Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Modified online children's privacy rules take effect in US

Some websites and app developers are uncertain how to comply with the revised regulations

Some websites and mobile app developers are confused about how to comply with revised rules governing the online collection of personal information from children that took effect in the U.S. Monday, critics said.

The U.S. Federal Trade Commission, under updated regulations for the Children's Online Privacy Protection Act (COPPA), is restricting targeted advertising aimed at children and requiring that websites and mobile apps take extra care when handling children's cookies, geolocation information, photos and other identifying information.

The FTC last updated the FAQ about complying with the new rule just weeks ago, said Morgan Reed, executive director of the Association for Competitive Technology (ACT), a trade group that represents mobile app developers. App developers continue to have questions about how to comply with the revised rules, he said.

"How do we make the goals of COPPA function in a technological world where a parent might hand their tablet computer from the front seat of the car to the back seat of the car?" Reed said. "How does the developer know when he has to change behavior ... when that tablet goes over the divider?"

The FTC seems to be updating the FAQ "willy-nilly," added John Feldman, a technology-focused lawyer at law firm Reed Smith. In some cases, the FAQ seems to add requirements that weren't in the rule the FTC approved in December, he said.

The FTC didn't immediately respond to a request for comments on criticisms about the new rules.

Online businesses should focus on the big-picture issues with the new regulations, which limit the online tracking of children and eliminate targeted advertising aimed at them without parental consent, Feldman said.

Still, Feldman believes the FTC will give some companies time to work out compliance issues. "Those who are seeking to comply and are making bona fide efforts in that regard -- and can demonstrate that through documentation of modified procedures and monitoring practices -- will probably get more latitude for an extended timeline than those who are simply wringing their hands," he said.

COPPA, passed in 1998, requires that websites and online services that are either directed at children under 13 or have actual knowledge that they are collecting personal information from children under 13 give notice to parents and get their consent before collecting, using or disclosing that information.

The revised rules define cookies, geolocation information, photos, videos, audio recordings, IP addresses and mobile device IDs as personal information that websites and service providers must get parental consent to collect. The changes also closed what the FTC calls a "loophole" allowing third-party plug-ins to collect children's information without parental consent.

The new rules also strengthened data security protections by requiring that covered website operators and online service providers take reasonable steps to release children's personal information only to companies that are capable of keeping it secure and confidential.

COPPA allows civil penalties of up to US$16,000 per violation.

Privacy advocates praised the new rules.

"In essence, children ... are the only group of U.S. consumers who have at least some protections against the onslaught of digital marketing," Jeffrey Chester, executive director of the Center for Digital Democracy, said in an email. "As you know, junk food marketers are in the forefront of targeting kids and teens with powerful online campaigns."

Chester's group plans to "monitor the market very closely" for compliance, with the focus on large digital services such as Disney and the Cartoon Network, he said. The CDD has also published a parent's guide to the COPPA rules.

At Reed's ACT, the trade group is working with a group called Moms With Apps to help app developers adopt privacy practices and comply with the new COPPA rules. The ACT/Moms with Apps Know What's Inside campaign, launched Monday, will allow app developers to display a privacy seal if they comply with recommended best practices.

A big remaining question is whether parents will use the tools they're given to protect their children's privacy, Reed said. More parental education is needed, and some parents need to take a more active role in managing their children's data, he said.

"What are we going to do on the parent education side?" Reed said. "Ultimately, no matter how sleek or clever or awesome the tools we make are, if parents don't understand them or use them, they will fail."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: ACT, Federal Trade Commission, FTC, IDG, Morgan, Technology
Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: U.S. Federal Trade Commission, regulation, John Feldman, Center for Digital Democracy, internet, Association for Competitive Technology, government, Reed Smith, privacy, Morgan Reed, Jeffrey Chester, security
Latest Blog Posts
Whitepapers
  • Avoiding Common Pitfalls of Evaluating and Implementing DCIM Solutions
    While many who invest in Data Centre Infrastructure Management (DCIM) software benefit greatly, some do not. Research has revealed a number of pitfalls that end users should avoid when evaluating and implementing DCIM solutions. Choosing an inappropriate solution, relying on inadequate processes, and a lack of commitment / ownership / knowledge can each undermine a chosen toolset’s ability to deliver the value it was designed to provide. This paper describes these common pitfalls and provides practical guidance on how to avoid them.
    Learn more »
  • Profit Magazine: Everything You Know About Sales is Wrong
    Everything You Know About Sales is Wrong. Daniel Pink, author of the book, To Sell Is Human unveils the secrets to selling - what makes sales people tick and the traits that make the best sellers successful in today’s marketplace.
    Learn more »
  • ERP Selection: Finding the Right Fit
    Finding a needle in a hay stack is hard, but the task pales in comparison to finding a specific needle in a pile of needles. Selecting the ideal Enterprise Resource Planning (ERP) solution can feel just as daunting. ERP represents a serious investment for any organisation and is vital to future success. This report explores the strategies organisations are employing to find the right ERP fit that will give them the tools they need to thrive.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Salary Calculator

Supplied by

View the full Peoplebank ICT Salary & Employment Index

Recent comments

Computerworld
ARN
Techworld
CMO