Written by Haim Ravia and Dotan Hammer
The United States Federal Trade Commission (FTC) is proposing changes to the Children’s Online Privacy Protection Rule (COPPA Rule). If adopted, these changes would amount to a significant overhaul in the regulation of how children’s personal information is used and disclosed online.
The original COPPA Rule, effective in 2000, requires that certain online services and websites obtaining personal information from children under 13 seek parental consent and provide clear notice before such collection, use, or disclosure.
The FTC’s proposed changes, now open to public comments, include the following:
- Requiring separate parental opt-in to process children’s personal data for targeted advertising. Conditioning access to a service on the disclosure of personal information of children will be prohibited.
- Reinforcing the ban on collecting more personal information than necessary for a child’s participation in online activities.
- Limiting the use of persistent identifiers and restricting push notifications to children.
- Implementing new rules for educational technology, allowing schools to authorize Ed-Tech providers to collect and use students’ information solely for educational purposes.
- Increasing transparency and accountability in COPPA Safe Harbor programs.
- Strengthening data security requirements, limiting data retention, and mandating written policies for data security and retention.
Click here to read the proposed changes to the Children’s Online Privacy Protection Rule (COPPA Rule).