There are relatively few restrictions on collecting information from children offline. Efforts to collect information from children over the internet, however, are regulated by the Children’s Online Privacy Protection Act (“COPPA”). Among other things, COPPA requires that a website obtain parental consent prior to collecting information; post a specific form of privacy policy that complies with the statute; safeguard the information that is received from a child; and give parents certain rights, like the ability to review and delete their child’s information. COPPA also prohibits companies from requiring that children provide personal information in order to participate in activities, such as online games or sweepstakes.

What to think about when reviewing your website:

1.  Does your website ask children to provide information?
2. If not, does your website automatically collect information about a child’s computer or session?
3. Would your website appeal to children?
4. Has the FTC received complaints about your website? If so, how many and what issues were raised in the complaints?
5. Does your website ask for parents’ permission to collect information about children?
6. Does your website verify that the parent is the actual parent of a child?
7. Has the verification mechanism been approved by the FTC?
8. Does your website’s privacy policy comply with COPPA?
9. Can you limit liability by joining an FTC approved self-regulatory organization (sometimes called a “safe harbor” program)?
10. Which safe harbor program provides the most benefit to your organization?

Most common compaints about children's websites¹:

48.45% - The website did not obtain proper parental consent
43.72% - The website collected more personal information than was necessary
41.35% - Parents were not given an opportunity to stop information from being disclosed to third parties
24.77% - The website did not have a clear privacy policy
17.67% - The website misrepresented how information was used

The following provides a snapshot of information concerning the collection of information from children.

[1] Based upon analysis of consumer complaints received by the FTC between January 2008 and August 2013.

[2]  Id.

[3] FTC, 2014 Privacy and Data Security Update, https://www.ftc.gov/system/files/documents/reports/privacy-data-security-update-2014/privacydatasecurityupdate_2014.pdf

[4] United States v. Playdom, Inc., Case No. CV11-00724 (C.D. Cal. May 24, 2011), https://www.ftc.gov/sites/default/files/documents/cases/2011/05/110512playdomconsentorder.pdf

[5] Based upon analysis of consumer complaints received by the FTC between January 2008 and August 2013.

[View source.]