COPPA Protects Children’s Privacy Rights

Oct 19, 2018

In 1998, Congress enacted the Children’s Online Privacy Protection Act (COPPA) to  protect the privacy and safety of children under the age of 13. Among other things, COPPA protects children’s privacy rights by prohibiting websites, apps and online services from collecting and disclosing their personal information without first obtaining parental consent.

How does COPPA protect children’s privacy rights?

COPPA, along with certain rules and regulations promulgated by the Federal Trade Commission (FTC), require the operators of commercial websites, app developers and third party online services to meet certain requirements if they have actual knowledge that their site, app or service collects, uses or discloses personal information obtained from children. These requirements include:

  • posting a privacy policy that clearly explains and describes what data is collected, how it’s used and whether and how it’s disclosed;
  • giving direct, clear and understandable notice to parents about data collection practices; and
  • getting verifiable consent from parents before collecting, using or disclosing children’s personal information.

Do parents have recourse against companies that violate their children’s privacy rights?

Unfortunately, parents can’t sue companies for simply failing to comply with COPPA’s requirements (although the FTC and can frequently does). But conduct that violates COPPA may also be an unfair or deceptive act or practice that violates our consumer protection law, Mass. General Laws Chapter 93A.

Any parent who successfully sues a website operator, an app developer or third party service for violating Chapter 93A may be entitled to money damages and reimbursement for their legal fees. Judges also have the power to double or triple damages for knowing and willful violations of Chapter 93A.

Are COPPA violations common?

Very. A lot of websites, apps and online services that collect and mine personal information from children make a habit of pushing the envelope when it comes to complying with COPPA’s requirements. A recent study found that thousands of apps designed specifically for children were collecting their personal information without first providing notice and obtaining parental consent.

This study prompted Massachusetts Senator Ed Markey and Connecticut Senator Richard Blumenthal to write a letter to the FTC last month to “express their concern about the growing number of children’s applications that have been alleged to improperly track children and collect their personal information.” A copy of the letter can be found here.

The FTC’s response was not known when this post was written.

Share by: