Protecting children in the digital age: where does COPPA come in?
With advanced digital technologies and the boom of social networks, children are online more than ever. In the US, daily screen use for children aged 8 to 10 averages 6 hours, 7.5 hours for 15 to 18-year-olds, and an alarming 9 hours for 11 to 14-year-olds.
This online presence leaves children susceptible to different threats and data breaches, and they have inadvertently become an enticing audience for advertisers; in fact, global digital ad spending is set to surpass $600 billion in 2023.
Meanwhile, numerous apps and digital services tailored towards children have flouted privacy standards, jeopardising young users' personal data. Microsoft was hit with a $20 million FTC fine in June for collecting children’s personal data on its Xbox system without notifying parents or obtaining consent. The FTC, this year also announced an enforcement order against Ed Tech provider, Edmodo, for unlawfully using children’s data for advertising.
Enter COPPA - the law dedicated to the safety of children's data and online experiences.
What is COPPA?
The Children's Online Privacy Protection Act (COPPA) is a US federal law that ensures websites and online services refrain from exploiting the online behaviours and information of children under 13.
Some of the key provisions of COPPA include:
Clear privacy policies: operators must offer a transparent privacy policy detailing their data collection practices.
Verifiable parental consent: parental consent is a must before collecting, using, or revealing children's personal information.
Parental control over information: parents can gain access for review and decide on the use or collection of their child's data, and can even prohibit its disclosure to third parties.
Protection of children's information: mandatory procedures to shield the confidentiality and integrity of children's data.
Data retention and deletion: personal data retention is allowed only if necessary and should be securely deleted afterwards.
Enforcement and penalties: the FTC monitors and enforces COPPA, with the power to impose large-scale fines for non-compliance.
Why Is COPPA so crucial?
COPPA offers significant benefits: it acts as a digital guard for children's information, empowers parents on data decisions, and ensures websites comply. As a federal law, it means that all US states must comply with protecting children’s data online. Websites that bypass COPPA face steep fines - up to $50,120 per mishap. Given the importance of children's data, such safeguards are essential.
What is COPPA’s future and how can we help children recognise the importance of personal data protection whilst online?
Web developers, online data collectors, and processors are responsible for respecting and upholding COPPA's standards. But it is also crucial for parents and guardians to initiate dialogues with their children about personal data - how to protect their data and how they can keep themselves safe online.
Currently, there is an active push for educational institutions to work alongside COPPA regulations by collaborating with compliant tech providers to guarantee their systems adhere to privacy standards. For example, the FTC has released guidance to make it easier for schools to comply with COPPA and choose providers accordingly.
However, there's an imperative need for schools to not only ensure their digital tools are COPPA compliant but also to incorporate data protection education in their curriculum. This will equip students with the knowledge and skills to navigate the online world safely.
Looking ahead: while COPPA serves as a robust framework, is it enough in the current tech landscape?
More comprehensive measures might be needed - which means parents, educators and policymakers must work collectively to update the current legislative framework in a way that reflects current and future habits of children online.
Quick tips for COPPA compliance:
Establish a clear and comprehensive online privacy policy.
Directly notify parents about data practices.
Secure verifiable parental consent and enable parental review.
Implement procedures to safeguard personal information's confidentiality, security, and integrity.
Retain data only as long as necessary.
Avoid excessive data collection; collect only what's essential.
In a digital landscape where children are regularly exposed to endless streams of information, their personal data can easily become a target for misuse. COPPA stands as a bulwark dedicated to safeguarding their online experiences. This regulation acts as a key reminder of the collective responsibility we hold to protect children’s digital footprints as much as possible.