What Is COPPA?

What Is COPPA?

If you have ever perused our Resources for Parents page, you may have seen that certain popular apps and social media sites are not COPPA Compliant (such as Twitter). But what does that really mean? Today, we’re diving into what COPPA is, who COPPA protects, and why COPPA is important.

What Is COPPA?

Basically, COPPA, the Children’s Online Privacy Protection Rule, imposes certain requirements on operators of websites and online services directed to children under 13, in regards to the collection of personal information of children. COPPA was designed to help parents remain in control of what personal information various websites and online applications can collect from their young children.

From the Federal Trade Commission’s (FTC’s) - the governmental body who has the authority to issue regulations and enforce COPPA - frequently asked questions about COPPA (the bolded emphasis is ours!):

Congress enacted the Children’s Online Privacy Protection Act (COPPA) in 1998. COPPA required the Federal Trade Commission to issue and enforce regulations concerning children’s online privacy. The Commission’s original COPPA Rule became effective on April 21, 2000. The Commission issued an amended Rule on December 19, 2012.  The amended Rule took effect on July 1, 2013.

The primary goal of COPPA is to place parents in control over what information is collected from their young children online. The Rule was designed to protect children under age 13 while accounting for the dynamic nature of the Internet. The Rule applies to operators of commercial websites and online services (including mobile apps) directed to children under 13 that collect, use, or disclose personal information from children, and operators of general audience websites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under 13. The Rule also applies to websites or online services that have actual knowledge that they are collecting personal information directly from users of another website or online service directed to children. Operators covered by the Rule must:

  1. Post a clear and comprehensive online privacy policy describing their information practices for personal information collected online from children;
  2. Provide direct notice to parents and obtain verifiable parental consent, with limited exceptions, before collecting personal information online from children;
  3. Give parents the choice of consenting to the operator’s collection and internal use of a child’s information, but prohibiting the operator from disclosing that information to third parties (unless disclosure is integral to the site or service, in which case, this must be made clear to parents);
  4. Provide parents access to their child's personal information to review and/or have the information deleted;
  5. Give parents the opportunity to prevent further use or online collection of a child's personal information;
  6. Maintain the confidentiality, security, and integrity of information they collect from children, including by taking reasonable steps to release such information only to parties capable of maintaining its confidentiality and security; and
  7. Retain personal information collected online from a child for only as long as is necessary to fulfill the purpose for which it was collected and delete the  information using reasonable measures to protect against its unauthorized access or use.

What Constitutes “Personal Information” Under COPPA?

The FTC defines “Personal Information” to include:

  • First and last name;
  • A home or physical address;
  • Online contact information;
  • A phone number;
  • A social security number;
  • A photograph, video, or audio file that contains a child’s image or voice;
  • Geolocation information.

How Can A Game, App, Or Social Media Site Comply With COPPA?

According to a recent article from Forbes.com, operators covered by the COPPA rule must:

  • Post a clear and comprehensive online privacy policy describing their information practices for personal information collected online from children;
  • Provide direct notice to parents and obtain verifiable parental consent, with limited exceptions, before collecting personal information online from children;
  • Give parents the choice of consenting to the operator’s collection and internal use of a child’s information, but prohibiting the operator from disclosing that information to third parties (unless disclosure is integral to the site or service, in which case, this must be made clear to parents);
  • Provide parents access to their child’s personal information to review and/or have the information deleted;
  • Give parents the opportunity to prevent further use or online collection of a child’s personal information;
  • Maintain the confidentiality, security, and integrity of information they collect from children, including by taking reasonable steps to release such information only to parties capable of maintaining its confidentiality and security; and
  • Retain personal information collected online from a child for only as long as is necessary to fulfill the purpose for which it was collected and delete the information using reasonable measures to protect against its unauthorized access or use.

What Do Parents Need To Know About COPPA?

The dangers of a child’s data falling into the wrong hands can be devastating, and parents are responsible as the main gatekeepers of this data. Child identity theft is a real threat. It can be hard to trace every single digital step your child takes, but there are ways to keep better vigilance. If you feel that a website or app is in violation of COPPA, you can file a complaint with the FTC to notify them of this violation. And the most important thing parents can always do is to make sure they’re talking to their kids about privacy and personal information.

What Do Educators Need To Know About COPPA?

Common Sense Media offers a guide for everything that teachers need to know about COPPA and what they can do to make sure that their classroom and their schools are also in compliance, but as a brief overview, they suggest:

  1. Know your school’s policies on adopting new technologies and follow them to the letter.
  2. Choose your classroom applications and programs wisely.
  3. If you are not sure about a technology tool, look into a reputable source who has done an evaluation on it. We have access to them here on our Smart Girl site and other organizations also have them.

**Smart Girl Note: This article should not be considered legal advice. We’ve shared a number of resources and our summary of the COPPA Rule.**

If you’d like to check out other articles for parents and educators, please check out this page on our site: https://www.smartgirlsociety.org/blog/category/parents-and-educators.

******

Smart Girl Society, Inc., is an Omaha-based nonprofit working to educate and inspire smart & confident girls, women, & families. Through educational workshops, civil outreach programs, and technology & social media research, we work with girls, parents, & educators to promote authenticity on social media and in real life. We educate how to remain safe on social media and how to avoid becoming a target of sextortion. We also inspire action for students to focus on their personal brand development, leadership, educational opportunities, and healthy social skills. Interested in learning more? Check us out!


Comments