Skip to content

COPPA 2.0 – What’s Changed?

August 29, 2013
by

ftc-coppa-changes

In an earlier post called “What is COPPA and Why Should I Care?” we provided answers to some of the most common questions we receive from parents. While we did mention that new COPPA regulations went into effect this past July, we thought we’d take this opportunity to provide more details, since these changes illuminate the great lengths that compliant businesses go through in order to keep our kids safe online.

What was the motivation behind the changes to COPPA?
According to the Federal Trade Commission (FTC), one of the main reasons for updating The Children’s Online Privacy Protection Act (COPPA) was to give “parents greater control over the online collection of their children’s personal information.”

Keep in mind that COPPA was originally passed in 1998, and it went into effect in 2000. A lot has changed since then. Facebook, Twitter, Tumblr, and Instagram didn’t exist, for example. Neither did tablets. And the mobile explosion didn’t start for another decade. Because of all the new ways people—including our kids—can get online and share information, it made sense for the government to update COPPA.

What’s changed?
The FTC states that the modified rule “widens the definition of children’s personal information to include persistent identifiers such as cookies that track a child’s activity online, as well as geolocation information, photos, videos, and audio recordings.”

One of the biggest changes to the modified rule is how websites can collect personal information for children who are 13 and under. The rule now requires verifiable parental consent.

What is verifiable parental consent?
We all know how easy it is to fake online aliases. Unfortunately, our kids often know how to do this as well. False security points (such as “check this box if you’re over 13″) don’t work in the online world, because they’re easy to manipulate and impossible to enforce. And let’s face it: kids don’t always realize that maybe they shouldn’t have offered up certain information until it’s too late. Enter the concept of verifiable parental consent.

Verifiable parental consent requires parents to take specific actions when a site asks for personal information from children aged 13 and under—actions that would be difficult for kids to work around or falsify. These actions include things like providing site owners with your social security number, driver’s license number, a physical form with your signature, verbal consent over the phone to a trained professional, or a credit card that works (meaning a small charge might be made and then immediately refunded). Site owners have some flexibility over what forms of verifiable parental consent they require. At Club Z by FPgirl, we use all of the ones described above.

While it might feel like a pain to have to take these extra steps (we get it—we’re parents, too!), they do go a long way in protecting kids online. And that’s what counts.

Were there any other big changes?
The other change to note isn’t really a change at all, but rather a reinforcement of the COPPA safe harbor programs. According to the FTC, “Under COPPA, safe harbor status allows certain organizations to create comprehensive self-compliance programs for their members. Companies that participate in a COPPA safe harbor program are generally subject to the review and disciplinary procedures provided in the safe harbor’s guidelines in lieu of formal FTC investigation and law enforcement.”

Essentially, when a company takes part in a safe harbor program, it’s showing its extreme commitment in making sure it’s in compliance with COPPA at all times. Consider a company’s participation in a safe harbor program as evidence that it’s gone the extra mile.

As the FTC states, “COPPA safe harbor programs are offered by Aristotle International, Inc., the Children’s Advertising Review Unit of the Council of Better Business Bureaus, ESRB Privacy Online, PRIVO and TRUSTe.”

At FPgirl and Club Z, we’re part of the PRIVO safe harbor program. You’ll see this PRIVO seal on our site.

privo_privacy_certified

Sites that take part in COPPA safe harbor programs will mostly likely display these seals, so that’s something else to look for when evaluating sites for your kids. Check the footer and the privacy page (which is supposed to be clearly labeled, easily accessible, and written in language that people can understand).

Anything else?
The FTC also updated guidelines for companies and for parents. For companies, it issued The Children’s Online Privacy Protection Rule: A Six-Step Compliance Plan for Your Business. For parents, it issued Protecting Your Child’s Privacy Online. Both documents are worth reading.

Do you have any specific questions about COPPA? Leave them in the comments.

from → In The News, Mom Tips
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

You are commenting using your Twitter account. Log Out / Change )

You are commenting using your Facebook account. Log Out / Change )

You are commenting using your Google+ account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 119 other followers

%d bloggers like this: