Recent Updates to the Children’s Online Privacy Protection Act (COPPA)
As mentioned in the last blog post, the amended Children’s Online Privacy Protection Act (COPPA) went into effect on July 1, 2013. The amendment clarifies standards and situations that fall under the Act’s scope, as well as broadening the definitions of “personal information” and website/online services operators. The revamped definition of “personal information” now includes four new categories:
Geolocation information;
Photos or videos containing a child’s image or audio files with the child’s voice;
Screen names or usernames when they function as a contact name or permits direct contact with a person online; and
Persistent identifiers when it can be used to recognize a user over time and across different website or online services.
Similarly, the amendment also modifies the definition of “operator” to now include operators that integrate third-party services such as plug-ins or advertising networks.
The amendment also expands the list of acceptable methods for obtaining parental consent, clarifies notice requirements, creates new exceptions to notice and consent requirements, and strengthens data security protections. COPPA now also strengthens the Federal Trade Commission’s (FTC) oversight of self-regulatory safe harbor programs and institutes a voluntary pre-approval mechanism for new consent methods and for activities that support the internal operators of a website or online service.
COPPA may now also find operators liable for the collection of information that may occur through third-party sites and services, even if it is just web advertising. As such, ad-networks that provide advertising as a third-party may be found liable where:
The child-directed content provider has communicated the nature of its content to the ad-network; or
A representative of the ad-network has recognized the child-directed nature of the content.
Overall, however, the FTC recognizes that the analysis of whether an operator has complied with COPPA is still very fact--specific. As such, website and online services operators are strongly encouraged to consult the FTC’s updated FAQ guide at http://business.ftc.gov/documents/Complying-with-COPPA-Frequently-Asked-Questions in order to determine whether they properly comply with COPPA. As a court may hold operators who violate the Act for civil penalties of up to $16,000 per violation, it is clearly in the operator’s best interest to do so.
Source: http://business.ftc.gov/documents/Complying-with-COPPA-Frequently-Asked-Questions
For more information on online privacy.
Klemchuk LLP is an Intellectual Property (IP), Technology, Internet, and Business law firm located in Dallas, TX. The firm offers comprehensive legal services including litigation and enforcement of all forms of IP as well as registration and licensing of patents, trademarks, trade dress, and copyrights. The firm also provides a wide range of technology, Internet, e-commerce, and business services including business planning, formation, and financing, mergers and acquisitions, business litigation, data privacy, and domain name dispute resolution. Additional information about the IP law firm and its IP law attorneys may be found at www.klemchuk.com.
Klemchuk LLP hosts Culture Counts, a blog devoted to the discussion of law firm culture and corporate core values with frequent topics about positive work environment, conscious capitalism, entrepreneurial management, positive workplace culture, workplace productivity, and corporate core values.