The Children’s Online Privacy Protection Act (COPPA) is a United States federal law enacted in 1998 to protect the privacy of children under 13 years of age online. The act regulates the collection and use of personal information from children by websites and online services, including mobile apps and connected toys.
Key provisions of COPPA include:
Parental consent: Websites must obtain verifiable parental consent before collecting personal information from children under 13.
Privacy policy: Operators must post a clear and comprehensive privacy policy describing their information practices for children’s personal information.
Limited information collection: The act restricts the types and amount of personal information that can be collected from children.
Parental access: Parents have the right to review their child’s personal information, request its deletion, and refuse further collection or use of the child’s information.
Data security: Operators must maintain the confidentiality, security, and integrity of information they collect from children.
Safe harbor provisions: The act allows industry groups to submit self-regulatory guidelines for FTC approval.
COPPA is enforced by the Federal Trade Commission (FTC) and has been updated several times to address changes in technology and online practices. While the act has improved online privacy protections for children, it has also faced criticism for its implementation challenges and potential limitations on children’s access to online resources.
