FTC Complaints Accuse McDonald's, General Mills and Others of Collecting Kids' Data

Marketers Say Advocacy Groups Don't Understand the Law

By Published on .

A coalition of advocacy groups filed complaints to the Federal Trade Commission claiming that a number of marketers' websites are violating the Children's Online Privacy Protection Act. But some of the accused marketers said that the coalition doesn't understand the law.

The groups contend that the marketers are encouraging kids to play games related to the brands and engage in activities that prompt kids to provide friends' email addresses, all without parental consent.

A scene from a game on TrixWorld.com
A scene from a game on TrixWorld.com
Among the companies that had complaints filed against them are McDonald's, for its HappyMeal.com website, General Mills' for the ReesesPuffs.com and TrixWorld.com sites, Doctor's Associates for SubwayKids.com, Viacom for Nick.com and Turner Broadcasting's CartoonNetwork.com.

The coalition -- which includes Center for Digital Democracy, the Consumer Federation of America, Center for Science in the Public Interest and the Privacy Rights Clearinghouse, among others -- is asking the FTC to update its kids privacy rules to protect kids against data collection and behavioral targeting, including the collections of emails and photos, and the use of cookies.

The chief concern for the coalition seems to be the use of peer-to-peer viral marketing, or tell-a-friend campaigns. Common practice in the marketing world when targeting teens and adults, the coalition said that such tactics are "inherently unfair and deceptive when aimed at children, who often aren't aware that they are being asked to generate advertising messages." The websites in question offer games or activities in which kids are encouraged to share their experiences with their friends and are asked to provide email addresses of friends, who are then sent emails encouraging them to go to the website, the coalition said.

But a spokesman for General Mills, which had not been contacted by the organizations, said the company believes "they have mischaracterized or misunderstood" the issue. COPPA, he added, "permits 'send-to-friend emails, provided the sending friend's email address or full name is never collected and the recipient's email address is deleted following the sending of the message."

The coalition is also concerned with the practice of marketers asking kids to upload photos of themselves, and the use of code to track kids' online behavior. "All of this is done on these child-directed websites without obtaining the express and verifiable consent of either sets of parents -- a clear violation of COPPA," said the Center for Digital Democracy on its website.

"The companies identified in these complaints are clearly trying to circumvent privacy safeguards for children," said Kathryn C. Montgomery, a professor of communication at American University who led the campaign in the 1990s for passage of COPPA, in the statement. "They are also enlisting kids and their friends in deceptive marketing schemes disguised as play -- in some cases for junk foods and other unhealthy products -- completely under the radar of parents." COPPA defines kids as individuals under the age of 13.

At least one marketer appears to have been caught blindsided by the complaint. Danya Proud, spokeswoman at McDonald's, said in a statement: "This alleged complaint(s) was shared with members of the media under embargo. McDonald's was not provided the opportunity to review in advance. As such, it would be inappropriate to comment or speculate."

Nickelodeon said in a statement: "We take our compliance with children's privacy rules very seriously, and the allegations made by these groups are absolutely incorrect. Nick.com does not retain any personal information as part of our 'Send to a Friend' function, which simply allows kids to share their favorite online games with one another in full compliance with COPPA."

Cartoon Network said in a statement: "Cartoon Network takes its compliance with the Children's Online Privacy Protection Act very seriously. We will review any allegations closely."

"Subway Restaurants takes online privacy seriously and is COPPA and CARU compliant," a Subway spokesperson told Ad Age .

Most Popular
In this article: