Disney, the world's most iconic kids brand, is under scrutiny by the Federal Trade Commission for flunking the ABCs of children's online privacy laws. The Mouse House first came under review following a complaint filed last December by the Center for Digital Democracy that alleged Marvelkids.com failed to obtain parental consent from children under 13 prior to tracking and collecting personal information about them. Although Disney made some changes in its privacy policy two days later, the CDD said today in an amended complaint that the changes were "insufficient." "Disney has cavalierly disregarded some of the basic principles," said Jeff Chester, executive director of the CDD. "The biggest kids' entertainment company is thumbing its nose at kids' privacy. We expect action." Because Disney substituted its company-wide policy on Marvelkids.com, the CDD suggested the FTC broaden its inquiry to include all of Disney's kids-directed sites. "The problem with using a company-wide privacy policy for kids' sites is it may not be compliant and that's what we're seeing here," said CDD attorney Eric Null of the Institute for Public Representation. CDD identified three places where it says Disney did not stick to the letter of the law for children's online privacy. First, the Marvelkids.com site does not have a direct link on the home page to the online policy as spelled out in the FTC's guidance. "Parents must click on three separate links to find the children's policy," wrote Null. The same experience happens with DisneyJunior.com. Second, the CDD alleges that Disney's notification about what information third parties are collecting fails to meet the clear and prominent standard and is inaccessible because it is buried in fine print in the "persistent identifiers" section of the policy, making it "not easy to locate." Finally, the CDD also accuses Disney of allowing third parties to collect personal information for purposes other than the internal operations of the website. Forty-three different companies are listed on the website as collecting persistent identifiers. Disney was not immediately available for comment. The FTC updated rules for the Children's Online Privacy Protection Act (Coppa) last summer, establishing stricter codes for obtaining parents permission for tracking and collecting children's personal information. The agency has yet to bring any enforcement action since the update.