China -  Chinese law firm

FTC issues FAQs for revised COPPA Rules

Q: What does COPPA stand for and when will COPPA become effective?

 

A: COPPA means the Children’s Online Privacy Protection Rule, and will become effective on July 1, 2013. COPPA required the Federal Trade Commission to issue and enforce regulations concerning children’s online privacy.  The Commission’s original COPPA Rule became effective on April 21, 2000.  The Commission issued an amended Rule on December 19, 2012.  The amended Rule will become effective on July 1, 2013.

 

Q: What is goal of COPPA?

 

A: The goal of COPPA is to protect the interest of children under age 13. If the operators of commercial Web sites and online services (including mobile apps) intend to collect, use, or disclose personal information from children under age 13, and operators of general audience Web sites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under 13, they must comply with the procedures and requirements as set out in COPPA.

 

Q: Who will be covered by COPPA?

A: COPPA will cover the operators of commercial Web sites and online services (including mobile apps) intend to collect, use, or disclose personal information from children under age 13, and operators of general audience Web sites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under 13.

 

Q: What types of online service does COPPA apply to?

A:  COPPA cover not only the web sites, but also online services. Under COPPA, the term “online services” broadly covers any service available over the Internet, or that connects to the Internet or a wide-area network.  Examples of online services include services that allow users to play network-connected games, engage in social networking activities, purchase goods or services online, receive online advertisements, or interact with other online content or services.  Mobile applications that connect to the Internet, Internet-enabled gaming platforms, voice-over-Internet protocol services, and Internet-enabled location-based services also are online services covered by COPPA.

 

Q: What does “personal information” include under COPPA?

A: Under COPPA, the personal information includes fist and last name, a home or other physical address including street name and name of a city or town, online contact information, a screen or user name that functions as online contact information, a telephone number, a social security number, persistent identifier that can be used to recognize a user over time and across different Web sites or online services; a photograph, video, or audio file, where such file contains a child’s image or voice, geolocation information sufficient to identify street name and name of a city or town, and information concerning the child or the parents of that child that the operator collects online from the child and combines with an identifier described above.

 

Q: What should the operators of commercial web sites and online services do under COPPA if they intend to collect, use, or disclose personal information from children under age 13  ?

A: They must: 1) post a clear and comprehensive online privacy policy describing their information practices for personal information collected online from children; 2) provide direct notice to parents and obtain verifiable parental consent, with limited exceptions, before collecting personal information online from children;3) give the parents the choice of consenting to the operator’s collection and internal use of a child’s information, but prohibiting the operator from disclosing that information to third parties (unless disclosure is integral to the site or service, in which case, this must be made clear to parents); 4) provide parents access to their child’s personal information to review and/or have the information deleted; 5) give parents the opportunity to prevent further use or online collection of a child’s personal information; 6) maintain the confidentiality, security, and integrity of information they collect from children, including by taking reasonable steps to release such information only to parties capable of maintaining its confidentiality and security; and 7)  retain personal information collected online from a child for only as long as is necessary to fulfill the purpose for which it was collected and delete the  information using reasonable measures to protect against its unauthorized access or use.

 

RSS Feeds