McAfee & Taft tIPsheet - March 2013: FTC amends Children’s Online Privacy Protection Rule

more+
less-

On December 19, 2012, the Federal Trade Commission amended the Children’s Online Privacy Protection Rule to be consistent with the requirements of the Children’s Online Privacy Protection Act. The amendments to the COPPA Rule will go into effect July 1, 2013. Under COPPA, child-directed website or service operators must first obtain parental consent before collecting personal information from children under 13. The goals of COPPA are to minimize the collection of personal information from children and to create a safer and secure online experience for children.

The amendments to the COPPA Rule address several loopholes that were exploited in the past. The amendments update and streamline current procedures, as well as modify and expand the definitions of key terms such as operator, personal information, and website or online service directed to children.

In the past, website operators exploited a loophole in COPPA by having third parties collect the personal information, thus avoiding the parental consent requirements. The amendment now applies responsibility of obtaining parental consent to website operators when a third party is performing the collection of the personal information, even if the third party lacks actual knowledge of the child-directed content.

The modified definitions of terms such as operator and website or online service directed to children will now cover operators of child directed sites or services that integrate outside services such as plug-ins and add-on service providers. Under the new definitions, the plugin operators and add-on service providers are deemed to be an online service directed to children and must comply with COPPA if they have actual knowledge that personal information is being collected directly from children users of another website or online service directed to children.

The definition of personal information is updated to reflect current technology by including geolocation information and persistent identifiers, such as cookies and IP addresses, that can be used to recognize a user over time and across different websites or online services.

Violations of the COPPA Rule can carry a fine of up to $11,000 per violation. If COPPA currently does not apply to you or your business, you should check your current practices to see how the amended COPPA Rule could affect you.

 

Topics:  COPPA, Data Collection, Data Protection, FTC, Personally Identifiable Information

Published In: Antitrust & Trade Regulation Updates, Communications & Media Updates, Consumer Protection Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© McAfee & Taft | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »