COPPA’s “Safe Harbor” Grows with FTC’s Approval of iKeepSafe’s Self-Regulating Framework

The Federal Trade Commission (FTC) has announced that it approved iKeepSafe’s Safe Harbor Program application, allowing the company’s self-regulating framework to serve as a safe harbor under the Children’s Online Privacy Protection Act (COPPA) and the COPPA Rule. The approval comes five months after iKeepSafe originally submitted its safe harbor program application to the FTC.

Under the COPPA Rule, websites that target users under 13 must provide notice and receive verifiable parental consent before collecting personal information from children. Additionally, the COPPA Rule contains a “Safe Harbor” provision that allows industry leaders to develop safe harbor programs that, if approved by the FTC, automatically bring participants into compliance with COPPA’s requirements. The safe harbor option is meant to foster and support industry self-regulation while also advancing COPPA’s goals of guarding children’s privacy. In most circumstances, website operators that participate in an FTC approved safe harbor program will only be subject to the review and disciplinary procedures provided in the safe harbor’s guidelines in lieu of formal FTC investigation and law enforcement.

iKeepSafe’s Safe Harbor Program requires participating companies and organizations to follow five guiding principles. It requires participants to: (1) develop clearly written privacy policies describing what data is collected, used and stored; (2) minimize data collection to only what is reasonably required to deliver promised services to a child; (3) ensure parents remain in control of data collected from their children through notice, choice, and consent requirements; (4) secure and maintain the confidentiality, security and integrity of data, as well as regularly deleting data after it is no longer needed; and (5) maintain baseline knowledge of privacy requirements and best practices. The FTC determined that this met the criteria for approval of providing and implementing requirements that offer equal or greater protections for children than those under the COPPA Rule, and having an effective mandatory mechanism to assess participants’ compliance with the safe harbor, including disciplinary action for noncompliance.

iKeepSafe joins six other groups that have received approval from the FTC for their safe harbor frameworks since 2000 – Aristotle Inc.; the Council of Better Business Bureau’s Children’s Advertising Review Unit (CARU); the Entertainment Software Rating Board (ESRB); TRUSTe; PRIVO, Inc.; and KidSAFE.

Topics:  COPPA, Data Collection, Data Protection, FTC, Mobile Apps, Safe Harbors

Published In: Antitrust & Trade Regulation Updates, Communications & Media Updates, Consumer Protection Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Davis Wright Tremaine LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »