The Children Act: US lawmakers asking to know how YouTube collects data on children

US Congressmen have demanded Google CEO answers questions on how YouTube tracks the data of minors.

Anyone who has been a parent to toddlers or pre-schoolers in the last dozen years must have felt, like it or not, YouTube has been a wonderful thing. It does not only provide occasional surrogate parenting but also delivers much genuine pleasure to the kids, from entertainment to education, with sheer silly laughter in between.

Meanwhile we have also recognised that YouTube can be a pain as much as a pleasure. The pre-roll and interstitial ads on such content are all clearly pushed at kids, in particular game and toy shopping; recommendations are based on what has been played therefore encouraging binge watching; not to mention the disturbing Peppa Pig or Micky Mouse spoof parodies that keep creeping through, a clear sign that, while you are watching YouTube, “YouTube is watching you”.

But neither the pleasure nor the pain should have been there in the first place, because, though not many of us have paid attention, “YouTube is not for children”, as the video service officially puts it. In its terms of service YouTube does require users to be 13 years and above. But, unlike Facebook, which would lock the user out unless he has an account, anyone can watch YouTube without the need of an account. An account is only needed when someone intends to upload a clip or make a comment. Even in situation like this, children can pretend to be above the age limit by inputting a faked date of birth, or simply by using someone else’s account. And YouTube has known that all along, it even teaches users how to make “family-friend videos”. Admit it or not, YouTube is for children.

Following complaints from 23 child and privacy advocacy groups to the Federal Trade Commission (FTC), two congressmen, David Cicilline (D) of Rhode Island, and Jeff Fortenberry (R) of Nebraska, sent a letter to Google’s CEO Sundar Pichai on September 17, demanding information on YouTube’s practices related to collection and usage of data of underaged users. The lawmakers invoked the Children’s Online Privacy Protection Act 1998 (COPPA), which forbids the collection, use or disclosure of children’s online data without explicit parental consent, and contrasted it with Google’s terms of service which give Google (and its subsidiaries) the permission to collect user data including geolocation, device ID, and phone number. The congressmen asked Google to address by October 17 eight questions, which are essentially related to:

  • What quantity and type of data YouTube has collected on children;
  • How YouTube determines if the user is a child, what safeguard measures are in place to prevent children from using the service;
  • How children’s content is tagged, and how this is used for targeted advertising;
  • How YouTube is positioning YouTube Kids, and why content for children is still retained on the main YouTube site after being ported to the Kids version

Google would not be the first one to fall foul of COPPA. In a recent high-profile case, FTC, which has the mandate to implement the law, fined the mobile advertising network inMobi close to $1 million for tracking users’, including children’s location information without consent.

This certainly is a headache that Google can do without. It has just been humiliated by the revelation that users’ location data was still being tracked after the feature had been turned off, not to mention the never-ending lawsuits in Europe and the US over its alleged anti-trust practices. It also, once again, highlights the privacy minefield the internet giants find themselves in.  Facebook is still being haunted by the Cambridge Analytica scandal, while Amazon’s staff were selling consumer data outright.

Nine years before COPPA came into force, an all-encompassing Children Act was passed in the UK in 1989. In one of its opening lines the Act states “the child’s welfare shall be the court’s paramount consideration.” This line was later quoted by the author Ian McEwan in his novel, titled simply “The Children Act” (which was recently made into a film of the same title). In that spirit we laud the congressmen for taking the action again YouTube’s profiteering behaviours. To borrow from McEwan, sometimes children should be protected from their pleasure and from themselves.

FTC set to get in Facebook’s face, and its books

The US Federal Trade Commission has announced it is formally investigating Facebook’s privacy practices, which is unlikely to end well.

This was pretty inevitable given the spectacular amount of press surrounding the Cambridge Analytica stories. While it can be reasonably argued that it’s pretty naïve to be all shocked when you find out a social media company has been exploiting the personal data you willingly give it for profit, this scandal seems to have broken the dam on pent-up concerns about data privacy.

Again, that was bound to happen sooner or later. The rules on personal data have been made up on the fly because we’ve only had social media for a decade or two. It’s quite possible that Facebook has done nothing wrong in the legal sense but the world is now asking whether or not it should have been allowed to play so fast and loose with our digital identities regardless.

“The FTC is firmly and fully committed to using all of its tools to protect the privacy of consumers,” said Tom Pahl, Acting Director of the FTC’s Bureau of Consumer Protection. “Foremost among these tools is enforcement action against companies that fail to honour their privacy promises, including to comply with Privacy Shield, or that engage in unfair acts that cause substantial injury to consumers in violation of the FTC Act.

“Companies who have settled previous FTC actions must also comply with FTC order provisions imposing privacy and data security requirements. Accordingly, the FTC takes very seriously recent press reports raising substantial concerns about the privacy practices of Facebook. Today, the FTC is confirming that it has an open non-public investigation into these practices.”

The implication there is that Facebook made some specific vows to the FTC that it may have violated. Even if it hasn’t, this kind of non-public investigation (and surely there will be leaks) will allow the FTC to dig around as much as it wants. Since the origin of this story was the relatively benign matter of exploiting a loophole and then selling that data on, it seems improbable that further such transgressions won’t be uncovered.

This news alone has spanked the Facebook share price down another few percent, just as it’s trying to recover from its latest PR challenge. Over the weekend there was widespread reporting that Facebook has been gathering the details of Android users’ contacts details, including phone numbers and text messages. A BBC journalist was taken aback to find his entire contact list among the files presented to him when he downloaded all the data Facebook has on him.

Facebook felt moved to defend itself on this specific count, insisting it has not been logging people’s call and text history without their permission. Apparently that is an opt-in feature for people using Messenger or Facebook Lite on Android, that you can opt out of whenever you want. Facebook also insisted it doesn’t collect the content of calls or texts and doesn’t sell any of this stuff on. Incidentally your correspondent doesn’t seem to have opted into this feature.

The fact that Facebook is having to defend an opt-in feature that has been in place since 2015 shows how much this story has changed the rules of the game. People have become hyper-aware of how freely they agreed to surrender information to Facebook and are retrospectively indignant. Unless Facebook successfully addresses this sentiment its share price will probably continue to fall.

Broadcom chats with FTC and SEC over acquisition and tax shelter

Broadcom has been keeping its lawyers busy over the last couple of days, firstly responding to an FTC second request for information, and secondly, starting the redomiciliation to the tax shelter of Delaware.

Starting with the FTC and Broadcom’s proposed acquisition of Qualcomm, Broadcom announced that it has received a request for additional information and documentary material. This is of course a normal part of the acquisition process, but doesn’t tell us much about which way the FTC is leaning, even if the Qualcomm board is doing everything it can to resist.

The second request for information is part of the Hart-Scott-Rodino Antitrust Improvements Act of 1976. It essentially grants the FTC an additional 30 days to review any acquisition, to properly assess whether there will be negative impact to competition in the US.

Of course Broadcom is confident the move would do nothing but good things for the rollercoaster world of processors, but it is questionable whether the scale of acquisition is healthy. Qualcomm is in the process of acquiring one of the industry’s major players in NXP, potentially sucking up competition, and should Broadcom effectively be allowed to absorb both, some might argue this would be a negative for the industry.

Elsewhere in the Broadcom world, the team has also announced that it has kick-started the process to move its headquarters out of Singapore and into Delaware. Because the American dream is of course embodied by Delaware, please see below:

Uhlerstown-Frenchtown Bridge over the Delaware River Connecting

The process was set underway back in November, though now it is beginning to gather steam. Broadcom expects to receive approvals by shareholders and the Singapore High Court by the end of the second quarter, though there haven’t been any noises about moving it operating headquarters out to the glorious landscape which is Delaware.

So why Delaware you ask? Of course it has something to do with cash.

Along with Nevada, Delaware is seen as a tax shelter in the US, offering numerous benefits for corporations. Firstly, there is no sales tax in Delaware. Irrelevant as to whether its physical location is in the state or not, as a Delaware corporation, no in-state purchases are subject to tax.

Secondly, most states require a business to pay an annual franchise or LLC tax which is derived from revenues. Delaware operates on a different model, with a flat-fee franchise tax of $100 and a flat-fee LLC tax of $250.

Thirdly, there are privacy benefits, which is an interesting one. Local laws state privately held corporate business owners are shielded from public record. Irrelevant as to what papers are filed in the state, only the name of the entity and the name and address of the registered agent are required.

Finally, the state has a separate court system called the Court of Chancery, which allows corporate litigation to be handled locally as opposed to being escalated to federal court. Its quicker and cheaper.

For those who thought the Broadcom team might have a keen interest in the Hagley Museum and Library, or the Air Mobility Command Museum and Gordons Pond (some of the top attractions in Delawre, according to TripAdvisor), think again. The new Delaware headquarters might be nothing more than one man in a room, answering the phone and Googling his name.