United States: Have You Recently Considered Whether Your Website Complies With The Children’s Online Privacy Protection Act?

The Children's Online Privacy Protection Act (COPPA) is not new, but it seems that many new startups have either not given it much thought or don't know about it.  As a refresher, COPPA applies to you if: (i) you operate a website directed to children under the age of 13; or (ii) your website has a general audience, but you actually know you are collecting personal information from children under the age of 13.

If you are confident that neither of these are true, then this exercise is completed.  If, on the other hand, that second one bothers you, then please read the rest of this.  More importantly, review the Federal Trade Commission's guidance on How to Comply with the Children's Online Privacy Protection Rule. 

Although this is certainly not intended to be a comprehensive list of the COPPA requirements, below are some of the general requirements:

• Clearly and prominently provide a link on your home page to your website's information practices;

• Include in your policy specific information about who is collecting the information, what is being collected, how it is being collected, and how it is being used;

• Before you begin collecting from a child, you must obtain verifiable consent from the child's parent;

• You must give the child's parent the option to stop information from being shared with third parties;

• You cannot collect more information from the child than is reasonably necessary; and

• You must provide a procedure for the parent to have the personal information deleted.

This list is not comprehensive, but instead hits the highlights of the COPPA requirements.  Additional information can be obtained from the FTC here and here.  The text of the Act can be found here.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.