Parental consent as a service

03/14/13 00:23:00    

By Michael Mealling

In 1998 Congress passed the Children's Online Privacy Protection Act (aka COPPA) to protect the privacy of children under the age of 13. Wikipedia explains it this way:

The act, effective April 21, 2000, applies to the online collection of personal information by persons or entities under U.S. jurisdiction from children under 13 years of age. It details what a website operator must include in a privacy policy, when and how to seek verifiable consent from a parent or guardian, and what responsibilities an operator has to protect children's privacy and safety online including restrictions on the marketing to those under 13. While children under 13 can legally give out personal information with their parents' permission, many websites altogether disallow underage children from using their services due to the amount of work involved.

The key is that compliance takes enough work that many sites simply disallow children under 13. And now the requirements are changing. This past December the Federal Trade Commission outlined updates to the regulations to expand the definition of personally identifiable information, update the verification mechanisms for parents, and expand the definition of “collect”.

So compliance is difficult and often simply not worth it. Regulations like that create opportunities to outsource both the compliance and the liability. About four years ago I was involved with a Startup Weekend project to provide a service that did that but sadly, as often happens at Startup Weekends, the team never gelled so we made very little progress. But the idea had merit and a solid business model.

Enter Mix.ee. The brain child of two local Atlanta entrepreneurs, Dave Walters and Andrew Watson, Mix.ee provides “parental consent as a service” by augmenting a website's sign-up form. Future plans include a portal for parents to monitor their child's site access, examine the data that's been collected, and revoke access.

Technically its very doable. But one big question is compliance and liability. Will Mix.ee apply for COPPA safe harbor status which allows their customers to claim compliance with COPPA by adhering to Mix.ee's rules? That would be huge. Anyway, I have a meeting with the Mix.ee team on Friday. I'll update this article with any new information I discover.