Now that one-year-olds have mastered iPads, it's clear that children
will be interacting with the Internet more and more — and
at a younger age.
Back in the late 1990s, the federal government demonstrated
remarkable prescience about this technological shift and created
strict rules that govern the information websites collect on
underage users. It's because of that law, the Children's Online Privacy Protection Act
(COPPA), that so many sweepstakes and contests exclude children
under the age of 13.
COPPA went into effect in April 2000. The law is designed to
give parents control over the information that is collected online
from their children. However, the rule applies only to children who
are under the age of 13. It covers all operators of commercial
websites and online services directed at children under 13 that
"collect, use, or disclose personal information from
children." The rule also applies to operators of
general-audience websites and online services if they have actual
knowledge that they are obtaining, using or disclosing personal
information from children under 13.
The rule contains a number of specific requirements. For
example, operators covered by the rule must:
how they handle children's personal information and post this
policy on their website;
Notify parents and obtain "verifiable parental
consent" before collecting information from children, subject
to several so-called "email" exceptions that allow an
operator to obtain parents' consent via email in certain
Offer parents the option of consenting to the operator
collecting and internally using the child's information while
at the same time prohibiting the operator from disclosing their
child's information to third parties;
Allow parents to access their child's collected personal
information as well as the right to review the information and have
Give parents the opportunity to prevent the further use or
collection of their child's personal information online;
Protect the confidentiality, security, and integrity of
information collected from children under the age of 13.
COPPA also bars operators from forcing children to provide more
information than is reasonably necessary before allowing them to
participate in online activities.
The Federal Trade Commission aggressively enforces the COPPA
Rule; violators can be fined up to $11,000 per violation. In
addition, states and certain other federal agencies, such as the
Department of Transportation, have the authority to enforce COPPA
as it pertains to their jurisdictions.
Because of the complications and expense of complying with the
COPPA requirements and the risk of large fines for even an
inadvertent failure to comply, it's not surprising that many
sponsors of sweepstakes and contests decide to exclude
participation by persons under 13.
The FTC is currently in the process of amending the COPPA Rules
in an effort to keep the regulation up to-date with the
technological developments and increased usage of the Internet by
children that have occurred since 2000. The second article in this
series will discuss the FTC's proposed amendments.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
The European Parliament has approved the reformed General Data Protection Regulation (the "GDPR"). Given this is a Regulation (rather than a Directive), this legislation will apply automatically in every Member State ...
Triggering a landslide of legislative reforms and legal battles, the European Court of Justice's ("ECJ") landmark judgment of April 8, 2014, Digital Rights Ireland (C-293/12), invalidated the Data Retention Directive 2006/24/EC, which provided that providers of publicly available communications services must retain certain data.
Following the July 12, 2016, adoption by the European Commission of the EU-U.S. Privacy Shield (the "Privacy Shield"), companies engaging in trans-Atlantic data sharing can now register for the Privacy Shield.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).