Child Online Privacy Rules Updated: What You Should Know
For the first time in 15 years, the Federal Trade Commission has revamped the Children's Online Privacy Protection Act. If your association attempts to reach children online, these changes could affect you. Read on.
One of the earliest efforts to regulate the way organizations use the internet has gotten an update.
The Children’s Online Privacy Protection Act (COPPA), first passed in 1998, had gone without significant modification for years until the Federal Trade Commission (FTC), which accepted comments on the proposed updates last year, approved changes in December that went into effect July 1.
If your organization reaches children online, the changes could affect you. Here’s what you should keep in mind:
Consent requirement: In an op-ed post for USA Today’s CyberTruth, trial attorney Tyler Newby explains that the changes to the law are largely meant to reflect the web’s increasingly social nature. “Reflecting the growth of social networks, user-generated content, and child-oriented mobile apps,” Newby writes, “operators of child-directed sites now must obtain verifiable parental consent before they can collect users’ screen names; photo, video, and audio files that contain a child’s image or voice; geolocation data precise enough to identify a street and city; and persistent identifiers, such as cookies, an IP address, or unique mobile device identifier.”
Even “Like” buttons matter: As lawyer Liisa M. Thomas writes on the Association of Corporate Counsel’s Lexology site, one of the rule changes affects commonly used social media plug-ins, such as Facebook’s “Like” button. In some cases, she notes, the buttons are allowed, but only if they meet certain criteria. “[F]or a plug-in that is used in a way that meets these criteria, an exception to the requirement to notify parents and get their consent will apply, provided that the rule wasn’t triggered in some other way,” she writes.
For organizations that fail to comply with the new rules, the fine is steep—reaching $16,000 per violation of the law.