'Hooked on Phonics' Firm Settles Data-Sharing Complaint

Gateway Learning Corp., maker of the Hooked on Phonics brand of learning products for children, settled a complaint alleging that it shared the personal data of its Web customers in violation of its online privacy policy, the Federal Trade Commission said yesterday.

Gateway also subsequently changed its online privacy policy, allowing it to share personal data with third parties. But it failed to notify customers who had submitted information prior to the change.

According to the FTC, in April 2003 Gateway began renting personal information provided by its online customers. Since 2000, when it began marketing Hooked on Phonics online, its Web privacy policy had stated that it would not share personal information of its customers with third parties without their consent, the FTC said.

In June 2003, Gateway Learning changed its privacy policy, stating it would share personal data “from time to time,” and retroactively applied that policy, according to the FTC. It failed to notify existing customers of the change.

Gateway shared the information of about 30,000 online customers, and the data was used for telemarketing and direct mail, the FTC said. Information included names, addresses, phone numbers, age ranges and gender of customers' children.

As part of the settlement, Gateway will surrender $4,600 it earned from rental of the data. The money will go to the federal government, said Howard Beales, director of the FTC's consumer protection bureau. The company agreed to cease sharing the data and will ensure that it is no longer in use for marketing purposes.

The FTC did not press charges under the Children's Online Privacy Protection Act, which calls for fines of $11,000 per violation. COPPA charges were not warranted in this case because Gateway collected information from parents and not directly from children.

The settlement will act as a deterrent to other online marketers regarding deception in their privacy policies, Beales said. Changes in privacy policies can be made, but the policies must state in advance what the process is for making changes. Marketers must abide by that process.

“The order itself and the attendant publicity is part of the disincentive,” Beales said. “Our goal is to take whatever you make from the list rentals, so there's no gain here.”

In a statement, Gateway Learning said it was pleased to have resolved the charges.

“Please be assured that the current privacy policy, which has been in place since July 2003, is not at issue,” Gateway said in the statement.

The FTC has pursued civil charges against other online marketers, alleging deceptive privacy policy changes. In 2000, it sued Toysmart.com, which had promised never to share personal data but tried to sell its customer database as an asset when it went bankrupt.

Toysmart.com later sold the database to a subsidiary of The Walt Disney Co., which was a majority owner of Toysmart.com. Disney then destroyed the database.

Also in 2000, Amazon.com faced backlash from privacy advocates when it changed its privacy policy to say that it could share personal information with third parties. However, the FTC found that the change did not violate federal law. Amazon.com e-mailed customers to inform them about the change, but didn't provide an opportunity to opt out.

Related Posts