The Federal Trade Commission (FTC) is proposing changes to the Children’s Online Privacy Protection Rule (COPPA Rule) in a bid to protect children’s personal data more robustly. The proposed changes aim to restrict how companies use and disclose children’s personal information, limiting their ability to monetize such data.
The COPPA Rule, implemented in 2000, mandates that websites and other online services obtain parental consent before collecting, using, or disclosing personal information from children under the age of 13. It also places restrictions on the types of personal data that can be collected from children, how long this data can be retained, and requires companies to secure the data.
The FTC’s latest review of the COPPA Rule commenced in 2019, inviting public comments on whether changes were necessary. The agency received over 175,000 comments and held a workshop in October 2019 to discuss the potential need for updates in light of evolving digital practices, including the increased use of voice-enabled devices, educational technology, and platforms hosting third-party content aimed at children.
The last significant amendments to the COPPA Rule were made in 2013, to account for the surge in mobile device use and social networking. These changes expanded the definition of personal information to encompass persistent identifiers like cookies that track a child’s online activity, as well as geolocation data, photos, videos, and audio files.
In the latest round of proposed changes, the FTC aims to further refine the COPPA Rule to keep pace with rapidly evolving digital landscapes. Notable alterations include requiring separate opt-ins for targeted advertising, prohibiting conditioning a child’s participation on the collection of personal information, placing limits on the internal operations exception, and curbing attempts to encourage children to stay online.
The proposed changes also seek to address issues related to educational technology, increase accountability for Safe Harbor programs, strengthen data security requirements, and impose limits on data retention.
In a move that underscores the growing concern over more sophisticated data collection techniques, the FTC has proposed expanding the definition of “personal information” to include biometric identifiers. In determining whether a website or online service is targeting children, the Commission will consider factors like marketing materials, consumer representations, user reviews, and the age demographics of similar platforms.
The proposed changes are set to be published in the Federal Register shortly, after which the public will have 60 days to submit comments. Once submitted, these comments will be posted on Regulations.gov. The FTC’s proposed amendments to the COPPA Rule represent a significant effort to ensure that as technology evolves, so too do the protections for our most vulnerable digital citizens – children.
For the latest news on everything happening in Chester County and the surrounding area, be sure to follow MyChesCo on Google News and Microsoft Start.