COPPA Now Includes Greater Protections For Kids Online

Last week, you were informed about the Federal Trade Commission (FTC) updating advertising disclosure guidance for search engines. But there’s more! On July 1, new FTC rules went into effect that are intended to provide greater privacy protection for children online. Indeed, the rules are supposed to afford increased safeguards when it comes to data such as geo-location and social media information.

By way of background, the Children’s Online Privacy Protection Act (COPPA) became operative in 2000, in the early days of the commercial Internet. The law was designed to enable parents to control personal information collected from these young children in hopes that COPPA would prevent children under the age of 13 from being targeted via personalized online marketing messages.

All well and good?

To some extent, Internet companies have been mindful of COPPA and have taken efforts not to collect personal information from youngsters. However, there have been more recent concerns expressed publicly about other ways that children’s privacy can be compromised that were not envisioned when COPPA became law.

Among the contemporary worries are technological advances that allow geo-location tracking via smartphones, the monitoring of relationships through social media, and the building of personal profiles.

As a result, the FTC has responded by adding protections beyond those explicitly set forth in COPPA.

The new rules expand COPPA protections to apply to a broad scope of digital media used by children, such as mobile apps, social networks, and online gaming features.

The breadth of personal information protected now goes beyond the basics like a child’s name, email, and physical address. Personal information now includes:

  • Geo-location information that can be obtained from a mobile device;
  • Cookies and other persistent identifiers derived from hidden software; and
  • Photos, videos, and audio recordings of children, along with screen or user names.

The new rules provide other protections as well. For example, if personal information has been collected by a Web site from a child without parental consent, the parent can seek an explanation of what was collected from the child, request deletion of the information, and refuse permission of further collection of data from the child.

It obviously is important to protect children in the Internet age. COPPA and the new FTC rules can help. Still, it is important for parents, teachers, and community members to talk candidly with children about online risks and how to protect themselves on the ever-evolving Internet.

Eric Sinrod is a partner in the San Francisco office of Duane Morris LLP, where he focuses on litigation matters of various types, including information technology and intellectual property disputes. You can read his professional biography here. To receive a weekly email link to Mr. Sinrod’s columns, please email him at ejsinrod@duanemorris.com with Subscribe in the Subject line. This column is prepared and published for informational purposes only and should not be construed as legal advice. The views expressed in this column are those of the author and do not necessarily reflect the views of the author’s law firm or its individual partners.