Thanks to the proliferation of contactless payment in the Covid era, digital wallets are growing in popularity at a remarkable pace — as the Wall Street Journal recently declared, “Wallets Are Over. Your Phone Is Your Everything Now” — and in our increasingly digital world, this is welcome (and convenient!) news.
But it also brings serious privacy and data security risks, especially for kids.
Every day, 175,000 children go online for the first time, “tapping into great opportunities, but facing grave risks,” according to UNICEF. As digital natives, younger consumers are far less likely to focus on the dangers of putting too much personal information online. And they certainly don’t think twice about hitting “purchase” or “accepting terms and conditions” without reading the fine print in the app store or on their favorite websites. This is combined with the vulnerabilities that already exist with in-person shopping — where digital payment data can be collected, stored, and exploited for years. Both online and off, “companies collect and share information about children and teens, compiling detailed digital dossiers for monetization purposes.”
One recent report detailed just how much personal data the market-leading debit card apps collect on children — everything from purchase history to GPS location — and how that data is used to micro-target advertisements. The American Academy of Pediatrics has warned about the danger this kind of targeted digital advertising poses to children, driving unhealthy behaviors, including abuse of e-cigarettes, alcohol, and marijuana. And these aren’t the only consequences of this massive data harvesting that might haunt children well into adulthood — data breaches and hacks in payment card networks can lead to identity theft and fraud that might permanently scar a young person’s nascent credit history.
Policymakers at all levels are starting to work on this problem, but progress has been slow. The existing Children’s Online Privacy Protection Act (COPPA) set baseline rules protecting children under 13 online — but there is still a huge gap when it comes to teenagers — some of the most active digital consumers. Senators Ed Markey of Massachusetts and Bill Cassidy of Louisiana recently introduced a bi-partisan Privacy Bill of Rights Act that would expand COPPA to prevent companies from collecting information on anyone under the age of 16 without their consent and require companies offer an “eraser button” function that would allow users under 18 to eliminate any data collected on them.
State laws like the California Consumer Privacy Act and even foreign regimes like Europe’s GDPR also include heightened protections for children up to age 16.
But this policy patchwork simply isn’t moving fast enough or covering our children consistently enough to keep pace with technology or the ways data hungry organizations, including some of the biggest kid-targeting digital wallet companies, exploit the remaining gaps.
Fortunately, some companies are going above and beyond what the law requires to protect the privacy of their customers and users. The Mazoola app offers a digital wallet for kids that is the first and only independently certified to be COPPA compliant (full disclosure, I advise Mazoola).
Offering a digital banking solution that puts privacy first and helps teach kids financial management skills, The Mazoola digital wallet app collects from parents only the bare minimum identifying information needed for banking, while collecting no personally identifying information at all for its child users. Mazoola doesn’t even need to know your child’s name — parents can assign nicknames for kid’s accounts. And Mazoola will never share or sell the limited information it does have. This commitment to maximally protecting kids’ privacy online is why Mazoola is the only digital wallet independently certified as COPPA-compliant by Privo, the gold standard for protecting kids’ privacy online.
Mazoola is the product of privacy-first design, giving parents tools to supervise their children’s spending and teach financial literacy, all while ensuring their children’s data is secure and kept private. Its success makes clear that there is nothing stopping big digital wallet companies like Greenlight and gohenry that currently collect data on millions of children from doing better today — instead of waiting for Congress and regulators to make them.
Other companies are also working to fill these gaps, and services like Consumer Reports are doing all they can to fill the gaps in privacy and protect our kids from all the other harms that exist online. But ultimately, we need policymakers to step in and ensure all companies are respecting these high standards of privacy and data security. It shouldn’t be too hard –the Markey/Cassidy bill would be a powerful start and proves this is one of the few things Democrats and Republicans can agree on!
Keeping your kids safe online is no easy task, but there are tools out there to make it more manageable. We can choose to support services and companies that are committed to data security, make robust parental controls readily available, and take a privacy-first approach to their work and product design. Paired with smart, forward-looking policy moves by government officials, we can have a safer, more secure digital environment for our kids.
Rick Lane is a tech policy expert, child safety advocate, and the founder and CEO of Iggy Ventures. Iggy advises and invests in companies and projects that can have a positive social impact.