Skip to content

Menu

LexBlog, Inc. logo
CommunitySub-MenuPublishersChannelsProductsSub-MenuBlog ProBlog PlusBlog PremierMicrositeSyndication PortalsAboutContactResourcesSubscribeSupport
Join
Search
Close

FTC Updates COPPA Guidance for IoT and New Consent Options

By Julia Kernochan Tama & Jared A. Bomberg on July 14, 2017
Email this postTweet this postLike this postShare this post on LinkedIn

little girl and laptopOn June 21, 2017, the Federal Trade Commission (FTC) updated one of its Children’s Online Privacy Protection Act (COPPA) compliance guides for businesses. Known as the “Six-Step Compliance Plan,” this document provides a step-by-step road map for determining if a company is covered by COPPA and what to do to comply.

COPPA applies to operators of websites and online services that collect “personal information” from children under 13 years of age, where the site or service is directed to children or has actual knowledge that it is collecting personal information from a child. COPPA’s coverage extends to a variety of online services, such as mobile apps, internet-enabled gaming platforms, and – in some cases – companies that collect personal information directly from users of another website or online service (such as ad networks and plug-ins).

The FTC’s updated guidance further clarifies the broad scope of “online services” under COPPA. For instance, the guidance specifies that COPPA can apply to internet-connected toys. The updates include information on COPPA’s coverage of

  • New data collection activities, such as voice-activated devices that collect personal information; and
  • New products, such as internet-enabled devices for kids that collect personal information and other “Internet of Things” devices.

The FTC’s updates also include information on new consent mechanisms to satisfy COPPA’s parental consent requirement, such as the use of knowledge-based authentication questions that would be difficult for someone other than the parent to answer or the use of facial recognition technology to match a face to a verified photo identification. These methods are now recognized by the FTC as acceptable consent mechanisms that can satisfy COPPA’s “verifiable” parental consent requirement.

The FTC issued its guidance update a month after U.S. Senator Mark Warner sent a letter to the FTC asking the agency about its efforts to protect children’s privacy following several high-profile instances of children’s data allegedly being hacked. Children’s privacy historically has been a focus of the FTC’s enforcement and oversight efforts, and this updated guidance signals the Commission’s continued attention to this area.

Additional information on COPPA’s obligations can be found on the FTC’s children’s privacy guidance website, which includes the updated Six-Step Compliance Plan, the FTC’s “Complying with COPPA: Frequently Asked Questions” guidance, and other materials. The COPPA rule is codified at 16 CFR Part 312.

  • Posted in:
    Communications, Media & Entertainment
  • Blog:
    All About Advertising Law
  • Organization:
    Venable LLP
  • Article: View Original Source

LexBlog, Inc. logo
Facebook LinkedIn Twitter RSS
Real Lawyers
99 Park Row
  • About LexBlog
  • Careers
  • Press
  • Contact LexBlog
  • Privacy Policy
  • Editorial Policy
  • Disclaimer
  • Terms of Service
  • RSS Terms of Service
  • Products
  • Blog Pro
  • Blog Plus
  • Blog Premier
  • Microsite
  • Syndication Portals
  • LexBlog Community
  • 1-800-913-0988
  • Submit a Request
  • Support Center
  • System Status
  • Resource Center

New to the Network

  • Boston ERISA & Insurance Litigation Blog
  • Stridon News and Insights
  • Taft Class Action & Consumer Insights
  • Labor and Employment Law Insights
  • Age of Disruption
Copyright © 2022, LexBlog, Inc. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo