Kids' Online Privacy: The Next Generation
It’s no secret that kids take to the Internet like — hmm, ducks to water.
It’s also no secret that parents are concerned about their kids’ privacy online.
And it’s no secret that since April 2000, the FTC has vigorously enforced the Childrens Online Privacy Protection Act, which requires operators of websites or online services directed to kids under 13 to give notice to parents — and get their verifiable consent — before collecting, using, or disclosing a pre-teen’s personal information.
Now the FTC has announced some changes to the COPPA Rule that beef up privacy protections and parental controls, and bar the use of behavioral marketing techniques aimed at kids without getting a parent’s okay. The changes also:
- expand the definition of personal information to include geolocation information, as well as photos, videos, and audio files that contain a child’s image or voice;
- re-define collection of personal information so that operators may allow kids to participate in interactive communities without their parent’s okay — as long as the operators take reasonable measures to delete all a preteen’s personal information before it is made public;
- require that parental notices put key information upfront so that what operators tell Moms and Dads is clearer and easier to understand. Clear, concise descriptions of information practices could mean we’ll be seeing privacy policies that actually are readable on smaller screens.
You can find the details of the amendments to the COPPA Rule here, but the 50,000-foot view is this: The changes are primarily about permission. They make it easier for operators to get permission directly from parents upfront, and they make it easier for parents to read the notices — and if they choose, to give their okay.