Privacy & Information Security Law Blog

On July 17, 2019, the Federal Trade Commission published a notice in the Federal Register announcing an accelerated review of its Children’s Online Privacy Protection Rule (“COPPA Rule” or “Rule”), seeking feedback on the effectiveness of the 2013 amendments to the Rule, and soliciting input on whether additional changes are needed. Citing questions regarding the Rule’s application to the educational technology sector, voice-enabled connected devices, and general audience platforms that host child-directed content, the FTC indicated that it was moving up its review from a standard 10-year timeframe. The Commission vote to conduct the Rule review was unanimous, 5-0.

The FTC seeks general comment on whether the COPPA Rule should be retained, eliminated or modified, as well as on the Rule’s benefits and shortcomings. The Commission seeks specific feedback on the Rule’s definitions, privacy policy requirements, methods of seeking verifiable parental consent, security requirements, parental rights and safe harbor provisions.

Among the 29 questions the Commission posed in the Federal Register for public comment are:

• Should the COPPA Rule be amended to include an exception to the parental consent requirement for (1) the use of education technology where the school provides consent for the collection of personal information from the U13 child or (2) the collection of audio files containing a U13 child’s voice as a replacement for text, where the audio files are promptly deleted?
• Should the Rule’s definition of “personal information” be expanded to include biometric data or personal information that is inferred about, but not directly collected from, U13 children?
• Should the Rule’s definition of “support for the internal operations of a website or online service” be modified to (1) exclude practices in addition to behavioral targeting and profiling or (2) add activities expressly permitted under the definition, such as advertising attribution?
• Does the COPPA Rule correctly articulate the factors to consider in determining whether a website or online service is directed to children, or should additional factors be considered?
• Should the COPPA Rule be amended to address websites or online services that are not “child-directed” but that have a large number of child users?
• Should general audience platforms that identify and police third-party, child-directed content should be able to rebut the presumption that all users interacting with that content are children, thereby allowing such platforms to treat U13 users and over age 13 users differently?
• What implications for enforcement of the COPPA Rule are raised by technologies such as interactive television, interactive gaming, chatbots or other similar interactive media?
• Are there other methods of verifiable parental consent that should be added to the Rule?  Should any methods be removed?
• Should the Rule include additional exceptions to the requirement to obtain parental consent?

All public comments must be submitted to the FTC by October 15, 2019. Comments must be filed to www.regulations.gov or mailed to the FTC. The FTC will hold a public workshop to review the COPPA Rule on October 7, 2019.