Data Risk Intelligence
Automated Data Mapping
Do Not Sell/Do Not Share
Cookie Banner Solutions
Consent & Preferences
Data Rights RequestsCOPPA, the Federal Children’s Privacy Law, Turns 20
There have been various activities over the past week to celebrate the fact that the Children’s Online Privacy Protection Act (COPPA) hit twenty years old. If you think back twenty years to 1998, it is amazing to realize that COPPA has been on the books for almost the entire existence of Google. Google was started just over a month before Congress passed COPPA, although COPPA did not go into effect until April 21, 2000.
As privacy has moved to the forefront of discussion topics this year, the issue of children’s privacy has also gained additional attention. Consumer, digital and privacy rights groups have filed complaints with the Federal Trade Commission over Youtube, Facebook and other companies. The FTC has also brought enforcement actions against a seller of internet-connected toys, a web-based talent search firm, in addition to warning letters against two foreign marketing companies for geolocation tracking on kids’ devices.
COPPA has not remained static over the years. The FTC issued the COPPA Rule at the direction of Congress in 2000, and amended the rule over the years to address social networking, online access via smartphones, geolocation data, and other online content (photos, videos, etc.) that contain a child’s image or voice.
Senator Ed Markey (D-Mass.) has introduced the Do Not Track Kids Act into the U.S. Senate for the past few years in order to strengthen COPPA. The legislation would extend the age for COPPA protections to children under 16 years old and give parents the ability to delete information from their kid’s online history (similar to GDPR’s Right to Delete). Senator Markey is pushing for the legislation as either a stand-alone bill or as part of a new comprehensive federal privacy law.
The FTC issued a blog post commemorating the 20th birthday of the federal privacy law for kids. The post emphasized how the FTC is committed to rigorous enforcement, responding to developments in technology, seeking new ways to ensure verifiable parental consent, incentivizing self-regulatory efforts, and helping companies stay with the confines of the law.
If Congress decides to pass a comprehensive federal privacy law, it is possible that COPPA will either be rolled into its protections or strengthened. The European Union General Data Protection Regulation (GDPR) includes special privacy rules for children, and the California Consumer Privacy Act reverses its standard practice opt-out consent for the sale of personal information for kids under the age of 16 years (making it an opt-in requirement instead).
We will be closely following any changes to COPPA by Congress and will post details here as legislation develops in Congress.
EU GDPR
– GDPR Compliance
– Consent Management Software
– GDPR Data Mapping Software
– DSAR Portal
– GDPR Text
California Consumer Privacy Act
– CCPA Summary
– CCPA vs GDPR
– CCPA Privacy Software
– CCPA Webinar
More Blog Posts on COPPA:
Oath to Pay $5 Million in Record COPPA Settlement
Groups ask FTC to Fine Youtube over COPPA
Do Not Track Kids Act Back in Congress
