Children’s Online Privacy Protection Act (COPPA)
Congress enacted the Children’s Online Privacy Protection Act (COPPA) in 1998. COPPA required the Federal Trade Commission to issue and enforce regulations concerning children’s online privacy. The Commission’s original COPPA Rule became effective on April 21, 2000. The Commission published an amended Rule on January 17, 2013. The amended Rule took effect on July 1, 2013.
The primary goal of COPPA is to place parents in control over what information is collected from their young children online. The Rule was designed to protect children under age 13, while accounting for the dynamic nature of the Internet.
Is Complying with COPPA Mandatory?
The Rule applies to operators of commercial websites and online services (including mobile apps and IoT devices, such as smart toys) directed to children under 13 that collect, use, or disclose personal information from children, or on whose behalf such information is collected or maintained (such as when personal information is collected by an ad network to serve targeted advertising).
The Rule also applies to operators of general audience websites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under 13, and to websites or online services that have actual knowledge that they are collecting personal information directly from users of another website or online service directed to children.
What are the penalties for not complying with COPPA?
A court can hold operators who violate the Rule liable for civil penalties of up to $46,517 per violation.