What is COPPA?

The Children’s Online Privacy Protection Act of 1998 (COPPA), and the COPPA Rule, 16 C.F.R. Part 312, promulgated by the Federal Trade Commission (FTC) under that Act, require that website operations and online services providers take specific precautions when collecting personal information from children under the age of 13. Specifically, the COPPA Rule applies to any operators of websites or online services that either (a) direct their site or services to children under the age of 13; or (b) have actual knowledge that they are collecting personal information from children under the age of 13. It requires those operators to give notice to and get verifiable consent from parents before collecting, using or disclosing such personal information. The Rule also imposes obligations on operators to keep the information they collect from children secure and limits the amount of personal information that children must submit to participate in online activities to what is reasonably necessary for participation.

What has changed in the COPPA rule?

In December 2012 the FTC issued an amended COPPA Rule to address ever-evolving technology, including mobile devices and website analytic tools, and changes in the way children use and access the internet, including the increasing use of social networking sites by children. The amended Rule, which goes into effect July 1, 2013, clarifies who is covered by the Rule, what qualifies as “personal information,” and what methods for providing notice and obtaining verifiable consent are appropriate. Below is a summary of the most important changes in the amended COPPA Rule and some tips for making sure you comply with its requirements.