News
NEW
FTC suggests enhancing Children’s Online Privacy Protection Rule
FTC suggests enhancing Children’s Online Privacy Protection Rule

Published December 22, 2023
by Jivika Lillaney

min read

Summary

    This week, the Federal Trade Commission (FTC) has proposed changes to the Children’s Online Privacy Protection Rule (COPPA Rule) to impose new restrictions on the use and disclosure of children's personal information, aiming to limit company’s ability to monetize such data. 

    The last change was made in 2013, and a much-needed update was required to protect children in a time where their digital access has drastically increased.

    The proposal shifts the responsibility from parents to providers to ensure the safety and security of digital services for children. The COPPA Rule, initiated in 2000, mandates websites and online services collecting information from children under 13 to obtain parental consent, limit data collection, and ensure data security.

    The proposed changes include:

    • Separate opt-in for targeted advertising: operators must obtain verifiable parental consent for disclosing information to third-party advertisers, with access to services not contingent on such disclosure.

    • Prohibition against conditioning participation: an explicit ban on collecting more personal information than necessary for a child's participation in an activity.

    • Limits on support for internal operations: operators using persistent identifiers must provide online notice about specific internal operations and ensure non-disclosure for targeted advertising.

    • Limits on nudging kids to stay online: prohibiting the use of online contact information and persistent identifiers to send push notifications encouraging extended service use.

    • Changes related to ed-tech: codifying guidance to prohibit commercial use of children's information in educational technology, allowing collection only for school-authorized educational purposes.

    • Increasing accountability for safe harbor programs: enhancing transparency by requiring disclosure of membership lists and additional information.

    • Strengthening data security: mandating operators to establish, implement, and maintain a written children’s personal information security program.

    • Limits on data retention: information can be retained only as long as necessary for its collected purpose, with operators required to establish and disclose a written data retention policy.

    The FTC also proposes expanding the definition of "personal information" to include biometric identifiers. The public has 60 days to comment on these proposed changes. 

    What do you think about the impact of the digital age on children? Join the conversation in our Yes We Trust community, a free discussion group for data privacy professionals and enthusiasts, on LinkedIn:

    Go to the Yes We Trust community

    Related Articles
    Our freshest data privacy content for you
    • News

    YouTube and Google under scrutiny due to children’s data privacy concern │Yes We Trust

    August 22, 2023 by Jivika Lillaney

    YouTube and Google under scrutiny due to children’s data privacy concern

    Read Article

    • News

    Denmark looking to limit children personal data collection by Big Tech | Yes We Trust

    June 13, 2023 by Yes We Trust

    Denmark looking to limit children personal data collection by Big Tech

    Read Article

    • News

    UK regulator emphasizes child safety in draft on illegal content │Yes We Trust

    November 13, 2023 by Jivika Lillaney

    UK regulator emphasizes child safety in draft on illegal content

    Read Article

    • News

    Chinese e-commerce platforms under the radar for privacy concerns│Yes We Trust

    August 14, 2023 by Jivika Lillaney

    Chinese e-commerce platforms under the radar for privacy concerns

    Read Article

    • News

    UK Government proposes amendments to Data Protection and Digital Information Bill │Yes We Trust

    December 4, 2023 by Jivika Lillaney

    UK Government proposes forward-thinking amendments to Data Protection and Digital Information Bill

    Read Article

    • News

    The EU's Digital Services Act (DSA) is now in action│Yes We Trust

    August 31, 2023 by Jivika Lillaney

    The EU's Digital Services Act is now in action

    Read Article