Hooked On Phonics Gets Hooked - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

01:44 PM

Hooked On Phonics Gets Hooked

There's a lesson to be learned about terms-of-service policies from the FTC's recent action against Gateway Learning Co.

In the first enforcement case of its kind, the Federal Trade Commission last month disclosed the settlement of its claims against Gateway Learning Co., which owns Hooked on Phonics, under Section 5 of the FTC Act for misrepresenting its data-collection and -sharing policies. (Section 5 of the FTC Act covers unfair and deceptive practices, as well as consumer fraud, misrepresentation, and false claims.)

Gateway was required to pay a fine of $4,600, the proceeds it received from sharing its users' personal information with marketers. The information shared included personal information about children under the age of 13.

Gateway had a privacy policy in effect at its hop.com Web site from 2000 until June 2003 (known as the "Earlier Privacy Policy"). The Earlier Privacy Policy contained special provisions, under the title of a "Promise of Privacy," relating to (among other provisions):

  • The use of personal information collected about or from its users

  • The use of children's personal information

  • How it would notify site users of any changes in the privacy policy

(These provisions of the text of the privacy policy in effect at the Web site on Dec. 6, 2001, were taken from Exhibit A to the FTC's complaint against Gateway, as it appears at the FTC Web site.)

In April 2003, Gateway began sharing the names, addresses, telephone numbers, and purchasing histories, as well as the ages and genders of the users' children, with marketers for direct-mail and telemarketing purposes without customers' consent. Two months later, on June 20, 2003, a new privacy policy was posted at the Web site (known as the "Later Privacy Policy").

The provision regarding sharing of personal information with third parties was changed, however, to provide that the company would, from time to time, share personal information unless customers expressly ask them not to. (See Exhibit B to the FTC's complaint against Gateway.)

Despite its promise to notify users of any material changes in the company's information, no special notations or notices of the change were provided either at the Web site or via E-mail. A few weeks later, Gateway ceased sharing this information with marketers. On July 17, 2003, Gateway once again changed its privacy policy, this time to include an "updated date" and slightly revised personal-information-use provisions, as well as a new provision omitting any promises as to the use of children's personal information. The new provision relating to children's information excluded previous representations about not sharing personal information about children under 13 years of age. (See Exhibit C to the FTC's complaint against Gateway.)

Specifically, the FTC charged Gateway with:

  • Making false claims when it promised in its Web-site privacy policy not to sell, rent, or loan to third parties consumers' personal information unless it received the consumers' consent, and that it would never share information about children

  • Committing an unfair practice when it attempted retroactively to make material changes to an existing privacy policy to now permit sharing of personal information

  • Committing a deceptive practice by failing to notify its users (as promised in the privacy policy) of these changes

The full FTC release can be accessed here. According to Howard Beales, director of the FTC's Bureau of Consumer Protection, the issue is simple. "If you collect information and promise not to share, you can't share unless the consumer agrees. You can change the rules but not after the game has been played."

What does the decision tell us about changes to privacy policies and terms of service at Web sites? It tells us that if you don't adhere to your promises, the FTC will come knocking on your door. To look at the issue from a legal enforceability standpoint, visit my blog or my Web site.

Return to main story:
"Get Real About Your Terms-Of-Service Agreements"

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of IT & Cybersecurity Operations 2020
The State of IT & Cybersecurity Operations 2020
Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!
IT Careers: 10 Industries with Job Openings Right Now
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/27/2020
How 5G Rollout May Benefit Businesses More than Consumers
Joao-Pierre S. Ruth, Senior Writer,  5/21/2020
IT Leadership in Education: Getting Online School Right
Jessica Davis, Senior Editor, Enterprise Apps,  5/20/2020
Register for InformationWeek Newsletters
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll