Amendments to the 1998 Children’s Online Privacy Protection Act (COPPA) rule went into effect on July 1, 2013. Before we can dive into what the updates entail, however, a quick primer on COPPA is necessary. COPPA launched in 1998 and is a set of regulations tailored to place parents in control over what information is collected from their children online. By “children,” the Act is referring to any “individual under the age of 13.” So who must comply with COPPA? Any website or online service operator that collects or maintains personal information (name, address, email address, telephone number, etc.) about users or visitors to the website, which may include children. Note that even if the website operator may not be actively encouraging children to use their website or is unaware that some of their users may be under age, mere ignorance of the Act or of such users does not constitute a defense.

Moreover, COPPA applies to more than just websites; it also extends to “online services” as well. Here, online services may refer to play network-connected games, social networking sites or applications, receiving online advertisements, purchasing goods or services online, and even voice-over-Internet protocol services. COPPA also specifically prohibits operators from enticing children to provide personal information in return for rewards or participation in online games.

As such, in order to comply with COPPA, operators whom collect personal information from children must provide clear notice on what personal information is to be collected, disclosure practices of such information, and must seek verifiable parental consent for the collection, use, and disclosure of such information. If they do not comply, the collection of such personal information from children is strictly prohibited. Once information is collected, however, operators are required to maintain reasonable protocols to protect the integrity of the information collected.

Likewise, if an operator receives a request from a parent regarding the personal information collected from their child, the operator must provide the description of the information collected, offer the parent the opportunity to refuse to allow their child to provide any further information, and a means for the parent to remove the information collected from the child.

Lastly, COPPA overrides any conflicting state or local law. As such, any operators of websites and online services should familiarize themselves with COPPA in order to minimize their online liability. For those whom are worried that they have run afoul of COPPA, some safe harbors do exist, for more information, visit http://business.ftc.gov/privacy-and-security/childrens-privacy.

Sources: http://www.ftc.gov/ogc/coppa1.htm#sthash.wzX4Olpc.dpuf http://www.ftc.gov/ogc/coppa1.htm http://business.ftc.gov/privacy-and-security/childrens-privacy

For more information on this topic, please visit our online privacy page.

Klemchuk LLP is an Intellectual Property (IP), Technology, Internet, and Business law firm located in Dallas, TX.  The firm offers comprehensive legal services including litigation and enforcement of all forms of IP as well as registration and licensing of patents, trademarks, trade dress, and copyrights.  The firm also provides a wide range of technology, Internet, e-commerce, and business services including business planning, formation, and financing, mergers and acquisitions, business litigation, data privacy, and domain name dispute resolution.  Additional information about the IP law firm and its IP law attorneys may be found at www.klemchuk.com.

Klemchuk LLP hosts Culture Counts, a blog devoted to the discussion of law firm culture and corporate core values with frequent topics about positive work environment, conscious capitalism, entrepreneurial management, positive workplace culture, workplace productivity, and corporate core values.