Earlier this week, the Federal Trade Commission (FTC) finalized amendments to the Children’s Online Privacy Protection rule, which implements the Children’s Online Privacy Protection Act of 1998 (COPPA). The COPPA rule provides for privacy protections and gives parents greater control over the personal information that websites and online services may collect from children under the age of 13.
Specifically, the COPPA rule requires that operators of websites or online services that are either directed to children under age 13 or have actual knowledge that they are collecting personal information from children under age 13 give notice to parents and get their verifiable consent before collecting, using, or disclosing such personal information, and keep secure the information they collect from children. It also prohibits them from conditioning children’s participation in activities on the collection of more personal information than is reasonably necessary for them to participate.
The FTC initiated a review in 2010 to ensure that the COPPA rule keeps up with evolving technology and changes in the way children use and access the internet, including through mobile devices and social networking. The final rule includes modifications to the following definitions: “operator,” “website or online service directed to children,” “personal information,” and others that credit unions will want to review against their operating policies and procedures with respect to youth programs, websites and perhaps other activities which may be subject to the COPPA rule’s requirements.