Choice of the Week

First off I’d like to apologise to all users for our lack of updates to the Choice of the Week, we received quite a few suggestions and a few comments about the lack of update so thank you to all who did write in to the choice@deardiary.net address.

As you can see this is now being updated again – but not by us! Katrina, a long-time user of the system has taken over this role for us. She plans on updating it once per week, on Fridays, with the best entry of the week.

So get your nominations for entry of the week in during the week to choice@deardiary.net so that she has plenty to choose from every week.

Again, my apologies for the lapse in service, and my thanks to all of you for your patience and to Katrina for picking up the slack :)

Matt.

IBill Problems

Hi All,

I just saw a news article on The Register regarding troubles at IBill.

The article is here – excuse the poor title that is in the true ‘style’ of The Register.

I’d just like to reassure everybody, as we use IBill for our premium subscription service, that none of our subscription options make use of the ‘rebill’ facility. This is for repeat subscriptions – eg. on some sites you sign up for a month and then it automatically deducts every month thereafter. This is not the case with Dear Diary, if you don’t specifically go back and do another subscription then your subscription will lapse and you’ll not be charged for anything.

As such, we should be immune from these problems and you can all rest easy :)

If however anyone does notice charges on their card that should not be there then send as much information as possible to us and we will go take a 2-by-4 to them and get the money refunded :)

Matt.

COPPA Regulations

I have today updated the new user screen, the change user details screen and our privacy policy to reflect our interpretation of the COPPA regulations by which we must abide if we wish to provide service to the USA.

Its a bit late, and for that we apologise, however, even though we are a bit late we were (perhaps luckily!) not in breach of the regulations anyway. Having said that, in order to clarify our position, the above changes have been made. Its an interesting reflection on the status of the internet that as UK citizens and as a UK company we must still abide by a law of the USA… How will this work in the future if we have residents from China accessing our sites, or Russia, or where-ever. Must we abide by their rules too? Presumably yes. What happens when they are in conflict? Who arbitrates for us? A tangly mess the Internet is forming up for itself here…

Please check the Privacy Policy which encompasses the Privacy Policy for ALL AtomIC sites (though there may be some links somewhere that reference the individual sites… If you come across one, please mail us at support@atomic-systems.com). The most important change is the notice to parents and the notice to under 13’s.

I hope that the Privacy Policy explains everything clearly. If it doesn’t then please email me. I would urge EVERYONE using the AtomIC sites, but particularly those using DearDiary.Net – please do NOT give out your personal information to people in any case, whether you are under 13 or not. As has been discussed to death in the past, you do not know who is reading your diary and who can be trusted. The principle is simple, trust no-one. Reveal nothing. Write in as much detail as you like, but remember its a publicly available forum and as such you should keep your true (offline) identity to yourself.

As a footnote; The COPPA Helpline still never got back to me…

Please leave a comment here, or mail us if you have questions.

Steve.

Banning Users

We won’t ban American Users dont worry. Besides which, 80% of our users are American. Probably 50% of those are under 15 (we actually don’t know of any Americans here who are under 13 – and don’t want to, at least not yet!) The comment of banning American IP addresses was more intended to show my increasing frustration :-)

Its a complicated issue, mostly because we allow people to write their own things and publish them, and laws don’t really, at the basic level, like freedom of speech at all.

There’s lots of little wrinkles to this because we only really collect any information about anyone so we can contact them if something is wrong and to send passwords. This could come under the needing the information for the security of the system and therefore does not need parental consent.

Its unlikely, in any case, that parental consent would ever be an option (which is why the other diary sites merely don’t allow under 13’s to write – because getting the consent is hard work, and most kids don’t WANT their parents to know their diary details, would you have done at 12??). But there are some interesting things about COPPA law that I’ve dug up;

COPPA is only triggered if your site is AIMED at kids (ours is not), or you have confirmed KNOWLEDGE that people under 13 are using it (we do not).

From the COPPA FAQ I think we will apply the following, unless the FTC (who in true ‘do it tomorrow’ government style never returned my call) tell me otherwise in the future;



GENERAL AUDIENCE AND TEEN SITES

38. I operate a general audience site and don’t ask visitors to reveal their ages. However, I do have a number of chat rooms. (a) What happens if a child visits my site and posts personal information in a chat room but doesn’t reveal his age?

The Rule is not triggered. It applies to general audience websites if they have actual knowledge that a particular visitor is a child. If such a site knows that a particular visitor is a child, then the Rule must be followed with respect to that child. If a child posts personal information on a general audience site, but doesn’t reveal his or her age and you have no other information that would lead you to know that the visitor is a child, then you would not have “actual knowledge” under the Rule and would not be subject to its requirements. Collecting a child’s age, however, does provide “actual knowledge.”

(b) What happens if a child visits my chat room and announces his or her age?

If your site has a chat room and no one in your organization sees or is alerted to the post, then you do not have the requisite actual knowledge under the Rule. You may be considered to have actual knowledge with respect to that child: (1) if someone from your operations sees the post in a chat room; or (2) if someone alerts you to the post. At that point, you must delete any personal information that has been posted and either ask the child for a parent’s email address for purposes of providing notice and obtaining consent to future postings, or take reasonable steps to block that child from returning to the chat area of the site, whether through screen name blocking, a cookie, or some other means. If you have monitored chat rooms where the monitors can delete information from posts before they are made public, then your monitors can simply strip the child’s posts of any personal information before they are publicly posted, thus permitting children to participate in the chat room without the need for obtaining parental consent. This practice is easily applied to “auditorium” style chat in which children pose questions which are screened to a moderator or guest celebrity.

Or, in other words, we will remove age requests from the signup process – we don’t use them anyway, and our present system tells us only that someone is under 15, not 13. And we will continue as we have done. However, if we are made aware that someone is under 13 and a US citizen then we will have to block their account until they can provide parental consent. It would appear that an email from the parent is sufficient for these purposes.

Our privacy policy will be updated to cover all AtomIC Systems sites (which it already does as far as we are concerned, but it doesn’t look that way externally) and to include these new ‘limitations’. As will the Acceptable Use Policy.

The law appears to be made to stop people collecting information about children for marketing purposes and using well known techniques for extracting their parents money from them! Which is fair enough. I agree with the spirit of the law, but question its workability for all but the largest of companies with staff that can deal with it. I also disagree that we should treat childrens privacy any differently from an adults privacy, which also makes the law a little bit odd. In any case, we never have, and never will, use your information to market to third parties (we might use it to contact you ourselves about new features or new services though). The privacy policy is quite clear on this.

If this becomes a big workload we’ll have to reconsider the options. We’ll see.

Comment Headache

OK, now I know why I wasn’t experiencing the problem and others were…

Our old ad provider obviously switched themselves off today, the ones who went bust that is, because it was the ad code that was causing the delay, while it tried to connect to the ad server to get an ad. I didn’t experience it because I’m a Premium User and so I didn’t see any ads :-)

Its now, finally, fixed and some extra tweaks to the PHP engine should help too (like I removed the Java support since we don’t need it any more!)

Sorry for the aggro.

Now, tell me how we should go about the COPPA issue and kids using the site…

Steve.