FTC Releases COPPA Revision Proposal
FTC Releases COPPA Revision Proposal

FTC Releases COPPA Revision Proposal

Kaamel LabJanuary 14, 2024

In today's digital age, children's education and daily lives are deeply intertwined with the digital world. This evolution has led to extensive collection, storage, and usage of children's personal information by corporations for commercial purposes. Despite this, children often lack the comprehensive understanding and judgment necessary to recognize the ramifications of their personal data being collected. This situation underscores the urgent need for robust protection of children's personal information.

The Children's Online Privacy Protection Act (COPPA) and Its Evolution

COPPA, first enacted in 2000, was a pioneering step in safeguarding the personal information of children under the age of 13 in the United States. This Act established a legal framework for governing the actions of online operators in the collection and processing of children's personal data. Recognizing the need for updates in line with technological advancements, the Federal Trade Commission (FTC) proposed significant amendments to COPPA in September 2011, with the revised bill coming into effect on July 1, 2013.

Keeping Pace with Technological and Industry Developments

As technology and industry have evolved, so too has the landscape of children's online privacy. The proliferation of mobile devices and social networks has led to new challenges in safeguarding children's personal information. The need to revise COPPA to address these emerging issues and enhance the protection of children's data has remained a constant focus. U.S. Congress members have advocated for expanding COPPA's scope to better align with the rapid advancements in internet technology and industry practices.

FTC's Major Proposal for COPPA Amendment

In response to these developments and public feedback, the FTC, on December 20, 2023, announced a significant proposal to amend COPPA. This initiative aims to broaden the protection scope of children's personal data, imposing stricter limitations on online operators regarding the use and monetization of children's personal data, and ensuring the safety of children's information in the digital realm.

Key Elements of the Proposed Amendments

  1. Biometric Identifiers: The proposal seeks to expand the definition of "personal information" under COPPA to include biometric identifiers capable of automatically or semi-automatically identifying individuals, such as fingerprints, retina patterns, and genetic data.
  1. Targeted Advertising: The proposal strengthens the requirements for child privacy protection in targeted advertising, demanding separate and verifiable parental consent for data collection used for advertising purposes.
  1. Persistent Identifiers: Limitations and transparency requirements for collecting persistent identifiers without parental consent are proposed, emphasizing internal operational support while preventing misuse for specific advertising.
  1. Online Time Limitations: The proposal suggests limiting operators' methods that encourage children to spend extended periods online, a step beyond COPPA's original mission.
  1. Educational Technology: Enhanced protection measures are proposed for children's personal information in educational technology, preventing its use for commercial purposes.
  1. Data Security: The proposal calls for operators to establish and maintain robust security programs for children's personal information.
  1. Data Retention: It outlines stricter data retention standards, advocating for the minimization of data retention duration to what is necessary for the original purpose of collection.

The Significance of the Revision

This proposal marks a significant update to COPPA, addressing modern challenges in the digital world where children's online environment has drastically evolved. It reflects a comprehensive approach, covering aspects like notice, consent, data security, and data minimization. This initiative is crucial in the modern context, where large technology firms utilize sophisticated techniques for gathering and using children's personal information. The FTC's proposal represents a timely and robust response to the challenges of protecting children's information online.

Implications for Global Enterprises

In a digital era where online services are integral to children's lives, this proposal underscores the increasing risks of children's personal information being misused. It highlights the FTC's heightened focus on children's information protection, signaling a trend towards more stringent regulatory oversight. For global enterprises, this necessitates an enhanced focus on privacy risk awareness and the importance of protecting children's personal information. It is imperative to review and adapt to these evolving regulations to ensure a safer online experience for children and maintain compliance in business operations.
Other resources:
  1. https://www.ftc.gov/system/files/ftc_gov/pdf/p195404_coppa_reg_review.pdf
  1. https://www.ftc.gov/news-events/news/press-releases/2023/12/ftc-proposes-strengthening-childrens-privacy-rule-further-limit-companies-ability-monetize-childrens
  1. https://www.cassidy.senate.gov/newsroom/press-releases/cassidy-markey-release-joint-statement-applauding-proposed-rule-to-update-childrens-privacy-rules/