My 11-year old daughter was excited. She and her similarly-aged friends were going to head to downtown to do some Black Friday shopping. Escorted and ushered around by the parents of one of her friends, the girls made their rounds from store to store, picking up “amazing” deals at a variety of stores. They even did a little shopping for themselves. One deal that my daughter did turned out to not be that amazing after all. As she was checking out at a store that has both online and brick & mortar (I won’t give the name – let’s just call it “123 Company”) stores, the clerk casually asked her for her email address. I only learned about this later, as she asked me how she could stop all of the “123 Company’s” emails that were “spamming” her email inbox. This clerk’s action, which I’m sure happens all the time at other brick & mortar stores around the U.S. — designed to grow the marketing database — is, in my mind, quite questionable and potentially illegal. So can stores ask for children’s email addresses?
Luckily for my daughter, we were able to easily unsubscribe from the “123 Company’s” email list together. It was quick and painless. At least, I hope it was (and is). And, as we were doing this and I was telling her that even the process of clicking “unsubscribe” on an email is potentially dangerous, given that spammers often look to see if there is anyone “on the other end” of the email, it did give me a great opportunity to talk to her about online and offline privacy, protecting personal information no matter where you are and who you are speaking with, and how children under 13 are pretty much “prohibited” from using websites that have personal information collected (part of the reason why she doesn’t have all of the social media apps that some of her friends do have). This is where COPPA (Children’s Online Privacy Protection Act) set up by the Federal Trade Commission (FTC) is important to know about.
But as I did some research to attempt to discover if COPPA even applies to off-line privacy protection (it doesn’t seem to), I realized that there isn’t that much written about kids privacy offline and children’s email address collection in stores. So I figured I would put in my two cents, not as a lawyer or legislator, but just as a concerned parent. Honestly, I don’t view myself as overly protective when it comes to my kids online (and offline) activities. My wife and I often discuss things with our daughters, but more in the form of a dialog, citing examples along the way. The children’s email addresses request by an in-store worker was yet another perfect scenario to bring up safety and why preserving confidential or private information on and off-line is critical.
Let’s get back to this current example and provide a few more details as well as my (unsolicited) personal thoughts.
Can Stores Ask for Children’s Email Addresses?
Being a content creator by night and a content strategist and marketer by day, I completely understand why companies ask for people’s email addresses. They want to grow their databases of prospect and existing audiences in order to sell or market to them in the future. Lord knows, I’m on a ton of email addresses (either by choice or because my email has been sold to another group). We are tracked in so many different ways, it’s scary. But such is life and unless you live completely isolated from modern society, it’s quite difficult to avoid. Because of this tracking, consensual or not, we are exposed to tens of thousands of marketing messages every day. Get used to it as it will only become even more personal and targeted as these technologies evolve.
But, there is a limit, I feel. Specifically, an age limit.
COPPA was designed to protect children under the age of 13 and provide regulations on online privacy while ensuring children’s personal information is not captured or used (unless parental consent is expressly given). I’m all in favor of this. Children simply don’t have the life experience to know what is safe or good online, unless they are guided, hopefully by someone with more and sounder experiences and knowledge.
COPPA doesn’t apply offline though.
I searched around to see what policies exist regarding asking for children’s email addresses in a physical location. It’s really hard to find much, if anything about it. So, I’m going to go out on a limb here and simply say – the same COPPA policies that exist for protecting children’s ONLINE privacy should exist OFFLINE as well.
Back to collecting emails for a second here. During the holiday crush, I well understand that store sales people might be temporary workers or recently hired and may well not have been instructed about email address collection policies in store. Or a particular store might not even have an email collection policy. Or the worker may be getting a bonus or incentive to capture as many emails as possible.
I would think, though, that any decent human being would have the common sense not to ask a child, a tween or even a teen, for their email address, especially if there isn’t an adult or parent present. But perhaps I’m wrong.
In my daughter’s scenario, she told me that the clerk quickly asked “can I get your email address?” It was very matter-of-fact and nonchalantly done. My daughter, as she recounted, thought that they needed it to look up our account or something, so she gave it. What bothers me are a few things: 1) it was asked for in the first place, 2) the clerk didn’t say what the email would be used for and 3) that the clerk even asked for it, knowing they were talking to a young child and the parent wasn’t present.
Later, as my daughter and I discussed this and as I was unsubscribing her from the barrage of marketing emails she had already received in just a few days, I wondered what was going through my daughter’s mind. Was she scared into giving her email address? Did a person of authority asking for personal information make her uncomfortable? Or was it completely innocent?
What Brick & Mortar Stores Should Do Regarding Children’s Email Addresses?
The simple answer in my opinion is just play it safe and do not ask for children’s email addresses. However, I would like to offer some suggestions to any Brick & Mortar store owners, large or small.
- Create a policy.
- Educate all of your employees, temporary, part-time or full-time on the policy.
- Review your online Privacy Policy and see how it can be adapted for in-store activities as well.
- Review your online Privacy Policy in general and ensure it addresses children under 13 and COPPA.
- If you are going to be collecting email addresses, don’t ask for children’s email addresses even if you think you know their age.
- If a parent is present, ask them for their email, not for their children’s email addresses.
- Don’t force anyone, young or old, to provide personal information unless you clearly describe what it will be used for.
And for parents, I offer these thoughts:
- Have regular discussions about online and offline privacy.
- Clearly tell them not to give any personally identifiable information online (I know, this one is hard).
- Let them know that there are laws that protect children online, but that they should not always take that for granted.
- Once a child’s personal information it captured, it is quite difficult to erase or delete completely.
If you have time, and who does nowadays, take a look at some of the sites where your kids might be shopping, particularly at their Privacy Policies. You might find some interesting things. “123 Company” has a particularly interesting clause:
But if a store (online or off) has a target market of teens and tweens, how can you not expect this market to visit and shop on or at them? It’s tricky. As a really good content marketer, you will need to target the parents of these tweens and teens as well as the kids themselves. For the teens & tween market, you need to go to their “watering holes” (where they hang out – think SnapChat, Instagram or Vine perhaps) since, legally, you might not be able to use personally identifiable information to target them (e.g., email marketing campaigns).
Anyway, I didn’t want this article to become a marketing lesson, nor lecture parents on how they should raise their children. I simply want to let companies and stores know that they should definitely be careful as well as considerate about if and how they capture children’s email addresses off-line.
I don’t want to be talking in an echo chamber here. What do you think? Should the same COPPA policies apply to off-line, brick & mortar stores too? Where should marketing limits be drawn?
My daughters now know that when that in-store marketing email capture monster rears its ugly head, they will just now simply answer “No thank you” when asked to give their email address.
HTD says: Asking for children’s email addresses at a physical store shouldn’t be allowed, unless a parent provides consent. And, in my opinion, shouldn’t be asked to children at all.
