By Laura Laytham

llaytham@yahoo.com

May, 2001

With the advent of the Internet, familiar cultural institutions have been joined by the virtual presence of online institutions which offer a whole new type of cultural community. People with similar interests are no longer reliant on physical proximity to associate amongst themselves. With Web sites, email and other electronic and computerized alternatives, communities and institutions can now thrive with a global membership capacity.

One such example is gURL.com. The Web site gURL.com is one of the fastest-growing teenage girl communities online. The site was created in 1996 as a graduate school project for the Interactive Telecommunications Program at New York University and its founders, Esther Drill, Heather McDonald and Rebecca Odes, aimed to create an alternative to traditional girl-directed media, embracing a candid and honest approach to issues that affect modern young womanhood. Their goal and the goal of the site was then and remains today to entertain and empower girls and young women ages 14 and up.

gURL.com combines its community of users with its own editorial voice, both of which prove themselves unafraid of confronting and frankly discussing issues of sex, body image, the media and more. The gURL.com editorial voice is found in the staff contributions to the core sections of the site. These categories are cleverly broken down into things like Dealing with It, a section addressing life issues, problems and troubles, Looks Aren't Everything, a section that helps girls understand their bodies and their styles, Stop, Look and Listen, a section devoted to music, movies, books and more, and Movers and Shakers, a section all about girls and women in prominent places in the world. The gURL.com users are heard in their own voices within their designated areas, like the Shout-Outs bulletin boards, the chat rooms, their personal Web pages (gURLpages) and in other ways throughout the site. The efforts of the staff combined with the input of the users creates a unique online communal space where teenage girls can come and interact with either the editors or their virtual friends.

This community-driven space has been complicated in many ways since the site's inception in 1996, but it met its most unusual obstacles when, in 1998, gURL.com was acquired by dELiA*s, Inc. The new owner, a marketer of teenage girls clothing, used gURL.com to start a larger network of teenage focused Web sites all owned by its spin-off company, iTURF. This move would see the gURL.com site taken from its original intellectual roots to a new world of full-on corporate embodiment. At this point, issues of policy that used to be simple coffee-table-talk between Esther, Heather and Rebecca now had to be agreed upon with company executives, corporate lawyers and other necessary participants of the publicly traded company.

For gURL.com, policy issues can range from minute details, like deciding on color schemes, to overall attitudes that are reflected across the site, like its view on homosexuality. Within the past year policy decisions have included things like implementing a dirty-word filter (a tool that censors out designated words from being used by gURL.com members), to deciding how to deal with pornographic images uploaded and displayed on user-maintained gURLpages sites, to deciding how much information to give the FBI to assist in their investigation of a gURL.com member. The evolving nature of the Internet as well as the ever-changing attitudes of the gURL.com staff, its members, and most obviously, its owners, mandates that gURL.com constantly implements and rewrites policies to suit its new needs. Reasons for new and altered policies can include financial concerns, user complaints as well as compliance with federal regulations, to name but a few.

One of the more interesting policy issues that gURL.com faced within the last year related to a new Federal Trade Commission law called COPPA, which stands for the Children's Online Privacy Protection Act. This act, which went into effect April 21, 2000, applies to the online collection of personal information from children under 13. Since gURL.com is a teenage focused site that often collects personal information about its users to help develop personal and interactive content, the new law had a direct impact on how gURL.com could continue collecting and using this sort of information.

The COPPA law requires commercial Web sites, specifically those aimed at teenagers or children, like gURL.com, to handle the collection of information from users under the age of 13 in a very specific way. To begin with, the Web site must clearly post its privacy policy, explicitly stating its information collection practices, such as what types of information it collects, how the site will use the information and whether the information will be shared with advertisers or third parties. While posting the Web site's privacy policy is commonly met as more of an industry standard, additional COPPA requirements proved problematic for gURL.com. Beyond posting the privacy policy, COPPA requires Web sites to get parental consent before collecting any information from children under the age of 13. Subsequently, after consent has been granted, the Web site must then also allow parents to review the personal information collected from their children and then enable the parent to revoke their consent or delete any of the information collected about their child at any time.

What is problematic about requiring parental consent and then enabling a way for the parent to view all the information collected about their child is that gURL.com was built without the idea of membership in mind. For all extents and purposes, users on the gURL.com site are not identified in any way until they sign in with their gURL.com member name. Since more than half the site does not require a user to be a member to participate in its activities, it is easy for gURL.com to unintentionally and unknowingly collect information from a child under 13. Further, tracking and maintaining information related to parental consent for users under 13 is quite a heavy task. Each page would have to check for this consent and at every interactive moment, the information provided by the user would need to be recorded and then made available upon request at a later date by the parent. This is difficult to achieve successfully in a member-restricted scenario and virtually impossible within the site's public spaces. Furthermore, the profit incentives for creating such a monitoring network within the gURL.com site are entirely lacking. The idea of overhauling the site to comply with the new regulations never offered itself as a viable consideration.

As a result, gURL.com decided to deny access to users under the age of 13 to areas of the Web site that include interactive features, including and most especially membership. Implementation of this policy took place in two phases. When the COPPA law went into effect in April, 2000, gURL.com began implementing its policy by removing years of birth that would apply to users under the age of 13 from any input areas, thereby not offering under-13 users the ability to properly submit their information and, hopefully, this discouraging them from participation. The site also started mathematically checking the age of any user who applied for membership or who wanted to participate in any of the interactive features of site. If a user provided information that indicated that they were under 13, they would be redirected to a Web page that explained the policy, the COPPA law and encouraged them to return when they are 13 or older.

While these steps discouraged users from under the age of 13 from using the parts of the site that collected personal information or required parental consent, it still allowed the user to freely change their information or lie about their age, thereby gaining access. If a user had provided their correct birth date and was then redirected to the policy explanation page, they could simply click back a few pages and re-enter the information so as to appear over the age of 13. So, while the gURL.com site preferred to allow the user's to be honest about their site usage, the Federal Trade Commission stepped in once more, issuing further explanation of the COPPA law requirements that forced the gURL.com staff to reinstate their policy more strictly.

The second phase of the COPPA compliance policy implementation for gURL.com happened in October, 2001, following the FTC's new guidelines and the deadline set by the FTC for total compliance with the law for all commercial Web sites. Rather than simply redirecting the under-13 user to a policy page, the user would now be assigned a cookie which would continue to identify them as under 13 years of age and thereby permanently restrict their access on the gURL.com site. With this new implementation, a user who provides their correct birth date the first time and is found to be under the age of 13 would no longer be able to click back and re-enter the information a second time incorrectly. Instead, they would be immediately redirected to the policy explanation page once again. Furthermore, when the same user entered a different area of the gURL.com site that also contained a required age-check, the cookie would identify them as under 13 even before being able to designate that information for themselves. At this point, the only way a user under 13 years of age could gain access to any of the information collecting features of the gURL.com site would be if they lied up front and then every time thereafter.

What is interesting and remains yet unknown about this policy decision by gURL.com to deny access to users under the age of 13, in accordance with the COPPA law is how it actually affected gURL.com users. Although the site is intended for teenagers and young women of 14 years and up, it actually has an extensively large membership under the age of 14. In a recent, average week's activity, 5,945 new memberships were created for girls who indicated themselves to be 13 years old. That is five times the number of 18 year-old girls who signed up for membership in the same week and twice as many as the number of 16 year-old girls who signed up. It is clear that the site draws most of its community membership from younger girls. It would seem logical then to assume that the FTC's COPPA law and the policy measures put in place by gURL.com to meet these new regulations have had an adverse affect on gURL.com users under the age of 13. With the new policy in place, these girls must now either lie about their age or accept rejection from the gURL.com community.

In hindsight, it seems that the regulations set in place by the FTC's law and the subsequent compliance-driven policies set in place by sites like gURL.com have gone in an entirely different direction than intended by the COPPA regulations. While COPPA aimed to protect the privacy of children under the age of 13 and their personal information but not to deter their access to information in general, it has instead ended up restricting them from gaining access at all. The new regulations have driven Web sites like gURL.com to deny access rather than build the necessary accommodations needed to meet the specific protocols set in place by the FTC.

Curiously, for a site like gURL.com, which aims to inform and assist in the trials and tribulations of female adolescence, blockading access to users who could very much use and enjoy it seems to be what happens when federal and commercial policy making collide. Federal rules aim to provide the best protection for users whereas commercial interests require balancing efforts with profits. In the end, the policies in place have the strongest repercussions on the people who entirely lack access to either institution. Twelve year-old girls simply do not have a voice in the offices of the FTC or in the boardrooms of corporations like the one that owns gURL.com. While these twelve year-old girls most likely face the same problems as their thirteen year-old peers, their resources have been limited under the guide of privacy protection.