Will Parental Age-Verification Keep Teens Safe on Networking Sites? Why the Answer is No

By ANITA RAMASASTRY

Thursday, Jul. 26, 2007

MySpace, the popular social networking site, just announced that it has identified a shocking 29,000 registered sex offenders on the site, and taken steps to remove their profiles.

In the wake of the announcement, North Carolina Attorney General Roy Cooper is pushing for state legislation to ban sex offenders from using social networking sites, and to require such

sites to obtain consent from a parent, and verify the parent's age and identity, before any child under 18 may create a profile on the site.

Attorney General Cooper says that he and several of his fellow attorneys general are aware of at least 100 incidents of predators' physically exploiting children after meeting them by using MySpace. It was Cooper who, in May, led a group of eight state attorneys general in getting MySpace to turn over the names of the registered sex offenders it located among its members.

In this column, I will discuss the proposed age- and identity-verification legislation, and consider its potential effectiveness. I'll argue that age- and identity-verification, as it presently exists, will not keep teens from visiting and creating profiles on social networking sites without their parents' knowledge or consent.

Moreover even if parents do grant permission, they still likely will not be able to find out about their children's online activities.

Existing Law on Age Verification: COPPA's Requirements, and Its Limits

Already, a federal law, the Children's Online Privacy Protection Act (COPPA) requires all commercial website operators who either target children under 13, or who are aware that they collect information from children under 13, to obtain "verifiable" parental consent.

MySpace and other networking sites claim they are exempt from COPPA because they restrict membership to teens 14 years and older. But if they are in error about their membership, they may pay a heavy price.

Within the past year, social networking Web site Xanga.com paid a high $1 million civil penalty for alleged COPPA violations. According to the FTC, Xanga.com "knowingly collected, used, and disclosed personal information from children under the age of 13 without first notifying parents and obtaining their consent." The Xanga site reportedly stated that children under 13 could not join, but in practice, allowed visitors to create Xanga accounts even if they provided a birthdate indicating they were under 13.

In sum, COPPA and the FTC in theory cover children under 13. But no federal legislation or agency protects children ages 13-18. Also, Xanga's problem was somewhat obvious; it allowed visitors to register when they actually gave under-13 birthdates. The more difficult - perhaps insoluble - problem is what to do when visitors lie to make their birthdates suggest they are of age to use the site, when they are actually younger.

Is the North Carolina Legislation a Good Solution to the Age-Verification Problem?

Unfortunately, the proposed North Carolina legislation likely will not provide a good solution to this problem - for several reasons.

First, the law only applies to commercial social networking sites. Thus, teens and predators could still mix and mingle, for example, on nonprofit or amateur fan-club or other "affinity" sites.

Second, the legislation's definition of "social networking site" is vague. It applies to any site that:

"(i) is operated by a person who derives revenue membership fees, advertising, or other sources related to the operation of the Web site;

(ii) facilitates the social introduction between two or more persons for the purposes of friendship, meeting other persons, or information exchanges;

(iii) allows users to create Web pages or personal profiles that contain information such as the name or nickname of the user, photographs placed on the personal Web page by the user, other personal information about the user, and links to other personal Web pages on the commercial social networking Web site of friends or associates of the user that may be accessed by other users or visitors to the Web site; and

(iv) provides users or visitors to the commercial social networking Web site mechanisms to communicate with other users, such as a message board, chat room, electronic mail, or instant messenger."

The law expressly exempts any site "(i) that provides only one of the following discrete services: photo-sharing, electronic mail, instant messenger, or chat room or message board platform; or (ii) the primary purpose of which is the facilitation of commercial transactions involving goods or services between its members or visitors."

Thus, EBay or a private IM would not be covered.

However, the legislation could be read to apply to, for example, YouTube or Craigslist.

The legislation should be clearer about the boundaries of its application, ensuring it does not reach beyond the social networking sites it is mean to target.

The Problem with Age-Verification Requirements

An even thornier issue is the legislation's requirement, as noted above, that parents verify their ages and identities before their children can use the site. How would this be done? Sites might compare information provided with commercial databases, or require parents to submit credit cards or printed forms. But unlike in the real world, where eyeballing a person greatly helps with age verification, serious problems will still exist.

Online, it may be quite easy for teens to impersonate adults - particularly their own parents - by borrowing a parent's wallet, or opening his or her mail. Teens might also enlist adults who are not their parents to pretend to be their parents for this purpose, much as teens often get older adults to buy them beer. In addition, "verified" identities could easily be sold cheaply online, with some "parents" ending up with dozens of "children" before anyone is caught.

Making the issue even more difficult, there is, similarly, no way to verify that a child online is, in fact, a child for the purposes of creating a child-only site or section of a site. A child's online profile could, in fact, be one for an adult masquerading as a minor.

Finally, the problem remains that age verification does little to stop real-world meetups between children and predators.

The same predator who is trying to meet children online may try the same strategies at the mall or a popular hangout.

Thus, parents should never be lured due to a false sense of security into forgetting about the most crucial and effective type of prevention of all: warning children never to meet older adults, whether "friends" or strangers, without parents' knowledge, and explaining why this is so urgently important.


Anita Ramasastry is an Associate Professor of Law at the University of Washington School of Law in Seattle and a Director of the Shidler Center for Law, Commerce & Technology. She has previously written on business law, cyberlaw, computer data security issues, and other legal issues for this site, which contains an archive of her columns.

FindLaw Career Center

    Select a Job Title


      Post a Job  |  View More Jobs

    View More