FTC Amends COPPA Laws to Protect Children Across All Mobile Devices
Parents of children under 13 committed to keeping their kids safe online may be relieved to know that the Federal Trade Commission recently amended the Children’s Online Privacy Protection Act (COPPA) to keep up with evolving technology and changes in the way children use and access the Internet. This includes the ever-increasing use of mobile devices and social networking sites by kids at younger and younger ages.
The amendments, which go in effect July 1, 2013, will require operators of websites or online services that are either directed to children under 13 or have actual knowledge that they are collecting personal information from children under 13 to notify parents and get their verifiable consent before they can collect, use, or disclose a child’s personal information. They will also be required to keep the information they collect from children secure. This information includes geo-locations, photos, videos and audio files that contain a child’s image or voice.
COPPA laws also affect brands and advertisers who reach children under 13 through social media, therefore even marketers will need to utilize COPPA compliant platforms when targeting kids online to ensure that they are in compliance. The laws are intended to strike the right balance between protecting innovation that will provide rich and engaging content for children, and ensuring that parents are informed and involved in their children’s online activities.
According to the FTC, the COPPA amendments will implement the following changes:
- Modify the list of “personal information” that cannot be collected without parental notice and consent, clarifying that this category includes geo-location information, photographs, and videos;
- Offer companies a streamlined, voluntary and transparent approval process for new ways of getting parental consent;
- Close a loophole that allowed kid-directed apps and websites to permit third parties to collect personal information from children through plug-ins without parental notice and consent;
- Extend coverage in some of cases so that third parties doing additional collection also have to comply with COPPA;
- Extend the COPPA Rule to cover persistent identifiers that can recognize users over time and across different websites or online services, such as IP addresses and mobile device IDs;
- Strengthen data security protections by requiring that covered website operators and online service providers take reasonable steps to release children’s personal information only to companies that are capable of keeping it secure and confidential;
- Require that covered website operators adopt reasonable procedures for data retention and deletion; and
- Strengthen the FTC’s oversight of self-regulatory safe harbor programs.
While these amendments are welcome changes, and reinforce the importance for kids under 13 to be using COPPA compliant websites and social media, critics say they don’t go far enough and provide loopholes that benefit the larger social networks and identify areas where parents and educators need to pay close attention. For example, while developers of individual apps will be responsible for obtaining parental consent, larger companies like Google and Apple will continue to be allowed to sell such apps in their app stores without parental permission.
In addition, social networks like Facebook also avoided regulations that would have restricted users, under age 13, from joining the site. The amendments do not require verifiable parental consent to join if the acquired data requested at sign-in is used only “for the sole purpose of supporting the website or online service’s internal operations, such as contextual advertising, frequency capping, legal compliance, site analysis, and network communications.”
The best way parents can be assured that their child is protected while online is to respect platform age minimums and allow them to use only COPPA compliant websites for socializing online. Digital guidelines should also be established allowing them to upload apps for their mobile devices where content is not visible or viewable on the public Internet.
Parents and educators also should continue to utilize safety controls across all devices to allow customization of their family or student cyber experience, including turning off location services on social sites and apps that children use. Setting limits for social media use should be similar to setting parental controls and limits on time spent watching TV or video games.
And nothing is more important than having frank discussions with kids about the potential dangers of over sharing information, such as addresses, passwords, locations and or any other identifiable information with peers or others they ‘chat with’ online, whether or not on COPPA-complaint sites.
The efforts by the FTC to keep up with the warp-speed pace of technology and develop guidelines that keep our kids safe while using them is greatly appreciated by those of us trying to create safe platforms so that kids under 13 can take advantage of opportunities the Internet provides. Despite all the rules and regulations, creating COPPA compliant and age-appropriate digital solutions is possible if you are genuinely committed to your mission of providing children a safe, fun, kid-centric Internet experience.
Hilary DeCesare is CEO and Co-Founder of Everloop.com.