Federal Internet Law & Policy
An Educational Project

Privacy: COPPA Reference

Dont be a FOOL; The Law is Not DIY
  Who Must Comply
  What is Required
    Parental Consent
    Sliding Scale
    Parental Review
    Data Security
  "Personal Info"
  Giving Away Stuff

- Privacy
- Fair Info Practices
- 4th Amendment
- - ECPA
- - FISA
- - Patriot Act
- - Expectation
- - Cybersecurity
- - Anonymity
- - ID Theft
- - Spyware
- - Children's Privacy
- - Cookies
- - Social Networks
- - Advertising
- - Online Profiling
- - Privacy Policies
- - Enforcement
- - CPNI
- - Cable
Dept of Commerce
- - NTIA
- - NIST
- - EU Safe Harbors
- The Feds
- - Pri.Protection Act
- - Privacy Act
- - Pri. Impact Statements
- - Info Law
- - The Press
- Geolocation
- - Location Based Services
- Reference

:: Home ::
:: Store ::
:: Feedback ::
:: Disclaimer ::
:: Sitemap ::


Federal Activity

Proposed Revisions to the COPPANo. Comments Due by November 28.
  • Revised Children's Online Privacy Protection Rule Goes Into Effect Today 7/1/13 : "The revised COPPA rule addresses changes in the way children use and access the Internet, including the increased use of mobile devices and social networking. The modified rule,approved by the Commission in December 2012, widens the definition of children’s personal information to include persistent identifiers such as cookies that track a child’s activity online, as well as geolocation information, photos, videos, and audio recordings."
  • For Release: 9/15/2011 FTC Seeks Comment on Proposed Revisions to Children's Online Privacy Protection Rule
    Changes in Technology Drive Proposed Updates
  • Notice Nov. 18, 2011 FTC Extends Deadline for Comments on Proposed Amendments to the Children's Online Privacy Protection Rule Until December 23
  • The Federal Trade Commission is seeking public comment on proposed amendments to the Children's Online Privacy Protection Rule , which gives parents control over what personal information websites may collect from children under 13. The FTC proposes these amendments to ensure that the Rule continues to protect children's privacy, as mandated by Congress, as online technologies evolve. The Commission proposes modifications to the Rule in five areas: definitions, including the definitions of "personal information" and "collection," parental notice, parental consent mechanisms, confidentiality and security of children's personal information, and the role of self-regulatory "safe harbor" programs.
  • . . . . .
  • Does not recommend raising COPPA age to include teenagers
  • Unchanged Knowledge standard unchanged (websites that have actual knowledge that collect information from children)
  • Online Services: originally covered websites and services such as AOL Term was never defined. Suggest cover any service over the Internet or connects to the Internet - such as mobile applications (network connected games, social media, ecom, receiving behavior targeted advertising). Could be internet enabled gaming platform, VoIP
  • Recent consent decree re itunes app provider that targeted children under age of 13
  • Personal information - FTC has discretion to include other identifiers. Purpose to include persistent identifiers including those in cookies where those identifiers are not used for internal operation of site. Purpose to include geolocation information and screen names where does not support internal operation of site. Include photos. Would be permitted when used to support internal operation of service. Those technical activities that would permit functioning; user authentication; site navigation; maintain personal preferences' contextual advertisements; protect against fraud or theft.
  • Require parental consent where used for behavioral advertising
  • Change criteria of what is website or service that is aimed at children. Added to list, presence of musical content or celebreties that appeal to children
  • Change defeintion of collects or collection to make it easier for sites to offer interactive content to children and not fear violation of COPPA if have system of deleting child personal information before posted
  • Update ways to get parental consent - electronic scans, video conference, identifications
  • Consent methods are electives - not prefering one method over another. Must be reasonably calculated that hte person is in fact the parent of the child. Proposed to eliminate sliding scale mechanism for consent. Had always intended this to be temporary. The email+ method of verification is unreliable. Time has come to eliminate this method. New concent processes: (1) Groups submit to FTC for review a new concent method (2) Operators particpate in safe harbor program use method recognized by safe harbor program.
  • Children's Online Privacy Protection Act Docket . Comments Due June 30

    For Release: 03/24/2010 FTC Seeks Comment on Children's Online Privacy Protections; Questions Whether Changes to Technology Warrant Changes to Agency Rule

    In light of rapidly evolving technology and changes in the way children use and access the Internet, the Federal Trade Commission is seeking public comment on the costs and benefits of an FTC rule designed to protect children online.

    The FTC's Children's Online Privacy Protection Act (COPPA) Rule became effective on April 21, 2000. COPPA imposes requirements on operators of Web sites or online services that are aimed at children under 13 years of age, or that knowingly collect personal information from children under 13. Among other things, the Rule requires that online operators notify parents and get their permission before collecting, using, or disclosing personal information from children. It also requires that the operators keep the information they collect from children secure, and prohibits them from requiring children to turn over any more personal information than is reasonably necessary to participate in activities on their Web sites.

    In 2005, the FTC initiated a congressionally required review of the Rule, and after considering extensive public comment decided to retain it without change. However, the Commission believes that changes to the online environment over the past five years, including children's increasing use of mobile technology to access the Internet, warrant reexamining the Rule.

    In a Federal Register notice to be published shortly, the FTC poses its standard regulatory review questions and identifies several areas where public comment would be especially useful. Among other things, the FTC asks:

  • What implications for COPPA enforcement are raised by mobile communications, interactive television, interactive gaming, or other similar interactive media.
  • For input on the use of automated systems - those that filter out any personally identifiable information prior to posting - to review children's Web submissions.
  • Whether operators have the ability to contact specific individuals using information collected from children online, such as persistent IP addresses, mobile geolocation data, or information collected in connection with behavioral advertising, and whether the Rule's definition of "personal information" should be expanded accordingly.
  • Whether there are additional technological methods to obtain verifiable parental consent that should be added to the COPPA Rule, and whether any of the methods currently included should be removed.
  • Whether parents are exercising their right under the Rule to review or delete personal information collected from their children, and what challenges operators face in authenticating parents.
  • Whether the Rule's process for FTC approval of self-regulatory guidelines - known as safe harbor programs - has enhanced compliance, and whether the criteria for FTC approval and oversight of the guidelines should be modified in any way.
  • Copies of the Federal Register Notice and the public comments received will be posted on the FTC's Web site at:

    The 90-day comment period will end on June 30, 2010. The Commission also will hold a public roundtable on the COPPA Rule review on Wednesday, June 2, 2010, at the FTC Conference Center, 601 New Jersey Avenue, N.W., Washington, DC.

    Interested parties can submit written comments electronically or in paper form, by following the instructions in the Invitation To Comment part of the "Supplementary Information" section. Comments in electronic form should be submitted using the following Web link: (and following the instructions on the web-based form). Comments in paper form should be mailed or delivered to: Federal Trade Commission, Office of the Secretary, Room H-135 (Annex E), 600 Pennsylvania Avenue, N.W., Washington, DC 20580.

  • FTC Hearing Protecting Kids' Privacy Online June 2, 2010
  • FTC Retains Children’s Online Privacy Protection (COPPA) Rule Without Changes, FTC 3/9/2006
  • COPPA Application, FTC 11/29/2005
  • Children‘s Online Privacy Protection Rule, 71 Fed. Reg. 13,247, 13,258 (Mar. 15, 2006)
  • No later than April 21, 2005, the Commission shall initiate a  rulemaking review proceeding to evaluate the implementation of this  part, including the effect of the implementation of this part on  practices relating to the collection and disclosure of information  relating to children, children's ability to obtain access to  information of their choice online, and on the availability of websites  directed to children; and report to Congress on the results of this  review.  15 CFR § 312.11.  COPPA Sec. 1307. Aug 22 Children's Online Privacy Protection Act (COPPA) Compliance Training Program for Website Operators. FTC.
  • Online Privacy: A Report to Congress (6/98)
  • Papers


  • You, Your Privacy Policy and COPPA, FTC 4/24/02
  • FTC Coppa Compliance Tool Kit, FTC 4/24/02
  • FTC Press Release:  Federal Trade Commission Testifies on Children's Online Privacy Protection Act (Coppa) 5/18/00
  • How to Comply With  The Children's Online Privacy Protection Rule November 1999
  • Powerpoint Presentation on the COPPA Rule [TXT]
  • You, Your Privacy Policy and COPPA. How to Comply with the Children's Online Privacy Protection Act [TXT] [PDF]
  • Frequently Asked Questions About the Children's Online Privacy Protection Rule [TXT]
  • FTC's Kidz Privacy Webside
  • Aug 22 Children's Online Privacy Protection Act (COPPA) Compliance Training Program for Website Operators. FTC.
  • 16 CFR Part 312 as published in 64 Fed Reg 59888
  • Frequently Asked Questions (and Answers)About the Children's Online Privacy Protection Act (COPPA) EFF
  •  A Parent's Guide to Children's Privacy Online
  • coppacoppa