, Steyer criticized Congress for being “missing in action” for the last decade on children’s privacy. He slammed lawmakers for not staying up to date on the ways technology is impacting children.
But Steyer says Congress is now under greater pressure to act on privacy, especially after California and Europe have passed their own data privacy laws. He said it’s time for leaders from both parties to join Hawley and Markey.
“It's a no brainer that children's privacy should be a bipartisan issue,” he told me. “This is one of the basic aspects of our kids health and well-being.”
Steyer is skeptical that Congress will pass strong privacy changes before the fast-approaching 2020 election. And he also criticized the FTC fot not being aggressive enough.
“Their performance to date has been very scattered and very weak, and that has to change if we want to protect the best interests of kids and families in this country,” he said.
The FTC has initiated a process to update the rules enforcing COPPA, my colleagues Tony Romm, Greg Bensinger and Craig Timberg report. FTC Commissioner Joseph Simons said the YouTube settlement was a win for the agency, but the commission's two Democrats voted against the agreement.
“This settlement achieves a significant victory for the millions of parents whose children watch childdirected content on YouTube. It also sends a strong message to children’s content providers and to platforms about their obligation to comply with the COPPA Rule," Simons said.
BITS: Apple is a significant provider of access to many of the world’s largest apps, and yet a significant competitor to them, my colleague Reed Albergotti writes. That can pose a challenge for developers -- especially if Apple decides to release a new app or feature that essentially copies their ideas with little notice.
Clue, a popular app that women use to track their periods, recently rose to the top of the App Store charts. But the app is facing an uncertain future as Apple incorporates period and fertility tracking features into its free Health app, which comes preinstalled on every device. Clue earns money by selling subscriptions and services in its free app.
“It’s a love-hate relationship, of course. You don’t want to annoy the milkman when you only have one milkman,” Ida Tin, Clue’s CEO, told Reed. She believes her Berlin-based startup can survive with Apple, she said it underscores the “skewed power distribution” in the tech industry.
Some apps haven’t been so lucky, and Reed reports they’ve shut down under the pressure of trying to compete with Apple. Often they don’t even bring lawsuits because it would be costly and time intensive.
Reed notes this dynamic could come under scrutiny as Washington lawmakers and regulators take a closer look at competition in Silicon Valley:
“The imbalance of power between Apple and the apps on its platform could turn into a rare chink in the company’s armor as regulators and lawmakers put the dominance of big technology companies under an antitrust microscope.”
NIBBLES: Executives from Facebook, Google, Twitter and Microsoft met with government officials yesterday in a closed-door meeting to discuss how to secure the 2020 presidential election, my colleagues Tony Romm and Ellen Nakashima reported. While companies have been mum on specific details about the meeting, the huddle shows that just 14 months away from Election Day, large tech companies are making a more proactive effort to protect their platforms from being exploited for election interference.
The FBI, Department of Homeland Security, and the office of the Director of National Intelligence were in attendance, according to multiple media reports. While the companies declined to comment on details of the meeting, all have been public about their efforts to hone their digital defenses after 2016. Part of those efforts have been close partnerships and communication with the government agencies in attendance. And this likely won't be the last meeting between the groups. There “was a high degree of interest” to do similar meetings in the future and continue to build off work started in the 2018 midterms, a source familiar with the proceedings told Tony and Ellen.
BYTES: The recent revelation of a March heist in which thieves used voice-mimicking software to dupe a British energy company employee into wiring them more than $240,000 may be the first publicly reported theft of its kind, my colleague Drew Harwell reports. The incident has stoked concerns over the unregulated growth of technology to create “deepfakes,” or artificial intelligence-crafted fake videos and audio
A representative for the company that was hacked told Drew that the employee described the fake audio as a replica of his boss's voice, down to “the tonality, the punctuation, the German accent.” The thieves tipped their hand, however, when they attempted to fake a call from the boss at the same time the employee was speaking to the real boss, according to an email shared with Drew.
While the case is unusual, it isn't isolated. Researchers at the cybersecurity firm Symantec said they have found at least three cases where voice-faking tools were used to swindle companies, sometimes out of millions of dollars, Drew reports. As low-cost artificial intelligence tools to create fake recordings become more ubiquitous, the use of the technology to commit cybercrime and other fraud will also probably will increase.
“Criminals are going to use whatever tools enable them to achieve their objectives cheapest,” Andrew Grotto, a fellow at Stanford University’s Cyber Policy Center and a former senior director for cybersecurity policy at the White House during the Obama and Trump administrations, told Drew.
— News from the public sector:
-- Facebook isn't sure how to deliver on its promise to protect users' privacy while allowing them to transport their data, so now it's asking for outside help from other companies and regulators. The company released a white paper yesterday outlining its struggle to comply with mounting regulations, a rare public admission of internal struggles, Jeff Horwitz at the Wall Street Journal reports.
Data protections required by the company's $5 billion settlement with the FTC, alongside European and soon Californian data privacy laws, have added to Facebook's urgent need to find a solution. The company rolled out a "Clear History" tool last month allowing users to limit to some extent how companies use their data -- but not outright delete it -- that was heavily panned by critics. The white paper provides more insight into the company's thinking: data like photos should clearly be transferred, but it's less clear on content like comments. Moreover, the paper suggests that making data too easy for other companies to access could lead to another Cambridge Analytica.
Facebook plans to solicit guidance from other tech companies and regulators in a series of global events, Stephen Satterfield, director of Facebook’s privacy and public policy, tells Jeff. “We’re not going to be able to build portability to the extent we’d like to unless we as an industry can resolve these questions," he said.
— News from the private sector:
— Tech news generating buzz around the Web:
— Coming soon:
- The American Enterprise Institute will host an event titled “Should we reform Section 230" at 10 a.m. on Friday.
- Apple will host a special iPhone event on Tuesday at 10 a.m. Pacific time in Cupertino
- The House Energy and Commerce Subcommittee on Comunnications and Technology will hold a hearing on broadband mapping on Wednesday at 10:30 a.m.
- The Senate Judiciary Subcommittee on Intellectual Property will host a hearing on how to make the patent system stronger on Wednesday at 2:30 p.m.
- The Senate Judiciary will host an oversight hearing on the enforcement of antitrust laws on September 17 at 2:30 p.m.
- The Senate Judiciary will host a hearing to “explore issues relating to competition in technology markets and the antitrust agencies’ efforts to root out anticompetitive conduct” on September 24