Study Shows Children’s Web Sites May Be Entertaining,
But May Also Make Kids Cry
Most Popular Sites Commercialized; Some ‘Sell’ Kids’ Creations Back to Them

YONKERS, New York, Tuesday, May 6 – Publishers of many major children’s Web sites should do a better job disclosing sales and advertising information to parents, especially as more kids at younger ages go online to play and meet friends, says a study released today by Consumer Reports WebWatch and the Mediatech Foundation of Flemington, N.J.
For the study, parents in 10 families used video cameras to keep journals, providing insights into the way children use sites such as Club Penguin, Webkinz, Nick Jr., Barbie.com and others. Footage from those journals, which can be viewed at http://www.youtube.com/cwwkids, illustrates how young children respond to advertising and marketing tactics online.

• The most popular young children’s sites are moderately to heavily commercialized. When rated by our test parents on a scale from 1 (not commercialized) to 5 (extremely commercialized), the 21 sites considered in this study scored a mean rating of 3.47.

• Web sites frequently tantalize children, presenting enticing options and even threats that their online creations will become inaccessible unless a purchase is made. Some sites show attractive options that invite a click, but lead to a registration form instead. Some sell a child’s prior experience – a room they’ve built for a virtual pet, for instance – back to them, using statements such as, “If you cancel your membership, then your belongings will go into storage and will be automatically retrieved when you re-subscribe.”

• Most sites we observed promote the idea of consumerism. The most common technique uses a reward-for-work basis, awarding "points, coins or dollars" for success and achievement that can then be used to "buy" items such as clothing, makeup, big-screen TVs or other accessories for virtual pets or avatars.

• The games we observed vary widely in quality, in educational value, and in their developmental match with children’s abilities. Such mismatches often result in frequent cries for help.

“There’s no doubt young children love to go online, and we observed examples of wholesome, good quality, Web-delivered content,” said Warren Buckleitner, the study’s author. “But after watching ten hours of typical online play, we were shocked at the extent of manipulative behavior. This study shows that no one – neither parents nor publishers – really knows what is going on when children start up a browser. Ideally, the sites kids encounter should be designed by people with degrees in child development instead of MBAs.
“There’s nothing more painful than watching a young child cry,” Buckleitner said. “But unfortunately, that’s the end result for too many children who are spending time with ‘state-of the-art’ children’s online content.”
The study makes these and other recommendations for parents:

• Keep an eye on the screen. Set up the home computer in a central location so you can see what your child is doing. Lend a hand or suggest an activity that matches your child’s interests or abilities and pay attention to the directions his or her activities take.

• Be suspicious of “free” offers. As in the real world, free lunches are rare, and this is a concept children can’t understand. Don’t expect young children (and many adults) to understand the well-worn caution: “If something looks too good to be true, it probably is.”

• Read before you click. Before you or your children click on the “I agree” button, scour terms-of-use agreements and privacy policies to make sure you aren’t agreeing to share information you don’t want known. At worst, publishers make such disclosures inconvenient to read and awkward, so you are tempted to click an agreement and move on. Those emotions can be amplified when you have an anxious toddler pressing you. Also, don’t download software before verifying it won’t alter your computer’s settings.

“We believe parents need a more complete picture of the Web sites where their young children are spending an increasing amount of time,” said Beau Brendler, director of Consumer Reports WebWatch. “One test family spent $1,316 in a year on stuffed animals on a single site. Some sites play for profit on a child’s emotions to the degree we saw begging, tantrums and even tears in the videos.”
The study will be available at the Joan Ganz Cooney Center's inaugural symposium, "Logging Into the Playground: How Digital Media Are Shaping Children's Learning" on Friday, May 9, in New York City. Details at http://www.joanganzcooneycenter.org/events/index.html

Methodology
This study used ethnographic methodology and cannot be considered representative of any whole population. A total of 15 children participated in the study from ten families, all residing in Hunterdon County, New Jersey -- six girls and nine boys, ranging in age from 2 years 9 months, to 8 years 3 months, with the mean age just under 5 ½ years (5.36 years). All families had high-speed Internet access. Nine used Windows operating systems, one used Macintosh.
The study makes recommendations for Web publishers of children’s sites, based in part on WebWatch’s guidelines for Web site credibility, first published in 2002.

About Consumer Reports WebWatch
Consumer Reports WebWatch is the Internet integrity division of Consumers Union, the non-profit publisher of Consumer Reports Magazine, the Consumer Reports on Health and Money Adviser newsletters, and a variety of sites advocating consumer rights in the marketplace. We research and investigate Web sites on behalf of consumers, and we advocate for consumer-focused Internet policy and governance. Consumer Reports WebWatch accepts no advertising. Consumer Reports WebWatch is a member of the W3C consortium for developing Internet standards; the Internet Society, a grass-roots group focused on Internet policy; and is an at-large structure (ALS) in the user community of ICANN, the Internet Corporation for Assigning Names and Numbers. WebWatch also serves as an unpaid special adviser to StopBadware.org, a "Neighborhood Watch" initiative led by Harvard University's Berkman Center and the Oxford Internet Institute devoted to helping Internet users avoid downloading malicious spyware, adware and malware programs. With the Center for Media and Democracy, WebWatch publishes Full Frontal Scrutiny (www.frontgroups.org), dedicated to exposing the activities of front groups in modern media and culture. For further information about Consumer Reports WebWatch, including staff biographies, visit ConsumerWebwatch.org

About Mediatech Foundation
Mediatech Foundation is a non­profit public community technology center based in Flemington, N.J. Warren Buckleitner, PhD., an adviser to Consumer Reports WebWatch and founder of the Mediatech Foundation, wrote this report. Buckleitner is editor of Children's Technology Review, a periodical covering children’s interactive media. A former teacher of preschool children and 2nd-, 4th- and 6th- graders, Buckleitner has been studying the design of interactive learning products since 1982. He holds a bachelor's degree in elementary education, a master's degree in human development and a doctorate in educational psychology learning, culture and technology from Michigan State University. Study sites were screened by Debbie O’Grady, a reviewer for Children’s Technology Review. Buckleitner and Brendler interpreted video footage.

So: Clicking on the application form link leads to this page, with no navigation forward or back except for a link that places Princeton Premier in Fresh Meadows, NY. You actually have to search for Princeton Premier via Google or other means to find the Web site. Digging deeper on the site, there is a phone number, and on two separate occasions on March 26, 2008, real human beings answered it. (As of late afternoon Friday, March 28, the phone number has since disappeared). We tried to get more information about how to purchase a biography, but were told to go to the Web site. Jason Harris, Princeton Premier's Managing Director, apparently has an office where we called, and we were assured he would return our call, but so far he hasn't. We left several phone messages as well. By the way, the Princeton Premier phone number in the spam mail, and the one found in directory assistance for Astoria, NY, didn't work when we tried them.
We can't really critique Princeton Premier's business model, because we don't know what it is. Google "Princeton Premier," and the fourth result says the site has been suspended because its domain account expired, but on March 28 we were still able to see it. If you do manage to get past the impressive array of services on offer, you will find a "terms of agreement" link that tells you all you need to know about whether you should pay any money for a Princeton Premier biography:
"Our cancellation policy states there is a non-refundable 20% processing fee which will be automatically retained on any cancellation that occurs within 24 hours of any sale.
All program sales after 48 hours are final and no refunds will be issued for our service and all accompanying personalized products." So if a profile costs $100, you're still going to get stuck for $20 even if you get a case of buyer's remorse. We couldn't find a price list, though.
This isn't the first time we've written about exclusive-sounding professional "directories" that pretty much accept anybody who's willing to pay them money. With apologies to Groucho Marx, would you want to join any club that would have you and everybody else as a member?

1. Think of an online auction like a flea market and an auction Web site as the building in which the market takes place. Online auction sites are venues for transactions, and so, the responsibility is on the buyer and the seller to engage in a transaction both are happy with.

2. Winning an auction is something like a contract, binding both buyer and seller with some rules. In a timely fashion, you should receive the merchandise you paid for, and the buyer should receive payment.

3. Take time to learn about the merchandise you are planning to buy. Ask yourself some basic questions before getting involved in an auction: Am I OK with a used leather jacket, or do I want a new one? (Both new and used goods are available on auction sites, from individual sellers to chain retailers).

4. Consider how you are going to make a purchase. Many sellers accept direct payment via a service such as PayPal (which is owned by online auction giant eBay) or BidPay. Many buyers won’t do business with sellers who do not accept such payment services. If a buyer won’t accept your preferred method of payment, don’t do business with that buyer.

5. Are you buying a big-ticket item? You may be tempted to use an escrow service, a third party which holds on to your money while you and the seller make an arrangement to inspect the goods on offer. The trouble with escrow sites, which have sprung up by the thousands to cater to nervous online buyers of pricy goods such as automobiles, is that the vast majority are fraudulent, according to the U.S. Federal Trade Commission (FTC). In early 2003, about 10 fake escrow sites surfaced each month, while the rate climbed to 25 a month by year’s end. One legitimate service, Escrow.com, says it gets reports of six times that number, many of them with graphics and logos stolen from its own site.

See our other online auction fraud fact sheets for more information about scams before, during and after an auction.

Keep up to date on all types of online fraud, and ways to prevent it. Bookmark Consumer Reports WebWatch: http://www.consumerwebwatch.org

This is the fifth in a series of factsheets published by Consumer Reports WebWatch, with grant support from the New York State Attorney General’s Office, and the first in a series of three fact sheets on online auction fraud.

Millions of people around the world buy and sell goods online through auction Web sites such as eBay and UBid. And most of them transact quite happily. But getting the most out of an online auction requires some advance preparation. Here are some tips to help you get started.

1. Think of an online auction like a flea market and an auction Web site as the building in which the market is taking place. Online auction sites are venues for transactions, and so, the responsibility is on the buyer and the seller to engage in a transaction both are happy with.

2. Winning an auction is something like a contract, binding both buyer and seller with some rules. In a timely fashion, you should receive the merchandise you paid for, and the buyer should receive payment.

3. Take time to learn about the merchandise you are planning to buy. Ask yourself some basic questions before getting involved in an auction: Am I OK with a used leather jacket, or do I want a new one? (Both new and used goods are available on auction sites, from individual sellers to chain retailers).

4. Consider how you are going to make a purchase. Many sellers accept direct payment via a service such as PayPal or BidPay. Many buyers won’t do business with sellers who do not accept such payment services. If a buyer won’t accept your preferred method of payment, don’t do business with that buyer.

5. Are you buying a big-ticket item? You may be tempted to use an escrow service, a third party which holds on to your money while you and the seller make an arrangement to inspect the goods on offer. The trouble with escrow sites, which have sprung up by the thousands to cater to nervous online buyers of big-ticket items such as automobiles, is that the vast majority are fraudulent, according to the U.S. Federal Trade Commission (FTC). In early 2003, about 10 fake escrow sites surfaced each month, while the rate climbed to 25 a month by year’s end. One legitimate service, Escrow.com, says it gets reports of six times that number, many of them with graphics and logos stolen from its own site.

See our other online auction fraud fact sheets for more information about scams before, during and after an auction.

Keep up to date on all types of online fraud, and ways to prevent it. Bookmark Consumer Reports WebWatch: http://www.consumerwebwatch.org

This is the first in a series of factsheets published by Consumer Reports WebWatch, with grant support from the New York State Attorney General’s Office.

If you have a computer at home, whether it’s a laptop or desktop, you should follow these steps. Remember, a broadband (high-speed with no phone dialing) connection to the Internet is like another door into your house. Take the same kinds of security precautions with your home computers that you take when you leave your house.

1. Activate protection. If your operating system (for instance, Microsoft Windows, either XP or Vista) has a firewall, spam blocker, or other built-in security application, make sure it's turned on. The firewall included with Windows Vista is adequate. Those for Macintosh computers are not so good, but Mac operating systems are less easily targeted. ZoneAlarm 7.0 is a free firewall for Windows XP if you have not downloaded XP service pack 2.

2. Update and renew. Set your operating system and security software to update automatically. Spam, spyware, and virus-detection programs incorporate "rules" or "definition" files that need to be current to catch the latest threats. When your software warns you to renew your service, be sure to do so, ensuring protection doesn't lapse. If you are having trouble downloading updates online, ask your operating system’s publisher to send them to you on a CD-ROM.

3. Upgrade your operating system and browser. If you're running Windows XP or earlier Windows versions, consider the more secure Windows Vista. Though the software has some problems, Vista lets you surf in a protected environment that prevents online threats from damaging your operating system and contains a two-way firewall that blocks both incoming and outgoing threats. Consider using the Firefox browser, which will notify you if you are on a troublesome site.

4. Take advantage of security features offered by Internet service providers (ISPs) and others. The EarthLink Toolbar (www.earthlink.net/software/free/toolbar), for example, incorporates a scam and popup blocker, spyware scan, and home page protection. The Netcraft antiphishing toolbar (www.toolbar.netcraft.com) warns about known phished sites. McAfee Site Advisor (www.siteadvisor.com), lets you know whether McAfee tested it and, if so, what it found, including viruses, spyware, spam, pop-ups, phishing, and consumer scams. It even overlays site reports on Web search results and automatically blocks access to sites that exploit browser weaknesses.

5. Shut off your computer. This can reduce the chance a malicious remote computer will penetrate your operating system security and access it. And you'll save energy.

6. Guard personal information. Never respond to e-mail requesting your passwords, user names, Social Security number, or other personal information, no matter how official it looks. If you're asked to call a telephone number, verify it independently.

7. Consider a Mac. Although Mac owners face the same problems with spam and phishing as Windows users, they have far less to fear from viruses and spyware. Because Apples are less prevalent than Windows-based machines, online criminals get less of a return on their investment when targeting Macs.

8. Watch what you download. The myriad of free utilities, games, and other software on the Internet can be useful, but many are laden with viruses and spyware. Try to download only from well-known manufacturers or trusted sites such as those at www.download.com , www.snapfiles.com, and www.tucows.com. If you are unsure, go to StopBadware.org.

9. Download Avast! Antivirus software for free. If you’re having difficulty using the antivirus software that came with your machine, try Alwil’s Avast!, free for home and non-commercial use at www.avast.com. If not Avast, make sure you run antivirus software and do regular scans.

10. Run two antispyware programs. Spyware is so insidious, and sometimes difficult to detect, that it warrants double protection. Set the better of the two programs to block spyware in real time. Use the other to scan whenever you suspect something might have escaped the first program. One recommendation is Spybot Search & Destroy (http://www.safer-networking.org/index2.html), which is free, but consider making a donation.

For more information, and to keep up to date on ways to keep your home computers safe from unwanted invaders, bookmark Consumer Reports WebWatch: http://www.consumerwebwatch.org

This is the third in a series of factsheets published by Consumer Reports WebWatch, with grant support from the New York State Attorney General’s Office.

Has this ever happened to you? You get an e-mail that looks like it’s from eBay, PayPal or Citibank, asking you to update your account. But don’t click on that link! You may wind up on a Web site built by scam artists that downloads a keystroke logger to your home computer that records all your passwords and sends the information to a stranger overseas. Millions of people have fallen for scams like this – even if they don’t do business with the company sending the e-mail. Phishing e-mails usually pretend to originate from financial services companies, Internet service providers or retailers, though some entrepreneurial phishing scammers once even hijacked the name of the U.S. Federal Trade Commission, responsible for prosecuting e-mail fraud.

Depending whom you talk to, the boom in phishing scams has stabilized a bit, but scammers' phishing techniques are improving. Popular social-engineering techniques that entrap consumers include: Associating the mail with a holiday or event, such as the World Cup; spear-phishing, when the sender appears to be someone inside the company you work for; or an e-mail telling you your bank account has been compromised, urging you to enter personal information into a fake site that looks like the bank's.

Here are six tips to help you avoid being phished:

1. Be skeptical of any e-mail, and avoid using hyperlinks in e-mail. They may show one address, but take you to another. Delete any e-mails that seek to send you to a Web page via a link in the e-mail’s text. Legitimate e-mails will ask you to go to a specific Web site. Type the address into your browser and make sure what you are typing is the correct address. For instance, Citibank's main site is citi.com, so if an e-mail asks you to type, say, citi.bankloans.com, be skeptical. Make sure your typing is accurate, since cybersquatters buy misspelled domains -- for example, "cittibank.com." Financial institutions are beefing up security against phishing techniques. Bank of America and Vanguard now ask customers to select a personalized image or phrase to appear whenever they access the site to let them know it’s the real thing.

2. Make a point to bookmark the pages of the sites you do business with. Use those bookmarks for transactions.

3. On Web pages, mouse over the URL and see whether the address that appears at the bottom of your browser looks related to a page or site you expect to visit. When you arrive at the site, verify that the URL shown in your browser's address bar is the correct one. Pay attention to the part of the URL between "http:// " (or https:// ) and the next slash. Look for tricks such as the use of a zero where the letter O should be. Verify the address, then type it into your browser. Or use a favorite or bookmark.

4. Watch carefully for misspellings and poor grammar, one of the surest signs of a phishing scam.

5. Use a Web browser with site verification tools, such as Firefox (http://www.mozilla.com/en-US/firefox/), or software such as McAfee’s Site Advisor (http://www.siteadvisor.com/), which tests sites and tells users the results via a free download.

6. Report phishing. If you receive a phishing e-mail, forward it to the Anti-Phishing Working Group (reportphishing@antiphishing.org), the Federal Trade Commission (spam@uce.gov), and the company or organization being impersonated. You also can file a complaint with the FBI's Internet Crime Complaint Center at www.ic3.gov

For more information, and to keep up to date on the latest phishing scams and resources for consumers, bookmark Consumer Reports WebWatch: http://www.consumerwebwatch.org

In its heyday, the Navigator enjoyed a commanding 90% share of the browser market, which helped turn Netscape into the Google with of its day, an Internet 1.0 darling whose astronomical 1995 IPO helped launch the (first) Internet bubble.

Netscape’s success didn’t go unnoticed by Microsoft, which had been slow to realize the potential of the Internet—not to mention the threat to its bottom line. The software giant waged a brutal and successful campaign to supplant the Navigator with its Internet Explorer by bundling it as part of its ubiquitous Windows operating system. Netscape's Navigator simply couldn’t compete with a free browser installed on 90% of all PCs, and by 1998, lost the so-called browser war and surrendered the top spot to the Internet Explorer.

But the spirit of Netscape lives on in the open-source Firefox browser, which is coordinated by the Mozilla Foundation, which was formed in 2003 by ex-Netscape employees laid off by AOL.

Since its first release in 2004, Firefox has grow in popularity—due in no small measure to those seeking an alternative to the Internet Explorer—and is now the second most popular browser, with some 15% of the market. Lots of ex-Netscape users, like this one, swear by Firefox for its ease of use, security and customizable options. If you've never tried it, give it a whirl.

Recently, we came across a case in point while reviewing a site for ShopSmart magazine, namely, My M&M’s.

One of the first things we look for when asked to review a site is an indication of ownership, and you’d be surprised how many sites simply don’t disclose this simple—but crucial—bit of information. If you're ever wondering if a site is credible and you can't figure out who owns it, stop wondering and click away.

Most sites (like WebWatch), tend to disclose their ownership in an “About Us” section. And while My M&M’s lists its parent company, Mars, Inc. at the bottom of the site, it goes one step further with a site owner link at the bottom of every page.

We wish more sites made it this easy to determine who the owner is and how to contact them, without forcing users to click around the site or scroll to the bottom of the privacy policy, where far too many sites tend to bury this information.

COMMENTS OF CONSUMER REPORTS WEBWATCH,

Consumers Union of the U.S., On ICANN Joint Project Agreement with U.S. Commerce Department

February 14, 2008

Consumer Reports WebWatch of the Consumers Union, representing 9 million consumers in the United States and Canada, supports ICANN’s efforts to evolve and move forward toward an existence apart from the JPA agreement with the U.S. Department of Commerce. However, at this mid-term review phase, we do not believe the organization is ready to function without a similar accountability mechanism to the JPA in place. Major changes need to occur within the organization to assure more efficient and meaningful user community representation, with long-term guarantees that such representation would endure unforeseen scenarios in the future.

Second, though the outreach work of ICANN at-large staff Nick Ashton-Hart and Kieran McCarthy is commendable, ICANN’s staff and public communications budget is insufficient to address a much larger problem of outreach. To elaborate: Currently, the NA-RALO is made up of a scant handful of organizations. While these are valuable partners, in no way could the NA-RALO be characterized as a viable representation of a broad-based user community in the United States and Canada. Further, many consumer organizations in the United States with a mission that includes the intersection of technology and consumer issues, remain skeptical of ICANN's intentions and its viability as an organization that takes consumer views into account. Until something is done to bridge this gap and ICANN demonstrates its good intentions and long-term structural viability to organizations such as the Electronic Frontier Foundation, Privacy Rights Clearinghouse and others, we do not believe ICANN can be considered to be acting in accordance with the concerns of the user community in North America.

In addition, there are no guarantees beyond mention in the bylaws that the "at-large community," itself currently under review, would remain a part of the ICANN structure 20 or even 10 years from now. The at-large advisory committee is without a vote in any meaningful policy forum. Without direct user community representation on the ICANN board, we do not believe ICANN is truly acting as a “multi-stakeholder" organization. We are concerned, in fact, that ICANN does sees itself as a multi-stakeholder organization, with industry, government, and industry groups as the stakeholders. It does not help matters much that many within the ICANN community view domain name registrants as the Internet’s “end-users,” and therefore the farthest realm the ICANN needs to reach.

Until these issues are addressed we do not believe the organization is ready to progress beyond the JPA, which refers to "the global participation of all stakeholders" and "mechanisms for involvement of those affected by the ICANN policies." As the Internet-using public is a key set of stakeholders affected by ICANN's policies, it is critical, including for Internet security and stability, that the organization be accountable to the public and account effectively for its input.

We believe the following three things need to happen in order for ICANN to move forward beyond the JPA:

1. Address lack of meaningful user representation, and assure its long-term viability within the organization, by creating multiple “user community” seats on the ICANN board.

2. Allocate significant budget to get the message that it has done so, out to civil society stakeholder groups in North America and the global user community.

3. Take administrative steps to ensure the long-term structural existence of user community presence and participation in decision-making.

We appreciate the opportunity to comment.

Beau Brendler, Director, Consumer Reports WebWatch, and member, ICANN at-large advisory committee
month experience as an “at-large structure” recruited by ICANN, and our eight months’ experience as an elected representative to the at-large advisory committee.

Second, though the outreach work of ICANN at-large staff Nick Ashton-Hart and Kieran McCarthy is commendable, ICANN’s staff and public communications budget is insufficient to address a much larger problem of outreach. To elaborate: Currently, the NA-RALO is made up of a scant handful of organizations. While these are valuable partners, in no way could the NA-RALO be characterized as a viable representation of a broad-based user community in the United States and Canada. Further, many consumer organizations in the United States with a mission that includes the intersection of technology and consumer issues, remain skeptical of ICANN's intentions and its viability as an organization that takes consumer views into account. Until something is done to bridge this gap and ICANN demonstrates its good intentions and long-term structural viability to organizations such as the Electronic Frontier Foundation, Privacy Rights Clearinghouse and others, we do not believe ICANN can be considered to be acting in accordance with the concerns of the user community in North America.

In addition, there are no guarantees beyond mention in the bylaws that the "at-large community," itself currently under review, would remain a part of the ICANN structure 20 or even 10 years from now. The at-large advisory committee is without a vote in any meaningful policy forum. Without direct user community representation on the ICANN board, we do not believe ICANN is truly acting as a “multi-stakeholder" organization. We are concerned, in fact, that ICANN does sees itself as a multi-stakeholder organization, with industry, government, and industry groups as the stakeholders. It does not help matters much that many within the ICANN community view domain name registrants as the Internet’s “end-users,” and therefore the farthest realm the ICANN needs to reach.

Until these issues are addressed we do not believe the organization is ready to progress beyond the JPA, which refers to "the global participation of all stakeholders" and "mechanisms for involvement of those affected by the ICANN policies." As the Internet-using public is a key set of stakeholders affected by ICANN's policies, it is critical, including for Internet security and stability, that the organization be accountable to the public and account effectively for its input.

We believe the following three things need to happen in order for ICANN to move forward beyond the JPA:

1. Address lack of meaningful user representation, and assure its long-term viability within the organization, by creating multiple “user community” seats on the ICANN board.

2. Allocate significant budget to get the message that it has done so, out to civil society stakeholder groups in North America and the global user community.

3. Take administrative steps to ensure the long-term structural existence of user community presence and participation in decision-making.

We appreciate the opportunity to comment.

Beau Brendler, Director, Consumer Reports WebWatch, and member, ICANN at-large advisory committee