Protecting Children's Privacy Under COPPA | Federal Trade Commission
33.4 هزار بار بازدید -
11 سال پیش
-
This video outlines five key
This video outlines five key changes to the Children's Online Privacy Protection Rule that your business needs to know about. The revised rule expands who's covered by COPPA, puts additional protections in place, and streamlines other procedures companies must follow.
Content creators, are you looking for information on the definition of “directed to children” under the Children’s Online Privacy Protection Rule? Read the Business Blog for staff guidance from FTC’s Kristin Cohen about what COPPA covers: https://www.ftc.gov/news-events/blogs...
******************************
Partial Transcript:
When it comes to information that companies collect online from kids under 13, parents should be in control. That's the thinking behind the Children's Online Privacy Protection Act and the COPPA rule. The rule has been in place for years. But the Federal Trade Commission, the nation's consumer protection agency, has revised COPPA to keep pace with technology. If your company has been complying with COPPA, the basics still apply. You still have to give notice to parents and get their verifiable consent before you collect, use, or disclose personal information from children under 13. You still have to keep kids information secure. And the revised COPPA rule retains Safe Harbor provisions so that groups can submit programs for FTC approval. But five key changes to COPPA take effect July 1, 2013. Here's what your business needs to know.
I'm Peder Magee, an attorney with the FTC.
So what's new about COPPA?
The first important change is that the FTC has revised some definitions to expand who's covered by COPPA and the kinds of information that require companies to comply with the rule.
The rule has always applied if you operate a website, an online service, or an app directed to children under 13.
It also applies if you have a site, a service, or an app directed to a general audience and you have actual knowledge that you're collecting personal information online from kids in that under 13 age group.
Revisions to the rule make it clear that COPPA also covers an operator of a child-directed site or service where it allows outside services like plug-ins or
advertising networks to collect personal information from visitors.
In addition, if a plug-in or ad network has actual knowledge that it's collecting personal information through a child-directed site or service, the plug-in or ad network is covered by COPPA too. The upshot?
The rule applies to companies that may be new to COPPA compliance.
The FTC also has revised the definition of the types of information COPPA covers.
The rule has always applied if companies collect certain kinds of personal information from kids under 13, like their first and last name, a home address, a phone number, an
email address, online contact information, or a screen or user name that functions as online contact information.
But the FTC has clarified that definition.
The COPPA rule covers geolocation information that can identify a street name and the city or town.
And we've expanded the rule to include photos, videos, and audio files that contain a kid's image or voice as well.
Something else covered under the revised COPPA rule, persistent identifiers that can be used to recognize a user over time and across different sites or online services.
But there's a notable exception here.
COPPA's parental notice and consent requirements don't apply if the identifier is used just to support your site's internal operations.
Take a look at the rule for more about the meaning of internal operations in this context.
Another change to COPPA relates to what operators need to tell parents.
It's still the law that you have to notify parents directly and get their verifiable consent before collecting personal information online from their kids.
But now you need to know to put certain key pieces of information upfront within the notice you send.
You'll want to read the rule for the specifics.
But the big picture is that it's not enough just to give parents a link to something on your site and expect them to figure things out for themselves.
This change will make it easier for parents to get the important details they need when they need them.
The rule also streamlines what you have to include in your online privacy policy about your information practices The third change involves new ways to get the parental consent COPPA requires.
In addition to the methods already in the rule, including FTC approved Safe Harbor Programs, COPPA now gives businesses more ways to get a parent's OK.
For example, electronic scans of signed consent forms, video conferencing, the use of government issued IDs, and alternative payment systems, assuming they meet the same stringent criteria as credit cards.
Content creators, are you looking for information on the definition of “directed to children” under the Children’s Online Privacy Protection Rule? Read the Business Blog for staff guidance from FTC’s Kristin Cohen about what COPPA covers: https://www.ftc.gov/news-events/blogs...
******************************
Partial Transcript:
When it comes to information that companies collect online from kids under 13, parents should be in control. That's the thinking behind the Children's Online Privacy Protection Act and the COPPA rule. The rule has been in place for years. But the Federal Trade Commission, the nation's consumer protection agency, has revised COPPA to keep pace with technology. If your company has been complying with COPPA, the basics still apply. You still have to give notice to parents and get their verifiable consent before you collect, use, or disclose personal information from children under 13. You still have to keep kids information secure. And the revised COPPA rule retains Safe Harbor provisions so that groups can submit programs for FTC approval. But five key changes to COPPA take effect July 1, 2013. Here's what your business needs to know.
I'm Peder Magee, an attorney with the FTC.
So what's new about COPPA?
The first important change is that the FTC has revised some definitions to expand who's covered by COPPA and the kinds of information that require companies to comply with the rule.
The rule has always applied if you operate a website, an online service, or an app directed to children under 13.
It also applies if you have a site, a service, or an app directed to a general audience and you have actual knowledge that you're collecting personal information online from kids in that under 13 age group.
Revisions to the rule make it clear that COPPA also covers an operator of a child-directed site or service where it allows outside services like plug-ins or
advertising networks to collect personal information from visitors.
In addition, if a plug-in or ad network has actual knowledge that it's collecting personal information through a child-directed site or service, the plug-in or ad network is covered by COPPA too. The upshot?
The rule applies to companies that may be new to COPPA compliance.
The FTC also has revised the definition of the types of information COPPA covers.
The rule has always applied if companies collect certain kinds of personal information from kids under 13, like their first and last name, a home address, a phone number, an
email address, online contact information, or a screen or user name that functions as online contact information.
But the FTC has clarified that definition.
The COPPA rule covers geolocation information that can identify a street name and the city or town.
And we've expanded the rule to include photos, videos, and audio files that contain a kid's image or voice as well.
Something else covered under the revised COPPA rule, persistent identifiers that can be used to recognize a user over time and across different sites or online services.
But there's a notable exception here.
COPPA's parental notice and consent requirements don't apply if the identifier is used just to support your site's internal operations.
Take a look at the rule for more about the meaning of internal operations in this context.
Another change to COPPA relates to what operators need to tell parents.
It's still the law that you have to notify parents directly and get their verifiable consent before collecting personal information online from their kids.
But now you need to know to put certain key pieces of information upfront within the notice you send.
You'll want to read the rule for the specifics.
But the big picture is that it's not enough just to give parents a link to something on your site and expect them to figure things out for themselves.
This change will make it easier for parents to get the important details they need when they need them.
The rule also streamlines what you have to include in your online privacy policy about your information practices The third change involves new ways to get the parental consent COPPA requires.
In addition to the methods already in the rule, including FTC approved Safe Harbor Programs, COPPA now gives businesses more ways to get a parent's OK.
For example, electronic scans of signed consent forms, video conferencing, the use of government issued IDs, and alternative payment systems, assuming they meet the same stringent criteria as credit cards.
11 سال پیش
در تاریخ 1392/04/11 منتشر شده
است.
33,415
بـار بازدید شده