Children's Online Privacy Protection Act

From Wikipedia, the free encyclopedia

Not to be confused with the Child Online Protection Act or COPA.

The Children's Online Privacy Protection Act of 1998 (COPPA) is a United States federal law, located at 15 U.S.C. § 65016506 (Pub.L. 105-277, 112 Stat. 2581-728, enacted 1998-10-21). (COPPA is sometimes confused with COPA, the Child Online Protection Act, which concerns the exposure of children to online pornography and which was declared unconstitutional and remains under injunction.)

The act, effective April 21, 2000, applies to the online collection of personal information by persons or entities under U.S. jurisdiction from children under 13 years of age. It details what a website operator must include in a privacy policy, when and how to seek verifiable consent from a parent or guardian, and what responsibilities an operator has to protect children's privacy and safety online including restrictions on the marketing to those under 13.

The Federal Trade Commission has the authority to issue regulations and enforce COPPA. Also under the terms of COPPA, the FTC designated ‘safe harbor’ provision is designed to encourage increased industry self-regulation. Under this provision, industry groups and others may request Commission approval of self-regulatory guidelines to govern participants’ compliance, such that Web site operators in Commission-approved programs would first be subject to the disciplinary procedures of the safe harbor program in lieu of FTC enforcement. To date, the FTC has granted safe harbor to four companies; TRUSTe, ESRB, CARU and Privo.

The Act applies to websites and online services operated for commercial purposes that are either directed to children under 13 or have actual knowledge that children under 13 are providing information online. Most recognized non-profit organizations are exempt from most of the requirements of COPPA.[1] However, the Supreme Court ruled that non-profits operated for the benefit of their members' commercial activities are subject to FTC regulation and consequently also COPPA. The type of "verifiable parental consent" that is required before collecting and using information provided by children under 13 is based upon a "sliding scale" set forth in a Federal Trade Commission regulation[2] that takes into account the manner in which the information is being collected and the uses to which the information will be put.

The application of the Act to photographs of children is a matter of interpretation that is yet to be tested in the courts. However, one US government department says "There is no restriction on the dissemination of photos of children, if they are taken in public spaces, with no identification, and are used only for editorial (not advertising) purposes. The use of pre-arranged photos, taken in a protected environment such as a school or hospital, and showing a highly-defined and recognizable image, requires a release".[3]

The FTC has brought a number of actions against website operators for failure to comply with COPPA requirements, including actions against Girl's Life, Inc.,[4] American Pop Corn Company,[5] Lisa Frank, Inc.,[6] and Mrs. Field's Cookies and Hershey Foods,[7] In September 2006, the FTC levied substantial fines on several enterprises for COPPA violations. The website Xanga was fined USD $1 million for COPPA violations, for repeatedly allowing children under 13 to sign up for the service without getting their parent's consent.[8] Similarly, UMG Recordings, Inc. was fined USD $400,000 for COPPA violations in connection with a Web site that promoted the then 13-year-old pop star "Lil' Romeo," and hosted child-oriented games and activities, and Bonzi Software, which offered downloads of an animated figure "BonziBuddy" that provided shopping advice, jokes, and trivia was fined USD $75,000 for COPPA violations.[9]

[edit] References

  1. ^ COPPA section 1302(2)(B)
  2. ^ http://www.ftc.gov/os/1999/10/64fr59888.pdf
  3. ^ "Children’s Privacy and Copyright Issues", US EPA order
  4. ^ Girls Life, Inc
  5. ^ Jolly Time
  6. ^ Lisa Frank, Inc
  7. ^ FTC Receives Largest COPPA Civil Penalties to Date in Settlements with Mrs. Fields Cookies and Hershey Foods
  8. ^ "FTC fines Xanga for violating kids' privacy - $1 million penalty against social networking site is largest under 1998 law", September 7, 2006
  9. ^ UMG Recordings, Inc. to Pay $400,000, Bonzi Software, Inc. To Pay $75,000 to Settle COPPA Civil Penalty Charges

[edit] External links