FTC Steps Up Children's Online Privacy Enforcement
Earlier this month, Politico reported that the Federal Trade Commission (“FTC”) is stepping up enforcement of the Children's Online Privacy Protection Act (“COPPA”).
In light of this fact, anyone who owns a website should take the time now to determine whether they are COPPA compliant and, if not, take corrective steps to ensure compliance.
What is COPPA?
In general, COPPA imposes compliance requirements on websites that collect personally identifiable information from children under the age of 13. Congress passed the law to prevent websites from sharing the information of children without the express consent of their parents. The FTC has authority to impose civil penalties on COPPA violators.
How do I become COPPA compliant?
The FTC recommends the following steps for compliance with the Act:
1. Determine If You Collect Personal Information from Children Under 13.
2. Post a Privacy Policy that Complies with COPPA.
3. Notify Parents Directly Before Collecting Personal Information from their
Children.
4. Get Parents’ Verifiable Consent Before Collecting Information from their
Children.
5. Honor Parents’ Rights with Respect to Information Collected from their
Children.
6. Implement Reasonable Procedures to Protect the Security of Children’s
Personal Information.
What if I don’t collect information from children under 13?
Your website may not be actively targeting children, but you are likely still collecting information from kids. For example, if your website collects cookies from visitors and children visit your website, then you are collecting information from children. If this is the case, you need to make sure that your Privacy Policy reflects this fact.
Due to the sensitive nature of protecting children online, there is no doubt that the FTC will be aggressive in its COPPA enforcement.
If you have questions about complying with COPPA or about a Privacy Policy in general, contact a member of MacDonald Illig’s Emerging Technologies Practice Group.
In light of this fact, anyone who owns a website should take the time now to determine whether they are COPPA compliant and, if not, take corrective steps to ensure compliance.
What is COPPA?
In general, COPPA imposes compliance requirements on websites that collect personally identifiable information from children under the age of 13. Congress passed the law to prevent websites from sharing the information of children without the express consent of their parents. The FTC has authority to impose civil penalties on COPPA violators.
How do I become COPPA compliant?
The FTC recommends the following steps for compliance with the Act:
1. Determine If You Collect Personal Information from Children Under 13.
2. Post a Privacy Policy that Complies with COPPA.
3. Notify Parents Directly Before Collecting Personal Information from their
Children.
4. Get Parents’ Verifiable Consent Before Collecting Information from their
Children.
5. Honor Parents’ Rights with Respect to Information Collected from their
Children.
6. Implement Reasonable Procedures to Protect the Security of Children’s
Personal Information.
What if I don’t collect information from children under 13?
Your website may not be actively targeting children, but you are likely still collecting information from kids. For example, if your website collects cookies from visitors and children visit your website, then you are collecting information from children. If this is the case, you need to make sure that your Privacy Policy reflects this fact.
Due to the sensitive nature of protecting children online, there is no doubt that the FTC will be aggressive in its COPPA enforcement.
If you have questions about complying with COPPA or about a Privacy Policy in general, contact a member of MacDonald Illig’s Emerging Technologies Practice Group.