Proposed Changes to the Children’s Online Privacy Protection Rule

The Children’s Online Privacy Protection Rule took effect more than a decade ago — a lifetime in tech years. That's why the FTC asked for feedback on whether developments in the online world warranted changes to the Rule. Based on comments from businesses, advocacy groups, academics, and interested members of the public — and the proceedings of a public roundtable — the FTC just announced proposed revisions to COPPA and wants to hear what you have to say.

What’s the FTC suggesting? You’ll want to read the entire proposal, but here are some highlights:

Definitions. Way back at the turn of the century, nobody talked about behavioral advertising. Fast forward 11 years, and the FTC wants to update COPPA’s definition of “personal information” to include certain types of persistent identifiers. Businesses would need parental consent to behaviorally advertise to a child. The FTC also suggests updating the definition to include geolocation information. Another proposed change: modifying the definition of “collection” as it affects kids’ participation in interactive communities.

Parental notice. Under COPPA, website operators need to give parents notice of their information practices. The proposed revisions are intended to ensure parents will get key info in a succinct “just in time” fashion, and not in a lengthy “who has time?” privacy policy.

Parental consent mechanisms. The FTC is suggesting updates to how a website can get the verifiable parental consent they need before collecting kids’ information. Some of the new proposals: electronic scans of signed parental consent forms, video-conferencing, and use of government-issued identification checked against a database, provided that Mom’s or Dad’s ID is deleted promptly after verification.

Confidentiality and security. To help keep kids’ information secure, the FTC suggests that websites adopt procedures the agency has recommended in other contexts. For example, website operators should make sure service providers and third parties to whom they disclose a child’s personal information have reasonable procedures in place to protect it. In addition, operators should hold on to information only as long as necessary and dispose of it securely after that.

Interested in commenting on the FTC’s proposed changes to COPPA? File online by November 28, 2011.

Tagged with: COPPA, children, kids, privacy

Leave a Comment

Commenting Policy

Read Our Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.