In April, I discovered a flyer from New Hampshire Outright posted at the Nashua Public Library. New Hampshire Outright is “a non-profit dedicated to supporting, protecting, and advocating for LGBTQ+ youth across the state.”
The flyer solicits kids in middle school and high school, so they could be as young as 11 years old, to scan the QR code and fill out a survey with their personal information, including the child’s name, pronouns, identities, email address, and phone number to sign up for a peer support group for “LGBTQIA+ youth.” Nowhere in the form does it request the parents’ contact information or permission.
This flyer is also posted on New Hampshire Outright’s social media and likely in other places around Nashua.
The New Hampshire Data Privacy Act (NHDPA) requires parental consent when collecting personal information from children under 13. I reported the flyer to the NH Consumer Protection & Antitrust Bureau. They responded that NH Outright “is excluded from the application of RSA 507-H, the New Hampshire Data Privacy Act.” I read the link the Bureau provided, and learned that non-profits are excluded from complying with the NHDPA.
There is also a federal Children’s Online Privacy Protection Act (COPPA), which requires parental consent when collecting personal information from children under 13. I reported the flyer to the Federal Trade Commission, but I don’t expect to get a response.
This is frustrating. It is unethical to solicit personal information from children without their parents’ permission, if not illegal, and it gives the impression of impropriety. There doesn’t appear to be a way to stop it.
Here are screenshots of the form.
