You must be aware of COPPA if you are launching or running a website or app. Despite the name, COPPA isn’t a famous Hollywood family or Italian dish. COPPA refers to the Children’s Online Privacy Protection Act, a law that is a nightmare if you are caught violating it.
Children’s Privacy Online
“Who will protect the children?”Although a hilarious refrain from various Simpson’s episodes, the question requires serious consideration in a world where young children can get on and surf the web as easily as adults. The question then becomes what information should companies be allowed to collect for these kids? COPPA addresses that very topic.
What Is COPPA?
COPPA is a law that restricts the right of sites to collect personal information from children without the consent of a parent. The rule is verified consent must be obtained from parents prior to collecting any information from the young children.
How exactly does one obtain permission? Well, this is where things get tricky. The FTC enforces the law and issues directives. The agency suggests a number of different approaches ranging from the simple to the stupendously burdensome. One approach is to seek parental consent via email verification. The problem, of course, is any child with half a brain can fake the verifying email by opening a free email account and pretending to be a parent. Given this, the FTC is anticipated to do away with this option in the summer of 2013 and instead require phone or facsimile verification.
The more restrictive process certainly has downsides as well. The internet is the world of “now” as people want to read/see it now. How many parents of kids are going to go through the lengthy process of undergoing written or phone parental verification? This hurdle is a particular concern since parents will have no familiarity with the site in question and will be inclined to respond with an automatic “no.” Indeed, many feel this verification process effectively kills any business model that involves kids under the age of 13 [such as game sites] that are not huge brands such as Disney for this very reason. Time will tell.
A valid question when discussing the Children’s Online Privacy Protection Act is, frankly, does it work? The FTC has gone after companies that have failed to comply with the law. Xanga, for one, was fined a million dollars for its failure.
Having said this, it is no secret that there are millions of kids under the age of 13 on Facebook. Despite this, the FTC has never pursued Facebook. What is the difference between Xanga and Facebook? If one is cynical, the difference might be that Facebook spent roughly $650,000 lobbying the federal government on privacy issues in 2011-12 while Xanga spent nothing. Ah, the U.S. government wouldn’t work that way…would it?
Unless you have a massive amount of capital and political sway, you need to analyze carefully whether your site must be COPPA compliant. The FTC uses a sliding scale of factors to make the determination. Contact me to learn more about the process.
The penalties for violating COPPA are significant. They start at $16,000 per violation. If you knowingly have 10 children on your site that are eight years old, you could be hit with $160,000 in damages. In short, there is much at risk.
The Children’s Online Privacy Protection Act is starting to receive significant attention from politicians and the FTC. Given this, you are playing Russian Roulette if you do not understand it or take steps to comply with it. Contact me to learn more.
Richard A. Chapo, Esq.
Other COPPA Articles That May Interest You: