In the late ’90s, the Internet was really and truly the Wild, Wild West. It was a tough time for parenting because it was difficult to know exactly what to tell our kids about staying safe online.
But one thing was as clear then as it is now: Don’t give personal information on the Internet. Back then, parents worried a great deal about online child predators. Honestly, at the time, thoughts of privacy issues and protecting our kids from identity theft just weren’t a major concern. This soon changed.
It was in November 1999 that Neopets.com hit the scene. Kids loved it. I mean, really, really loved it. The computer game allowed them to create and take care of virtual pets in Neopia, a virtual world, and interact with each other on boards. Kids had to register, which involved giving personal information. Like other kids, Ashley, my then-10-year-old daughter, wanted to sign up and participate.
My lectures about not giving personal information on the Internet apparently did have an impact on her. Ashley now says, “I remember at the time thinking I shouldn’t give my real name. So I made up a last name.”
So although she gave her actual address to somebody connected to the site when she signed up (it’s unclear whether it was Neopets or one of its advertisers; it was too long ago to remember), Ashley used the name “Ashley Ainttellnu,” as in, I ain’t tellin’ you my last name. Hey, when you’re 10 years old, this approach makes darn good sense. And she did (sort of) listen to her mom. Unfortunately, she used her address—a big no.
Flash forward about 10 years. Ever since Ashley started college in 2009, she’s been receiving offers for student credit cards. Last week, Ashley received two credit card offers on the same day. They were both for a Discover student card.
One was addressed to Ashley Harzog and one was addressed to—are you ready?—Ashley Ainttellnu. The card issuer, Discover, knows how old Ashley Ainttellnu is and that she’s now in college. What Discover doesn’t know is that Ashley Ainttellnu doesn’t exist and that she most certainly doesn’t need a credit card.
I reached out to Discover and asked how they obtain mailing lists for credit card offers. A spokesperson for Discover said that the card issuer works with well-known, reputable vendors to receive general, non-regulated consumer information. Discover has agreements in place that require these vendors to verify that the names and addresses are legitimate.
What they didn’t say is whether or not these reputable venders have at any point in the past collected children’s personal information, only to release it to banks once they’ve come of age. Maybe Discover doesn’t know how their vendors gather the names and addresses, but in this parent’s opinion, they ought to check into it. In fact, I think it’s time all credit card issuers started taking some responsibility for the personal information they purchase.
Obviously, my daughter’s personal information was sold on a list. I’ve contacted Neopets in an attempt to figure out what may have happened, but they declined to respond. To their credit, though, they now require kids under 13 to obtain parental consent before they can interact with others. This step is taken to stay in compliance with the Children’s Online Privacy Protection Act (COPPA), enacted in 1998. Parents have to complete and actually mail in a consent form.
Unfortunately, kids can get around this by lying about their birthdates. I know this because I made up a birthdate when I signed up and I was able to wander around the site unencumbered. But I’ll still give Neopets credit for trying to maintain a safe environment. There were warnings all over the place about safety and how kids will get banned for life if they don’t follow the rules or make inappropriate comments. Neopets makes it easy for parents to find explanations about COPPA. So I’d say they make a good effort to follow the law. Anyway, as much as you can when you’re relying on kids to tell the truth about their age.