What is COPPA?

What is COPPA Kostenko Maxim / Shutterstock.com[/caption]

Earlier this week, the Federal Trade Commission (FTC) made some major changes to the Children’s Online Privacy Protection Act (COPPA).

COPPA was implemented in 1998 and is designed to protect the privacy of children using the Internet. Under COPPA, website operators must give notice to parents of any child under the age of 13 that they are using their child’s information and acquire parental consent before they save any of this information.

COPPA was formed originally because research showed children did not understand the ramifications of disclosing their location, credit card numbers, and other delicate information to websites. The law requires website operators to be completely transparent in their operations with regards to children’s privacy, which means the privacy policy must be posted wherever data is collected.

“[COPPA] was designed to protect children under age 13 while accounting for the dynamic nature of the Internet,” a representative of the FTC said. “[COPPA] is enforced by the FTC and applies to operators of commercial websites and online services directed to kids under 13 that collect, use, or disclose personal information from children.”

The law affects many of the world’s most popular websites, such as Facebook and Twitter.

Recent changes to COPPA update some of the terminology and rules for laws concerning children using the Internet. For example, after the amendment, “cookies” will be included as one of the forms of data operators must have consent to collect. Cookies are packets of data kept in your browser that tell your computer, or the website operator, your activity within the website, your location, and other important information.

The FTC also tweaked the existing rule by closing a loophole that previously allowed website operators to use third parties to secure a child’s information. In addition, the amendment makes things a little easier on the website operator’s side by allowing the operator a few more options to obtain parental consent, such as video conferencing, electronic scans of consent forms, and verified payment systems.

“At the FTC, protecting children’s privacy is a top priority,” said FTC Chair Edith Ramirez. “The updated COPPA rule helps put parents in charge of their children’s personal information as it keeps pace with changing technologies.”

Most importantly, the new changes, according to the FTC’s website, “modify the list of personal information that cannot be collected without parental notice and consent, clarifying that this category includes geolocation information, photographs, and videos.”

The amendments also offer “safe harbor” programs.

These programs, offered by Aristotle International, Inc., the Children’s Advertising Review Unit of the Council of Better Business Bureaus, ESRB Privacy Online, TRUSTe, and Privo, Inc., allow organizations to create their own comprehensive programs for members who adhere to the FTC’s rules, even the ones made this week.

“You can think of [safe harbor programs] as insurance against some very serious liability and costs for violating COPPA, even innocently,” said Blair Richardson, general counsel of Aristotle, in an interview with law.com. “[The commission is] more or less deputizing you to handle problems before they hit the FTC deck.”

The FTC has also set up a consumer information page that explains exactly what COPPA is. This way, the agency can reach out to the greatest number of people before parents have to learn about the dangers of their children being online firsthand.