The FTC staff published today a “Six-Step Compliance Plan” for businesses to comply with the Children’s Online Privacy Protection Act (COPPA). The guidance, which provides a useful framework for businesses, states explicitly that COPPA applies to connected toys and other devices that collect personal information from children over the Internet. The FTC’s 2013 revisions to the COPPA Rule greatly expanded … Continue Reading
Yesterday, the Supreme Court denied certiorari in In re Nickelodeon Consumer Privacy Litigation, a case addressing whether static digital identifiers like internet protocol (IP) addresses qualify as personally identifiable information (PII) under the Video Privacy Protection Act (VPPA). As a result, the Third Circuit’s June 27, 2016 decision in the case—which held that IP addresses … Continue Reading
China’s top internet regulator, the Cyberspace Administration of China (“CAC”), continues to show interest in setting more stringent rules governing the protection of minors in the context of online activities and data privacy. Immediately prior to the October holiday, CAC released for public comment new draft regulations aimed at protecting minors on the Internet, the … Continue Reading
In an example of successful industry self-regulation, the website DorkDiaries.com revised its privacy practices for children’s data, following an inquiry from the Children’s Advertising Review Unit (CARU). CARU, the children’s arm of the advertising industry’s system of self-regulation, monitors advertising to children in all media. As part of that effort, it examines websites and apps … Continue Reading
Under the Children’s Online Privacy Protection Act (COPPA), operators of certain websites, mobile applications, and other online services must provide parents notice and obtain verifiable parental consent before collecting, using, or disclosing personal information from children under the age of 13 online. The FTC has approved a new facial-recognition based method to comply with COPPA, … Continue Reading
By Megan L. Rodgers What information is being collected by mobile apps and websites directed at kids? With whom is that information shared? What notice is provided to parents? Regulators in the U.S. and abroad continue to focus on these issues. The FTC recently released a follow-up report on privacy notices in mobile apps directed … Continue Reading
By Ani Gevorkian The FTC has issued a request for public comment regarding Riyo’s application to recognize a new proposed verifiable parental consent method under the FTC’s Children’s Online Privacy Protection Act Rule. The Rule, which implements the Children’s Online Privacy Protection Act (COPPA), requires certain website operators, mobile applications, and other online services to … Continue Reading
In late December 2014, the FTC staff sent China-based mobile app developer BabyBus a letter warning the company that several of its apps may violate the FTC’s Children’s Online Privacy Protection Act (COPPA) Rule. Staff alleged that the apps are marketed for young children and “use cartoon characters to teach children letters, counting, shapes, music, … Continue Reading
The Federal Trade Commission (“FTC”) recently reiterated its support for the use of “common consent” mechanisms that permit multiple operators to use a single system for providing notices and obtaining verifiable consent under the Children’s Online Privacy Protection Act (“COPPA”). COPPA generally requires operators of websites or online services that are directed to children under … Continue Reading
Yesterday, several big tech companies that offer educational and school services signed the “Student Privacy Pledge,” introduced by the Future of Privacy Forum (“FPF”) and The Software & Information Industry Association (“SIIA”) to safeguard student privacy as it relates to the collection, maintenance, and use of students’ personal information. Among the fourteen education tech companies … Continue Reading
Making good on its warnings that mobile apps will be an enforcement priority under the revised Children’s Online Privacy Protection Act (“COPPA”) Rule, the FTC has announced two settlements with mobile app developers: TinyCo., the developer of several child-directed mobile apps, will pay $300,000 to settle charges that it violated COPPA by collecting children’s email addresses through its mobile app … Continue Reading
The FTC staff has posted revisions to three Frequently Asked Questions (“FAQs”) related to obtaining verifiable parental consent under its COPPA Rule. For a comparison of the old and new FAQs, click here. Although the changes (which include a new FAQ H.16) may appear substantial, they mostly reaffirm the FTC’s longstanding position that the agency’s … Continue Reading
The FTC has denied AssertID’s request to recognize a new method for obtaining verifiable parental consent for the online collection, use, and disclosure of personal information from children under 13. The application was the first of its kind to be filed since the FTC added a voluntary parental consent approval process to its revised rule implementing … Continue Reading
Earlier this month, we blogged about the California Senate’s passage of the bill titled “Privacy Rights for California Minors in the Digital World”, which prohibits certain targeted advertising to California minors and requires that minors be allowed to delete materials they have posted online. Yesterday, California Governor Jerry Brown signed the legislation, and it will … Continue Reading
Last Friday the California Senate unanimously passed legislation titled, “Privacy Rights for California Minors in the Digital World,” which prohibits certain types of marketing to minors (defined as a natural person under the age of 18 residing in California) and allows minors to delete materials they have posted online. The bill, which already cleared the … Continue Reading
The Federal Trade Commission has sent letters to more than 90 different companies who develop mobile apps that the FTC claims may be directed to children. The letters emphasize that the FTC has not evaluated the apps or the companies’ practices to determine if they comply with the current or revised COPPA Rule. Instead, the letters remind these … Continue Reading
The Federal Trade Commission (FTC) has voted unanimously to retain the July 1, 2013 effective date for its revisions to the rule implementing the Children’s Online Privacy Protection Act (COPPA). As we previously wrote, the FTC adopted significant revisions to the COPPA rule in December 2012 and established a July 1, 2013 effective date. In … Continue Reading
Last week, the California Senate unanimously passed a bill that would give California minors the right to “remove content or information” that they submit to websites, online services, online applications, or mobile applications. The term “content or information” is not defined, and could be interpreted broadly to include any text, photos, videos, audio files, or … Continue Reading
Speaking at a seminar hosted by the International Association of Privacy Professionals, Assistant Director Chris Olsen and Senior Attorney Peder Magee, both of the Federal Trade Commission’s Division of Privacy and Identity Protection, provided a useful overview of the FTC’s recent enforcement actions and current enforcement priorities. Based on this discussion, the following infographic identifies the … Continue Reading
The Federal Trade Commission has released its much anticipated revised COPPA FAQs. Although these FAQs are not legally binding, they provide informal guidance to industry on staff’s interpretations of the COPPA Rule. For the most part, the FAQs reiterate past guidance and emphasize key provisions of the new COPPA Rule and its Statement of Basis and Purpose. However, here are 5 key things that the revised … Continue Reading
Advances in technology present opportunities to improve student learning, allow teachers and students to work more efficiently, and reduce operational costs for educational institutions. Many schools are taking advantage of these benefits by implementing online course systems and cloud computing services that allow students and teachers to access their programs, e-mails, and documents online from … Continue Reading
Path, a social networking mobile app, has agreed to enter into a settlement with the Federal Trade Commission (“FTC”) regarding charges that the company deceived consumers by collecting contact information from users’ mobile address books without notice and consent. The agreement also resolves charges that the company violated the Children’s Online Privacy Protection Act (“COPPA”) … Continue Reading
The U.S. took the lead in legislating privacy rights for children and parents in the Children’s Online Privacy Protection Act more than a decade ago. Now the European Union has proposed including privacy protections for children in the Data Protection Regulation under discussion, and Latin American countries have included regulation of children’s privacy in new … Continue Reading
