FTC's New COPPA Rule Increases Online Protection For Kids, But Has Important Loopholes
The Federal Trade Commission Wednesday announced amendments to the Children's Online Privacy Protection (COPPA) Rule that will give parents more control over the information online services and websites can collect about their kids. It's the first change since COPPA was passed in 1998 and is meant to update the protections to a time when much of kids' online activity has moved to "apps" on tablets, smartphones and other mobile devices.
While its an important step forward, there are still some loopholes.
A key step forward is the provision of the new COPPA Rule broadening what constitutes "personal information" that cannot be collected without parental notice and consent. Added to the old list that included such information as name, address, email address are geolocation information, photographs, and videos. The amendments also extend the COPPA Rule to cover persistent identifiers that can recognize users over time and across different websites or online services, such as IP addresses and mobile device IDs. In other words you can't track kids without a parent's permission.
One problem with the new regulation is what might be termed the Google and Apple exemption. While apps are covered by the COPPA rule, the platforms that make them available for download either for sale or for free-- Apple and Google -- have no responsibility to make sure the apps follow the rules.
"The Commission takes seriously its mandate to protect children in this ever-changing technological landscape,” said FTC Chairman Jon Leibowitz. “I am confident that the amendments to the COPPA Rule strike the right balance between protecting innovation that will provide rich and engaging content for children, and ensuring that parents are informed and involved in their children’s online activities."
The Federal Trade Commission began reviewing the COPPA Rule in 2010. The new rule takes effect on July 1, 2013. The Children's Online Privacy Protection Act requires that operators of websites or online services that are either directed to children under 13 or have actual knowledge that they are collecting personal information from children under 13 give notice to parents and get their verifiable consent before collecting, using, or disclosing such personal information, and keep secure the information they collect from children. It also prohibits them from conditioning children’s participation in activities on the collection of more personal information than is reasonably necessary for them to participate. The Act gives the FTC to write the actual rules to provide protection,
Consumer Watchdog was part of a coalition of consumer and privacy advocates which recently sent the FTC a letter pushing the FTC to adopt strong COPPA protections. And while it's important that we protect kids' online privacy, we also need to make sure that adults have the ability to control what data is gathered about their online activities and how those digital dossiers are used.
3/27/2014Blog PostA class action suit on behalf of as many as 168,500 patients of Los Angeles County medical facilities has been been filed against... More >
4/22/2013News StoryPrivacy Groups to FTC: Don't Delay Coppa - Orgs Accuse IAB, Apps Alliance of Stalling ImplementationThe Federal Trade Commission is getting quite an earful over the pending July 1 implementation date for the updates to the... More >
2/18/2014Blog Post110 million Americans had their personal financial information breached at Target. That 's one out of two adult Americans. I... More >
2/24/2014Blog PostLooks like even Google is finally figuring out the innate privacy invasive properties of its wearable computing device, Google... More >
2/27/2014Blog PostData breaches at major retailers Target and Neiman Marcus during last year's holiday shopping season affected more than 100... More >