The virtual world industry should create a set of best practice standards for the operation of spaces for the under 18s.
It should further certify those operators that meet them thus raising the overall level of safety in online spaces and reducing confusion in the market place.
A couple of the comments I got on my ‘The winner might be’ thread combined with a few off-blog conversations I’ve had and a some presentations I’ve seen recently suggests to me that there is a fair amount of tension related to how virtual worlds for under 18s are managed.
Two things I can mention publicly are Dave Ricky (of Orbis Games) comment on the previous thread “until very recently [Linden Lab’s] procedure for keeping out children was less than a joke ,,,we're one of the few game operators that is *really* COPPA compliant”; and just about every presentation by Dr Jim Bower of Numedeon who given any opportunity talks about the safety measures taken in Whyville.
Of course no protection scheme is perfect, indeed some might be actively harmful and act to the detriment of kids; what’s more any scheme of certification has the potential to be so watered down and industry-back-patting that it’s rendered worse than meaningless leading people into a false sense of security.
But the possibly of doing something badly is not, in and of itself, a conclusive argument for not trying to do it at all.
It seems to me that right now the industry is small enough for meaningful operational standards to be promulgated and for some sort of association and publicly recognizable mark to be created.
Size I think is important as one of the challenges here is the international nature of these spaces. Dave mentioned COPA, fine, but that’s a US thing, I’m not in the US, I’m not sure if it would meet the guidelines put out by the UK government or which are better. If I were a parent I would want to know whether my countries guidelines were being followed or if there were some international standard that they all complied with. So if nothing else such an organization could help with international guideline education.
There would be problems if one or more high profile world failed to meet the standard and arguments ensued – but would this be a bad thing, a bit of industry mud slinging around online safety does not seem the worse thing in the world to me.
I’m sure there are a zillion practical reasons why this is a dumb idea – feel free to point them out.
My understanding, admittedly not deep, of the film and vidgame industry ratings 'guidelines' was that they were created within the industry to preempt the imposition of governmental regulation. If that is the intent here, well fine, and it isn't necessarily a dumb idea in that regard.
IMHO, a lot of this safety frenzy is the result of a growing tension in America between its culture of fear and its culture of explicit sexuality and violence. When I see paradoxes that don't seem to be working toward resolution, I wonder who benefits from the maintenance of tension. One might argue here that the ruling political group has the most to gain from the perception of a dangerous industry requiring regulation. Regulation creates the opportunity to control the flow of revenue. It's always about the money, isn't it.
...and yeah, I'm a parent, and my 13yo kid plays in virtual worlds (Neopets, Kingdom of Loathing, WoW).
...and yeah, I guess I'm a conspiracy theorist.
Posted by: Linda Polin | May 10, 2007 at 11:19
Okay, COPPA is a US specific law, and mostly concerns itself with the data you gather. In truth, most of it is pointless, and no government agency is making any effort to enforce it right now as far as I know. Nonetheless, it's the law we (Orbis) have to operate under. In essence, it requires that if you're gathering *any* personal identifying information, including email addresses, you cannot do so from those under 13 without a paper copy of a form signed by a guardian.
The way that most comply with it is that if you don't click on something saying you're 13 or older, you can't access the sites. Some go as far as "Sesame Street" age verification, you have to put in a birthdate (can you subtract 13 from 2007? Come back when you have the answer, kids).
The other widely used approach is to not gather any such information, no names, locations, email addresses, or anything else.
The third, most rarely used approach, is to actually gather faxed-in COPPA compliance forms. Although theoretically it's almost as easily faked as a school absence excuse, it has the virtue of being in affirmative compliance with the law.
Orbis uses a combination of the second and third, we don't gather any personal information except an optional email address (for password resets, it's not part of the default signup), and we file COPPA sheets on anyone under 13 and wants to register an email address.
Beyond that, for VHR we have a short "Net Safety Quiz" you have to fill out before you can set up an account. The very top of the main page on VHR we have the following policy statement:
We do engage in active policing of this, if someone is reported as sending innapropriate messages to other players, we not only investigate and ban that player if justified, but we'll suspend the accounts of any players who received inapropriate messages and didn't report them. Those accounts can only be re-activated by a phone call from a parent (unless the actual user is an adult).
We also report all such cases to the National Center for Missing and Exploited Children, which is the closest thing currently existing to a clearinghouse for such reports, and depending on circumstances it may also get reported to local authorities. We also might involve the FBI. Since our definition of "innappropriate" is fairly broad, there are cases that don't involve any actual violation of law and don't get sent to the cops.
We've already made the decision that no matter how much we grow, we're going to keep to these standards. We're in the position of having created games that attract large numbers of under-age girls, and in addition to the legal issues, we feel a responsibility to take every feasible step to safeguard those users from harm.
If I sound smug and self-congratulatory, it's partly because I am proud of our commitment to this, and partly bravado. I've got a teenage daughter, I know from conversations with her how easy it is for them to convince themselves that they can spot a pervert or someone who is faking their age. I have nightmares where I'm trying to explain to a parent why their little girl was taken by someone they met through our games.
--Dave
Posted by: Dave Rickey | May 10, 2007 at 14:44
If, as a result of this mess, we managed to get some kind of industry body to represent the interests of all developers of virtual worlds, that would at least be some small comfort for the future.
Richard
Posted by: Richard Bartle | May 11, 2007 at 04:09
Richard Bartle wrote:
If, as a result of this mess, we managed to get some kind of industry body to represent the interests of all developers of virtual worlds, that would at least be some small comfort for the future.
That's not really possible. What you'd get would be a body to represent the large corporate interests. Just like with the MPAA, which is arguably more damaging to the industry's creativity than government regulation would have been.
--matt
Posted by: Matt Mihaly | May 11, 2007 at 11:41
The problem is, the little guys can't afford to have people on the payroll to represent them at such an organization, or the kinds of dues that would ensure they were being protected. If SOE, NCSoft, EA, and Vivendi got together to come up with a set of standards that had a minimum $250K/year compliance cost and got those enforced by law, it wouldn't break their heart that drove all the little guys out of business.
--Dave
Posted by: Dave Rickey | May 14, 2007 at 02:01