Pozovite nas: +381 11 316 07 24

Prvomajska 8n, Zemun Na mapi

About us

What Is the Coppa Rule

Suppose your website is subject to COPPA rules as defined in the previous section. What should you do? The National Law Review has a good breakdown of the basics. You must: In addition to running personalized ads for kids on YouTube, what other types of things will cause you trouble with the FTC over COPPA rules? A trip to the FTC`s website reveals a few steps to avoid: As panic spread through the YouTuber creator community after Google`s move, a number kept popping up and repeating itself video after video: $42,530. That was the amount, rumor has it that the FTC would punish anyone who violated COPPA rules. Given that many creators are individual amateurs who don`t earn as much from their channels in a year, this seemed like a frighteningly high number. For more information about recent changes to COPPA, see: business.ftc.gov/blog/2012/12/ftcs-revised-coppa-rule-five-need-know-changes-your-business. Before sharing information with these companies, you should determine what the data practices of service providers or third parties are in order to maintain the confidentiality and security of the data and prevent unauthorized access to or use of the information. Your expectations regarding data processing must be explicitly addressed in all contracts you have with service providers or third parties. In addition, you must use reasonable means, such as. B regular monitoring, to confirm that service providers or third parties with whom you share children`s personal information maintain the confidentiality and security of that information. Congress passed the Children`s Privacy Protection Act (COPPA) in 1998. The law, which came into effect in 2000, mandates the Federal Trade Commission (FTC) to adopt and enforce regulations relating to children`s online privacy. In December 2012, the FTC made some changes to COPPA`s rules, which went into effect on July 1, 2013.

The amended rule has significantly expanded and strengthened COPPA to better reflect the evolution of technology and changes in the way children use and access the internet, including the increasing use of smartphones and mobile devices. The Act, effective April 21, 2000, applies to the online collection of personal information by individuals or entities under U.S. jurisdiction from children under the age of 13, including children outside the United States, if the Company is located in the United States. [1] It describes in detail what a website operator must include in a privacy policy, when and how verifiable consent from a parent or guardian can be obtained, and what responsibilities an operator has to protect the privacy and safety of children online, including restrictions on marketing to people under the age of 13. [2] KidsCom cleaned up its act in response to the letter and remained an ongoing activity until 2019. But in a subsequent report to Congress, the FTC presented evidence of continued non-compliance with privacy regulations, and in 1998, Congress passed COPPA to give the agency more power to protect children`s privacy. While the FTC updated its regulations to keep up with changes in the online world, the basic framework of the law has remained more or less the same since then. Yes. COPPA gives states and certain federal agencies the power to enforce regulations regarding the companies for which they are responsible.

For example, New York has taken several measures to implement COPPA. See ag.ny.gov/press-release/2019/ag-james-google-and-youtube-pay-record-figure-illegally-tracking-and-collecting (September 2019); ag.ny.gov/press-release/2018/ag-underwood-announces-record-coppa-settlement-oath-formerly-aol-violating (December 2018); ag.ny.gov/press-release/2016/ag-schneiderman-announces-results-operation-child-tracker-ending-illegal-online (September 2016). In addition, some federal agencies, such as the Office of the Comptroller of the Currency and the Department of Transportation, are responsible for complying with COPPA for the industries they regulate. COPPA requires operators to inform parent companies of their disclosure practices; obtain verifiable parental consent; collect as little data as possible; and maintain appropriate procedures to protect the confidentiality, security and integrity of children`s personal data. COPPA`s primary goal is to give parents control over the information collected online from their young children under the age of 13, while protecting them while taking into account the dynamic nature of the Internet. The FTC has a comprehensive website that informs the public about a variety of the agency`s activities. The “Protecting Children`s Privacy” section contains a variety of documents about COPPA, including all proposed and final rules, public comments received by the Commission in connection with the development of its rules, advice to businesses, parents, and teachers, information about COPPA safe harbor programs approved by the Commission, and FTC cases filed to have apply COPPA. Many of the training materials on the FTC`s website are also available free of charge in paper form from www.bulkorder.ftc.gov.

That depends. The general rule is that any parental consent mechanism “must be reasonably calculated taking into account the technology available to ensure that the person giving consent is the child`s parent.” The rule lists several methods that automatically meet this standard, one of which is the use of a credit card, debit card, or other online payment system as part of a monetary transaction. It is important that the methods listed are not exhaustive; You can use other methods as long as they are “reasonably calculated” to ensure that consent is given by the parents. While collecting a 16-digit credit or debit card number is not sufficient for the method usually indicated, there may be circumstances in which the collection of the card number – in conjunction with the implementation of other safeguards – would be sufficient to meet the standard of verifiable parental consent. For example, you can supplement the request for credit card information with specific questions that only parents know the answer to and find other ways to contact the parent. The website of TRUSTe, one of the approved Safe Harbor organizations, provides a good breakdown of what this certification entails. The organization first reviews your website or service and creates a report on your compliance (or lack thereof) with the law. They will then help you resolve issues and, once this process is complete, certify your site as COPPA compliant. The organization will then provide oversight and direction for the future.

All this, of course, comes at a price. And the system can also be played in several ways: in one particularly brazen case, a Swiss game developer called Miniclip falsely claimed to be certified by a Safe Harbor organization for seven years. CopPA can be traced back to a complaint from the Center for Media Education in 1996 about KidsCom, one of the first child-focused internet websites. The FTC reviewed and published its findings in 1997 in a document that became known as the KidsCom Letter. KidsCom had collected data through entry forms, contest entries, and correspondent programs, and the FTC found that the company violated FTC rules in many ways by processing that data. KidsCom shared this data with third parties (although the data was aggregated and not in the form of personally identifiable information about individual children) and did so without informing the children or their parents. Like all internet laws, COPPA is a bit difficult to enforce. For example, tech-savvy teens may find ways to falsify parental consent. In addition, the law only applies to companies doing business in the United States, while the Internet has a global reach.

Some business owners are annoyed by the restrictions imposed by COPPA, arguing that the government should not participate in regulating the Internet. “One of the beauties of the internet is that an entrepreneur can start their business with minimal investment and regulatory control,” Campanelli noted. They argue that regulation increases costs for small business owners. However, other operators of small children`s websites feel that it is their responsibility to protect the privacy of their users, even if it can be expensive. “If you want to play in the kids` arena, you have to keep it safe, even if it costs,” Alison Pohn, marketing director for a children`s website, told Rogers. “If you run a school or camp, invest in the safest play equipment and the best pool lifeguard. It`s no different. Coppa`s main goal is to give parents control over the information collected from their young children online.

The rule is designed to protect children under the age of 13 while taking into account the dynamic nature of the Internet. The rule applies to operators of commercial websites and online services (including mobile applications and IoT devices such as smart toys) that target children under the age of 13 who collect, use or disclose personal information from children, or on whose behalf such information is collected or managed (for example. B where personal information is collected by an advertising network to deliver targeted advertising). The rule also applies to operators of websites or online services intended for the general public who are genuinely aware that they are collecting, using or disclosing personal data from children under the age of 13, as well as to websites or online services that actually know that they are collecting personal data directly from users of another website or online service intended for children. Operators who fall under the rule must: In August 2018, the FTC voted unanimously to approve EPIC`s recommendations to strengthen the protection of children`s data in the gaming industry. With a 5-0 vote, the FTC accepted EPIC`s proposals to revise the Entertainment Software Rating Board`s industry rules to (1) extend children`s privacy protection in coppa to all users worldwide; and (2) the implementation of data protection safeguards for the collection of “anonymized” data. The FTC wrote: “The Commission agrees with EPIC`s comment.