Setup a Demo
Free 30 min website monetization consulting included
According to a UNICEF report, More than 175,000 minors are using the internet for the first time everyday. They’re all tapping into great opportunities, but, at the same time, getting exposed to grave risks.
Worldwide 1 in 3 internet users is a child, and yet – as outlined in The State of the World’s Children 2017: Children in a digital world – too little is done to protect them from the perils of the digital world, to safeguard the trail of information their online activities create, and to increase their access to safe and quality online content.
Online publishers, content creators, agencies, and any website with kid-friendly content or ads have an obligation under COPAA to avoid collecting personal data from children who are under the age of 13.
This post is meant to provide recommendations for the publisher and marketing community to follow COPPA and learn how they can avoid policy violations.
COPPA stands for ‘The Children’s Online Privacy Protection Act of 1998.’ This act is enforced by the Federal Trade Commission (FTC) that stipulates what online service providers, website operators, and marketers should do to protect minor’s privacy and safety on the web.
Though the act is 20 years old, the need for COPPA compliance has increased over the past few years because of heightened cases of online child abuse and privacy violations.
For example, YouTube received a whopping fine of $170 million in September 2019 for COPPA violations.
Like YouTube, Google has also faced pressure from privacy regulators. In March 2020, the search engine was fined $1.7 billion by the European Commission for collecting personal information from minors.
The primary goal of COPPA is to ensure parents have control over the information that websites are collecting from their children. The rule protects children who are under 13, and applies to operators of online services and commercial websites that collect, disclose, or use visitor data to serve targeted advertising.
The term ‘online services’ covers any service available over the web that allows users to connect to a wide-area network. For example, services that allow users to engage in social networking activities, receive online advertisements, play network-connected games, and interact with any online content.
More examples include smart speakers, VOIP services, voice assistants, and Internet-enabled-location-based services.
*COPPA’s scope of applicability is limited to US-based audiences. It applies to websites and online services that collect data from children in the US, irrespective of where they’re operating from.
According to the federal trade commission’s guidelines, personal information include:
Section 312.5 of FTC’s COPPA guidelines deals with parental consent. Any website or online service shall obtain parental content before gathering, storing, processing, or disclosing any personal information belonging to a child.
The act recommends all child-directed operators to also verify parental consent through technology-based solutions. FTC recommends following ways for ensuring verifiable consent from parents:
If an online service provider or operator is unable to obtain parental consent, the act restricts them from collecting any personal information from children under section 312.7.
The ad tech industry is obligated to comply with COPPA regulations. Irrespective of the role an advertising technology company plays in ad serving or content creation, they must adhere to kid’s data privacy laws if their online services are child-directed.
Any online service, app, website, or device that is targeted to appeal to children, then it is considered child-directed. Hence, if an ad-tech company obtains data from under-13 users by offering child-directed services, then they must abide by COPPA.
The act also applies to third parties in the digital advertising ecosystem. If the ad tech agencies or third parties have knowledge that they’re collecting personal data from users of another online services or website, they’ll be subjected to COPPA regulations.
The Federal Trade Commission has listed a few steps that publishers or advertisers can take to ensure COPPA compliance. These steps include:
Total Time: 5 minutes
Publishers or ad tech companies can use different age verification techniques to identify the ages of their users. If their audience base is 13+, they don’t need to worry about COPPA compliance. u003cbr/u003eu003cbr/u003ei. COPPA only applies to websites that:u003cbr/u003eii. Serve content or ads to under 13 users and collect their datau003cbr/u003eiii. Do not have age-restriction filter for a new sign up u003cbr/u003eiv. Have an external plugin that collects information specifically from the children
If your content or ads cater to kids under the age to 13, your website should have all the information about the personal data that’s being collected from online users. For example:u003cbr/u003eu003cbr/u003ei. Manner of data collection u003cbr/u003eii. Type of personal data that you store u003cbr/u003eiii. Information about third parties or sources that are processes user’s personal data u003cbr/u003eiv. The policy must have a clearly visible section on parent’s rights on their children’s personal data.
COPPA also asks the operators to verify parental consent that they’ve taken. The FTC website doesn’t mention any specific method for obtaining verifiable parental consent. But here are few acceptable methods:u003cbr/u003eu003cbr/u003ei. Parents can sign an online consent form and send it back to the operator or company through email or postal service u003cbr/u003eii. A toll free number can be made available for parents to give their consent to trained professionals u003cbr/u003eiii. Parents can provide any government ID u003cbr/u003eiv. Websites can use facial recognition technology to verify consent
COPPA asks website operators to implement sufficient security measures on their site. It recommends them to not retain data for a longer period of time, and also restricts sharing of information with third-parties that are capable of maintaining confidentiality of such information.
COPPA has turned into a strict legislation that comprehensively addresses issues related to children’s privacy. It ensures that online operators follow acceptable privacy and security standards.
Over the last few years, FTC has hit many major operators with hefty fines for violating COPPA requirements. FTC has also passed many guidelines that have changed how companies gather and process personal information of children.
For detailed information on COPPA visit www.ftc.gov.