Banning Users

We won’t ban American Users dont worry. Besides which, 80% of our users are American. Probably 50% of those are under 15 (we actually don’t know of any Americans here who are under 13 – and don’t want to, at least not yet!) The comment of banning American IP addresses was more intended to show my increasing frustration 🙂

Its a complicated issue, mostly because we allow people to write their own things and publish them, and laws don’t really, at the basic level, like freedom of speech at all.

There’s lots of little wrinkles to this because we only really collect any information about anyone so we can contact them if something is wrong and to send passwords. This could come under the needing the information for the security of the system and therefore does not need parental consent.

Its unlikely, in any case, that parental consent would ever be an option (which is why the other diary sites merely don’t allow under 13’s to write – because getting the consent is hard work, and most kids don’t WANT their parents to know their diary details, would you have done at 12??). But there are some interesting things about COPPA law that I’ve dug up;

COPPA is only triggered if your site is AIMED at kids (ours is not), or you have confirmed KNOWLEDGE that people under 13 are using it (we do not).

From the COPPA FAQ I think we will apply the following, unless the FTC (who in true ‘do it tomorrow’ government style never returned my call) tell me otherwise in the future;


38. I operate a general audience site and don’t ask visitors to reveal their ages. However, I do have a number of chat rooms. (a) What happens if a child visits my site and posts personal information in a chat room but doesn’t reveal his age?

The Rule is not triggered. It applies to general audience websites if they have actual knowledge that a particular visitor is a child. If such a site knows that a particular visitor is a child, then the Rule must be followed with respect to that child. If a child posts personal information on a general audience site, but doesn’t reveal his or her age and you have no other information that would lead you to know that the visitor is a child, then you would not have “actual knowledge” under the Rule and would not be subject to its requirements. Collecting a child’s age, however, does provide “actual knowledge.”

(b) What happens if a child visits my chat room and announces his or her age?

If your site has a chat room and no one in your organization sees or is alerted to the post, then you do not have the requisite actual knowledge under the Rule. You may be considered to have actual knowledge with respect to that child: (1) if someone from your operations sees the post in a chat room; or (2) if someone alerts you to the post. At that point, you must delete any personal information that has been posted and either ask the child for a parent’s email address for purposes of providing notice and obtaining consent to future postings, or take reasonable steps to block that child from returning to the chat area of the site, whether through screen name blocking, a cookie, or some other means. If you have monitored chat rooms where the monitors can delete information from posts before they are made public, then your monitors can simply strip the child’s posts of any personal information before they are publicly posted, thus permitting children to participate in the chat room without the need for obtaining parental consent. This practice is easily applied to “auditorium” style chat in which children pose questions which are screened to a moderator or guest celebrity.

Or, in other words, we will remove age requests from the signup process – we don’t use them anyway, and our present system tells us only that someone is under 15, not 13. And we will continue as we have done. However, if we are made aware that someone is under 13 and a US citizen then we will have to block their account until they can provide parental consent. It would appear that an email from the parent is sufficient for these purposes.

Our privacy policy will be updated to cover all AtomIC Systems sites (which it already does as far as we are concerned, but it doesn’t look that way externally) and to include these new ‘limitations’. As will the Acceptable Use Policy.

The law appears to be made to stop people collecting information about children for marketing purposes and using well known techniques for extracting their parents money from them! Which is fair enough. I agree with the spirit of the law, but question its workability for all but the largest of companies with staff that can deal with it. I also disagree that we should treat childrens privacy any differently from an adults privacy, which also makes the law a little bit odd. In any case, we never have, and never will, use your information to market to third parties (we might use it to contact you ourselves about new features or new services though). The privacy policy is quite clear on this.

If this becomes a big workload we’ll have to reconsider the options. We’ll see.

Similar Posts


  1. Sometimes, I just act 13-whats that get me?

    Sometimes I wish I had the energy of a 13 year old.

    However, Im glad I dont have the acne problem of a 13 year old.

    I guess what Im really saying is, Hi Matt! Hi Steve!


  2. Sounds good. You dug up what I did, only you got more than I did, with better explanations. If I come up with anything different, I’ll be in touch.

  3. Why not require all of us to send nude pictures of ourselves to you and then you can determine our age through that. Anyone that appears to be under the age of 13 should be violently kicked off and reported to the authorities for child pornography.


    11111 USERS:)



Leave a Reply

Your email address will not be published. Required fields are marked *