By Jacob Rubinstein
You would be hard-pressed to find someone who has heard about the Momo story, whether it is a hoax or not, and not been shaken with fear about the details. Unfortunately, Momo was not the only troubling news about the safety of our children online that unfolded in the past few days. I recognize that as a privacy attorney with a deep background in children’s privacy the second story may not be as notable as I perceive. Nevertheless, the story leaves similar alarms for parents and I feel privileged to educate readers who may be seeing the TikTok story for the first time.
As adults, we have all been anxious about the “big brother” effect. Still, when we think about children online who are not even legally able to consent, their “rights” should be somewhat enhanced. In some jurisdictions, children’s privacy laws cover minors until age 18. In the United States, the federal regulatory framework is known as COPPA, the Children’s Online Privacy Protection Act. That framework only protects kids until they turn 13.
COPPA was passed in April 2000. The federal statute was passed in response to a mounting concern around digital marketing practices that targeted children and collected their personal information online without provision of parental notification.
The COPPA requirements are:
- Obtaining verifiable parental consent before collecting personal information from users under the age of 13
- Giving parents the right to revoke consent and have such personal data deleted
- Disclosing to parents what kind of information is collected from their children online
- Inclusion of a thorough privacy policy highlighting what information is collected from site users
- A general duty to protect the security of children online
When reviewing the Momo story, the key issue is the security of children online. The duty to protect the security of children online is limited to website operators, who are the only parties with a duty to comply with COPPA. Furthermore, the requirements surrounding Internet security are less specific than the ones surrounding collecting children’s personal information.
I believe that perhaps there are lawmakers who believe that many of us would take this duty to rear our children safely so seriously that legal protection is not necessary. From a Torah perspective we know the pasuk in Vayikra 19:16 tells us not to stand by when our brother is being harmed, all the more so, our children. The Mechabeir tells us in Orach Chaim 343 that we may not feed our kids anything that is prohibited and the Gemara in Chullin 9a tells us that laws of danger are more stringent than those of prohibitions. So, both our ethical and Torah obligations are clear as to our onuses in this arena.
Which brings us to the first part of our current events, which is the Momo story. Japanese sculptor Keisuke Aiso created a statue known as mother bird. According to the Chicago Tribune, there was something called a Momo Challenge, whereby the image of Aiso’s statue was used through social media such as WhatsApp and YouTube to encourage children to do harmful things to themselves.
The video tells children that if they don’t do things like light the stove and blow out the flames, filling their house with gas, Momo will kill them. Regardless of whatever portion of this story is legitimate, there is no limit to how scary this can be for parents of young children. I was quite startled just by seeing the image and was not commanded to do anything dangerous. Some rumors said that videos popped up even on sites that were supposed to be secure and solely for kids, such as YouTube Kids. These images had pervaded mechanisms we have come to rely on, such as vetting and parental controls.
Story number two relates more to the privacy side. TikTok, a music video app that users can use to sing, dance, and lip-sync, known formerly as Musical.ly, was struck with a $5.7 million fine by the Federal Trade Commission, the largest COPPA-based sum in the commission’s history.
The FTC wrote that the app owner knew they were collecting names, emails, and IP addresses from kids under 13 yet never sought parental consent. Until three years ago, the app allowed users to see if other users are within a 50-mile radius from each other. The complaint against TikTok furthers alleges that site owners refused to delete kids’ personal information at the request of parents. Before July 2017, users were not even asked to verify their age.
The good news is that the FTC is taking a clear stance that they are refusing laxity in children’s privacy in the online environment. Still, in the era of big data, there are growing incentives to monetize user information. Every additional site visitor bears a blatant potential conversion into revenue. Hence, the desire to get users even through deceptive methods is only growing as time goes on.
Exposing children to the Internet has many benefits. Unfortunately, many parents, including the author, use it as a means to keep children busy where they might otherwise be overwhelming. There is a really beautiful benefit of allowing children to learn so much on their own in unprecedented ways and in unprecedented volumes, but the dangers cannot be ignored.
The general concept of privacy actually has Torah-based roots. The Chofetz Chaim tells us in Hilchos Rechilus 8:5 that a person must keep another’s secret even if revealing the information has no traces of slander. The Chofetz Chaim continues to say that sharing this can damage the person who confided in you, similar, l’havdil, to American defamation law.
Some are also familiar with the Rabbeinu Gershom brought by the Be’er HaGolah in Yoreh Deah 334:123 that forbids opening the mail of another. There are legal scholars who attribute this as source for modern privacy law as well.
When we think about the privacy regulations surrounding adults, the exact legal theory that facilitates individual privacy rights is hotly contested by privacy legal scholars. One of the more commonly accepted explanations comes from the words of Justice Brandeis in a 1928 opinion, known as “the right to be left alone.”
In my understanding, Chazal does tell us that Yidden are not supposed to be people of extreme censorship. For example, the Gemara in Nazir on 19a tells us that a nazir, someone who abstains from wine, is a sinner. The idea according to many commentators is that we are not supposed to close ourselves off from wine but rather learn to enjoy with boundaries.
Often, I believe, as a community we worry about teens and adults using the Internet and at times our focus is the potential spiritual maladies. Certainly, strict adherence to those concerns is what make us holy. However, it is important not to forget to protect the helpless among us and the physical safety and privacy concerns that are rampant.
The prospect of children learning in ways they never have before is probably not one we should squelch completely. At the same time, due to the wealth of reasons others may have to compromise the privacy and safety of our most cherished assets, we must pay close attention to what they are doing. Giving unfettered access without having regular checkpoints is a dangerous endeavor. We cannot count on the law or others to protect what matters most to us. If we would not hand our children tarfus or let them ride a bike without a helmet, we certainly should not tell them to run into a web where we truly do not know all the risks without being close by to keep them safe.
Jacob Rubinstein is a privacy attorney admitted in New York and New Jersey. He is certified by the International Association of Privacy Professionals and has a Certificate in Digital Law from Brooklyn Law School. He has written a number of articles on the topic of children’s privacy and advises financial institutions on matters of privacy law.
