FTC updates child online privacy laws, exempts mobile apps
The Federal Trade Commission today updated its child online privacy laws that haven’t been updated in more than a decade, creating new guidelines that improve children’s online privacy.
Child-directed websites and online services will now have to obtain parental consent before collecting children’s personal information such as geolocation data, photos, videos, audio files or online behavior before sending the data to third-party companies.
The definition of a website or online service will expand to include third-party “plug-ins” on websites — for example, Facebook’s Like button — or ad networks that have “actual knowledge” that they are collecting through a child-directed website or online service.
The particular law the FTC made changes to was the Children’s Online Privacy Protection Act (Coppa), an Act the FTC initiated a review of in 2010 to ensure it stayed up-to-date in this ever-evolving world of technology — especially with the rise of mobile devices and social networks.
The new rules explicitly exempt app “platforms” like the Apple App Store and Google Play from complying with Coppa because they only offer “public access” to kids’ apps, as opposed to targeting kids directly and exclusively.
“The Commission takes seriously its mandate to protect children’s online privacy in this ever-changing technological landscape,” FTC Chairman Jon Leibowitz said in a statement. “I am confident that the amendments to the Coppa Rule strike the right balance between protecting innovation that will provide rich and engaging content for children, and ensuring that parents are informed and involved in their children’s online activities.”
The Coppa Rule, which Congress passed in 1998, required kids’ websites or online services to obtain parental consent before collecting personal information from children under 13 years old, but the technology landscape has dramatically changed since then.
The FTC, the federal agency that oversees business practices, will continue to allow websites or online services to collect children’s personal information for internal use, so long as the website or online service obtains parental consent via email.
Last week, the FTC released a report that found hundreds of kids’ apps that were acquiring data without parental consent.
The amendments to the Coppa Rule will go into effect on July 1, 2013.