Children's Online Privacy Protection Act

The Children's Online Privacy Protection Act of 1998 (COPPA) is a United States federal law, located at 15 U.S.C. §§ 65016506 (Pub. L. 105–277 (text) (PDF), 112 Stat. 2681-728, enacted October 21, 1998).

Children's Online Privacy Protection Act
Great Seal of the United States
Acronyms (colloquial)COPPA
Enacted bythe 105th United States Congress
EffectiveApril 21, 2000; 24 years ago (2000-04-21)
Citations
Public law105-277
Legislative history

The act, effective April 21, 2000, applies to the online collection of personal information by persons or entities under U.S. jurisdiction about children under 13 years of age, including children outside the U.S. if the website or service is U.S.-based.[1] It details what a website operator must include in a privacy policy, when and how to seek verifiable consent from a parent or guardian, and what responsibilities an operator has to protect children's privacy and safety online, including restrictions on the marketing of those under 13.[2]

Although children under 13 can legally give out personal information with their parents' permission, many websites—particularly social media sites, but also other sites that collect most personal info—disallow children under 13 from using their services altogether due to the cost and work involved in complying with the law.[3][4][5]

An updated version of COPPA, the Children and Teens' Online Privacy Protection Act, informally called COPPA 2.0, has been introduced in the 118th Congress in 2023.[6] COPPA 2.0 was again introduced in Congress on April 9, 2024 by representatives Tim Walberg and Kathy Castor.[7] If adopted as proposed, it would effectively raise the age covered by COPPA from 13 to 16 years, prohibit targeted advertising to children and teens, and make certain other changes to COPPA.[8]

Background

edit

In the 1990s, electronic commerce was on its rise of popularity, but various concerns were expressed about the data collection practices and the impact of Internet commerce on user privacy—especially for children under 13, because very few websites had their own privacy policies.[9] The Center for Media Education petitioned the Federal Trade Commission (FTC) to investigate the data collection and use practices of the KidsCom website, and take legal action since the data practices violated Section 5 of FTC Act concerning "unfair/deceptive practices." With the passing of the Drivers Privacy Protection Act in 1997, new precedents had been set in regard to the ability of congress to regulate information held by state agencies.[10] After the FTC completed its investigation, it issued the "KidsCom Letter" the report stated that the data collection and use practices were indeed subject to legal action.[11][12] This resulted in the need to inform parents about the risks of children's online privacy, as well as to parental consent necessity. This ultimately resulted in the drafting of COPPA.

The new millennium ushered in an era of regulation that many were simply unaware of. The early years of the transition were fraught with confusion and a lot of animosity. One of the main concerns of the time was the eventual accessibility of child-based websites at the fear many were unwilling to change their business practices.[13] Many were left with a series of loose guidelines that determined what was correct.[14] The simplification of COPPA provided by the FTC was met with a follow-up of demands to law enforcement that the: "... Commission should continue law enforcement efforts by targeting significant violations and seeking increasingly larger civil penalties, when appropriate, to deter unlawful conduct".[15] A mandatory review of the COPPA regulations were conducted in 2005 (resulting with no changes to the original guidelines), found that there were no adverse effects to the online landscape.

The Federal Trade Commission (FTC) has the authority to issue regulations and enforce COPPA. Also, under the terms of COPPA, the FTC-designated "safe harbor" provisioning is designed to encourage increased industrial self-regulation. Under this provision, industry groups and others may request Commission approval of self-regulatory guidelines to govern participants' compliance, such that website operators in Commission-approved programs would first be subject to the disciplinary procedures of the safe harbor program in lieu of FTC enforcement. As of June 2016, the FTC has approved seven safe harbor programs operated by TrustArc, ESRB, CARU, PRIVO, Aristotle, Inc., Samet Privacy (kidSAFE), and the Internet Keep Safe Coalition (iKeepSafe).[16][17] In August 2021, Aristotle, Inc. withdrew from the safe harbor program after FTC staff expressed serious concerns about its enforcement of its safe harbor provisions and communicated their intent to recommend the revocation of Aristotle's approval to run a safe harbor program. The FTC also announced its intention to more closely scrutinize the practices of the other six present safe harbors.[18]

In September 2011, the FTC announced proposed revisions to the COPPA rules, the first significant changes to the act since the issuance of the rules in 2000. The proposed rule changes expanded the definition of what it meant to "collect" data from children. The proposed rules presented a data retention and deletion requirement, which mandated that data obtained from children be retained only for the amount of time necessary to achieve the purpose that it was collected for. It also added the requirement that operators ensure that any third parties to whom a child's information is disclosed have reasonable procedures in place to protect the information.[19]

The act applies to websites and online services operated for commercial purposes that are either directed toward children under 13 or have actual knowledge that children under 13 are providing information online. Most recognized non-profit organizations are exempt from most of the requirements of COPPA.[2] However, the Supreme Court ruled that non-profits operated for the benefit of their members' commercial activities are subject to FTC regulation and consequently COPPA as well.[20] The type of "verifiable parental consent" that is required before collecting and using information provided by children under 13 is based upon a "sliding scale" set forth in a Federal Trade Commission regulation[21] that takes into account the manner in which the information is being collected and the uses to which the information will be put.

COPPA 2.0 was introduced to expand the age range covered by COPPA to 16. It was introduced in the Senate alongside the Kids Online Safety Act (KOSA), which aimed to require social media companies from taking steps to protect minors from "harmful" information. Both KOSA and COPPA 2.0 passed the Senate as a package on a 91–3 vote on July 30, 2024.[22]

Violations

edit

According to the FTC, courts may fine violators of COPPA up to $50,120 in civil penalties for each violation.[23] The FTC has brought a number of actions against website operators for failing to comply with COPPA requirements, including actions against Google, TikTok, Girls' Life,[24] American Pop Corn Company,[25] Lisa Frank, Inc.,[26] Mrs. Fields Cookies, and The Hershey Company.[27]

In February 2004, UMG Recordings, Inc. was fined US$400,000 for COPPA violations in connection with a website that promoted the then 13-year-old rapper Lil' Romeo and hosted child-oriented games and activities, and Bonzi Software, which offered downloads of an animated figure "BonziBuddy" that provided shopping advice, jokes, and trivia was fined $75,000 for COPPA violations.[28] Similarly, the owners of the Xanga website were fined US$1,000,000 in 2006 for COPPA violations of repeatedly allowing children under 13 to sign up for the service without getting their parent's consent.[29]

In 2016, the mobile advertising network inMobi was fined US$950,000 for tracking the geo-location of all users (including those under 12) without their knowledge. The advertising software continuously tracked user location despite privacy preferences on the mobile device.[30] Other websites that were directed towards children and fined due to COPPA include Imbee (2008),[31] Kidswirl (2011)[32] and Skid-e-Kids (2011).[33]

In February 2019, the FTC issued a fine of $5.7 million to ByteDance for failing to comply with COPPA with their TikTok app (then called Musical.ly). ByteDance agreed to pay the largest COPPA fine since the bill's enactment and to add a kids-only mode to the TikTok app.[34]

Three dating apps by Wildec were pulled by Apple and Google from their respective app stores, after the FTC determined that the dating apps allowed users under 13 to register, that Wildec knew there were significant numbers of minor users, and that this allowed inappropriate contact with minors.[35]

On September 4, 2019, the FTC issued a fine of $170 million to YouTube for COPPA violations, including tracking the viewing history of minors in order to facilitate targeted advertising.[36] Many notable social media platforms were subjected to scrutiny from the FTC, especially groups like Facebook where the platform had users ignoring COPPA guidelines since inception.[37] As a result, YouTube announced that as part of the settlement, in 2020 it would require channel operators to mark videos that are "child-oriented" as such, and would use machine learning to automatically mark those as clearly "child-oriented" if not marked already. In the settlement terms, channel operators that failed to mark videos as "child-oriented" could be fined by the FTC for up to $42,530 per video,[38] which has raised criticism towards the settlement terms.[39][40] The decision came in terms that, despite good faith, created many issues among the content creators on the site. Users such as Ryan's World, Philip DeFranco and TheOdd1sOut with vastly different content found themselves in conflict for their appealing content for children.[41] The following guidelines were implemented on the basis set by the following rules:

The Rule sets out additional factors the FTC will consider in determining whether your content is child-directed:

  • the subject matter,
  • visual content,
  • the use of animated characters or child-oriented activities and incentives,
  • the kind of music or other audio content,
  • the age of models,
  • the presence of child celebrities or celebrities who appeal to children,
  • language or other characteristics of the site,
  • whether advertising that promotes or appears on the site is directed to children, and
  • competent and reliable empirical evidence about the age of the audience.[42]

In 2022, Epic Games settled a Federal Trade Commission complaint in part by agreeing to pay a $275 million penalty for COPPA violations. The FTC complaint alleged that Epic illegally collected personal information from children under the age of 13 and made it difficult for parents to get such information deleted. The full agreement included an additional $245 million to refund users who were manipulated into making unintended purchases.[43]

The DOJ and FTC jointly filed a lawsuit against TikTok and its owner ByteDance for violations of COPPA in August 2024, asserting that the app collecting private information from minor users as well as to allow them to interact with adults and adult content.[44]

Compliance

edit

In December 2012, the Federal Trade Commission issued revisions effective July 1, 2013, which created additional parental notice and consent requirements, amended definitions, and added other obligations for organizations that (1) operate a website or online service that is "directed to children" under 12 and that collects "personal information" from users or (2) knowingly collects personal information from people under 13 through a website or online service.[45] After July 1, 2013, operators must:[46]

  • Post a clear and comprehensive online privacy policy describing their information practices for personal information collected online from persons under age 13;
  • Make reasonable efforts (taking into account available technology) to provide direct notice to parents of the operator's practices with regard to the collection, use, or disclosure of personal information from persons under 13, including notice of any material change to such practices to which the parents have previously consented;
  • Obtain verifiable parental consent, with limited exceptions, prior to any collection, use, and/or disclosure of personal information from persons under age 13;
  • Provide a reasonable means for a parent to review the personal information collected from their child and to refuse to permit its further use or maintenance;
  • Establish and maintain reasonable procedures to protect the confidentiality, security, and integrity of the personal information collected from children under age 13, including by taking reasonable steps to disclose/release such personal information only to parties capable of maintaining its confidentiality and security; and
  • Retain personal information collected online from a child for only as long as is necessary to fulfill the purpose for which it was collected and delete the information using reasonable measures to protect against its unauthorized access or use.
  • Operators are prohibited from conditioning a child's participation in an online activity on the child providing more information than is reasonably necessary to participate in that activity.[47]

According to a notice issued by the Federal Trade Commission, an operator has actual knowledge of a user's age if the site or service asks for—and receives—information from the user that allows it to determine the person's age.[48] An example, cited by the FTC, includes an operator who asks for a date of birth on a site's registration page has actual knowledge as defined by COPPA if a user responds with a year that suggests they are under 13. Another example cited by the FTC is that an operator may have actual knowledge based on answers to "age identifying" questions like "What grade are you in?" or "What type of school do you go to? (a) elementary; (b) middle; (c) high school; (d) college."

A small fee was charged by Microsoft under COPPA as a way to verify parental consent. The fee was donated to the National Center for Missing and Exploited Children.[49] Google, however, charges a small fee as a way to verify one's date of birth.

In the changes effective July 1, 2013, the definition of an operator was updated to make clear that COPPA covers a child-directed site or service that integrates outside services, such as plug-ins or advertising networks, that collect personal information from its visitors.[50] The definition of a website or online service directed to children is expanded to include plug-ins or ad networks that have actual knowledge that they are collecting personal information through a child-directed website or online service. Websites and services that target children as a secondary audience may differentiate among users, and are required to provide notice and obtain parental consent only for those users who identify themselves as being younger than 13.[45] The definition of personal information requiring parental notice and consent before collection now includes "persistent identifiers" that can be used to recognize users over time and across different websites or online services. However, no parental notice and consent are required when an operator collects a persistent identifier for the sole purpose of supporting the website or online service's internal operations.[50] The definition of personal information after July 1, 2013, also includes geolocation information, as well as photos, videos, and audio files that contain a child's image or voice.[46]

On November 19, 2015, the FTC announced it had approved an additional method for obtaining verifiable parental consent: "face match to verified photo identification" (FMVPI). The two-step process allows a parent to submit a government-sanctioned ID for authentication, then submit an impromptu photo via mobile device or web camera, which is then compared to the photo on the ID.[51]

International scope

edit

The FTC has asserted that COPPA applies to any online service that is directed to U.S. users or knowingly collects information from children in the U.S., regardless of its country of origin. Referring to their official website, the following embodies such views:

The FTC's Office of International Affairs directs the agency's international activities for competition and consumer protection, which include:

  • strengthening relationships with foreign competition and consumer protection agencies
  • developing formal and informal arrangements and agreements with competition and consumer protection agencies around the world
  • engaging in cooperative dialogues and submitting reports at international forums for competition and consumer protection
  • helping agencies around the world develop and enhance their own competition and consumer protection programs
  • sharing information with foreign law enforcement authorities through the U.S. Safe Web Act
  • maintaining a robust International Fellows Program[52]

However, the FTC rarely performs enforcement actions against foreign companies, and faces a number of practical challenges in doing so.[53] The general assumption is that, despite the interconnected world of internet services, jurisdiction only applies to domestic operation. Nevertheless, it has successfully enforced COPPA against at least one foreign company with a significant US userbase, securing a $5.7 million settlement against the Chinese company ByteDance over their TikTok app.[54]

Criticisms

edit

COPPA is controversial and has been criticized as ineffective and potentially unconstitutional by legal experts[55] and mass media[56] since it was drafted.[57] Complaints leveled against the legislation include website owners banning users 12 and under—which only "encourages age fraud and allows websites to bypass the burden of obtaining parental consent"[55]—and the active suppression of children's rights to freedom of speech, self-expression, and other First Amendment rights[58][59] due to necessity of registering accounts to do so.

Delays in obtaining parental consent often result in children moving on to other activities that are less appropriate for their age or pose bigger privacy risks.[60]

In addition, age restrictions and the "parental consent" process are easy for children to circumvent, and parents generally help them to lie about their age.[61][62]

An Internet Safety Technical Task Force composed of experts from academia and commercial companies found in 2012 that mandatory age verification is not only a poor solution for privacy but also constitutes a violation of privacy.[63] The law has also many safety flaws. For example, it does not protect kids from predatory advertising,[64] it does not prevent kids from accessing pornography or lying about their age,[2] and it does not ensure a totally safe environment online. Tech journalist Larry Magid, a long-time vocal opponent of the law,[56][58][9] also notes that parents, not the government, hold the bulk of responsibility of protecting children online.[9] COPPA has also been criticized for its potential chilling effect on children's apps, content, websites and online services. For example, Snapchat released a Snapkidz version of its app in June 2013, but unlike Snapchat, Snapkidz did not allow photo sharing at all due to COPPA regulations.[65] Similarly, it has been pointed out that the COPPA Rule was not necessarily about privacy protection but more about "enforcing the laws."[60]

COPPA's penalties ($40,000 per violation) can be potentially catastrophic for small businesses, undermining their business model.[66][67] By contrast, the FTC has been criticized, including by COPPA author Ed Markey, and FTC commissioner Rohit Chopra, for not fining major and big tech companies harshly enough for their COPPA violations, especially in comparison to their revenue. In contrast, violators of the European Union's General Data Protection Regulation (GDPR) may be fined up to 4% of their annual global revenue.[68][69][70]

With the rise of virtual education, COPPA may inadequately represent the role of administrators, teachers, and the school in protecting student privacy under the assumption of loco parentis.[71]

Mark Zuckerberg, co-founder and CEO of Facebook, expressed opposition to COPPA in 2011 and stated "That will be a fight we take on at some point. My philosophy is that for education you need to start at a really, really young age."[72] The next year, Jim Steyer, the CEO of Common Sense Media, has called for updates to COPPA, calling the time of the act's creation "the stone age of digital media" and pointing out the lack of platforms such as Google, YouTube, Facebook and Twitter at the time.[73]

In 2019, the Government of the State of New York sued YouTube for violating COPPA by illegally retaining information related to children under 13 years of age. YouTube responded by dividing its content strictly into "for kids" and "not for kids". This has met with extremely harsh criticism from the YouTube community, especially from gamers, with many alleging that the FTC of the United States intends to fine content creators $42,530 for "each mislabeled video", possibly putting all users at risk.[74][75][76] However, some have expressed skepticism over this, feeling that the fines may actually be in reference to civil penalties, possibly intended for the site's operators and/or warranted by more serious of COPPA violations or specific cases of "mislabeling videos".[77][78][79] As of December 2022, no YouTuber has been fined.[80][outdated statistic]

Several bills have been proposed to amend COPPA. Markey and Josh Hawley introduced multiple bills (in the House in 2018 as the "Do Not Track Kids Act", and in 2019 as a Senate measure) proposing that COPPA ban the use of targeted advertising to users under 13, require personal consent before the collection of personal information from users ages 13–15, require connected devices and toys directed towards children to meet security standards and include a privacy policy disclosure on their packaging, and require services to offer an "eraser button" to "permit users to eliminate publicly available personal information content submitted by the child, when technologically feasible". In January 2020, Bobby Rush and Tim Walberg introduced a similar house bill known as the Preventing Real Online Threats Endangering Children Today (PROTECT Kids) Act, which would extend all existing COPPA consent requirements to users under the age of 16, and explicitly add mobile apps, "precise geolocation", and biometric data to its remit.[81][82][83]

See also

edit

References

edit
  1. ^ "Complying with COPPA: Frequently Asked Questions". FTC Business Center. Federal Trade Commission. March 20, 2015. Retrieved August 6, 2019. As a related matter, U.S.-based sites and services that collect information from foreign children also are subject to COPPA.
  2. ^ a b c "Complying with COPPA: Frequently Asked Questions". FTC Business Center. Federal Trade Commission. March 20, 2015. Retrieved August 6, 2019.
  3. ^ "What age should my kids be before I let them use Instagram, Facebook, and other social media services?". Common Sense Media. Common Sense Media, Inc. Archived from the original on August 6, 2018. Retrieved April 29, 2023.
  4. ^ Bilton, N. (February 18, 2015). "Letting Your Kids Play in the Social Media Sandbox". The New York Times. Archived from the original on February 22, 2015. Retrieved July 21, 2019.{{cite web}}: CS1 maint: unfit URL (link)
  5. ^ Rochman, B. (May 24, 2011). "Should Kids Under 13 Be on Facebook?". Time. Time, Inc. Retrieved June 22, 2016.
  6. ^ Fingas, Jon (May 2, 2023). "Senators reintroduce COPPA 2.0 bill to tighten child safety online". Engadget. Retrieved February 18, 2024.
  7. ^ "Walberg, Castor Introduce Comprehensive Children's Privacy Bill". Congressman Tim Walberg, Representing the 5th District of Michigan. April 9, 2024. Retrieved July 4, 2024.
  8. ^ "Representatives Walberg and Castor Announce Companion Bill to COPPA 2.0". Hunton Andrews Kurth. Retrieved July 4, 2024.
  9. ^ a b c Magid, L.J. (April 24, 2000). "New Law Protects Kids Online, but It's No Substitute for Parenting". Los Angeles Times. Archived from the original on December 22, 2015. Retrieved June 22, 2016.
  10. ^ "Redirecting..." heinonline.org. Retrieved March 26, 2022. {{cite web}}: Cite uses generic title (help)
  11. ^ Warmund, J. (2001). "Can COPPA Work? An Analysis of the Parental Consent Measures in the Children's Online Privacy Protection Act". Fordham Intellectual Property, Media and Entertainment Law Journal. 11 (1). Retrieved June 22, 2016.
  12. ^ "FTC Staff Sets Forth Principles For Online Information Collection From Children". FTC Press Releases. Federal Trade Commission. July 16, 1997. Retrieved June 22, 2016.
  13. ^ Davis, Joel J. (Autumn 2002). "Marketing to children online: A manager's guide to the Children's Online Privacy Protection Act". S.A.M. Advanced Management Journal. 67: 11–63. ProQuest 231236782.
  14. ^ Reyes, Irwin (2018). ""Won't Somebody Think of the Children?" Examining COPPA Compliance at Scale" (PDF). Proceedings on Privacy Enhancing Technologies. 2018 (3): 63–83. doi:10.1515/popets-2018-0021. S2CID 4935390.
  15. ^ Commission., United States. Federal Trade (2007). Implementing the Children's Online Privacy Protection Act : a report to Congress. U.S. FTC. OCLC 85854528.
  16. ^ Thomas, L.M. (August 19, 2014). "FTC Approves iKeepSafe's COPPA Safe Harbor Program". Privacy Law Corner. Winston & Strawn LLP. Archived from the original on September 21, 2016. Retrieved June 22, 2016.
  17. ^ Thomas, L.M. (February 20, 2014). "FTC Approves Sixth COPPA Safe Harbor Program". Privacy Law Corner. Winston & Strawn LLP. Retrieved June 22, 2016.
  18. ^ "Aristotle Removed from List of FTC-Approved Children's Privacy Self-Regulatory Programs". FTC Press Releases. Federal Trade Commission. August 4, 2021. Retrieved September 2, 2021.
  19. ^ "FTC Will Propose Broader Children's Online Privacy Safeguards". The National Law Review. Ifrah PLLC. December 22, 2011. Retrieved June 22, 2016.
  20. ^ "FTC v. California Dental Association, 526 U.S. 756 (1999)". Justia. May 24, 1999. Retrieved June 22, 2016.
  21. ^ Federal Trade Commission (November 3, 1999). "16 CFR Part 312 Children's Online Privacy Protection Rule; Final Rule" (PDF). Federal Register. 64 (212): 59888–59915. Archived from the original (PDF) on October 29, 2013. Retrieved June 22, 2016.
  22. ^ "Senate passes the most significant child online safety bills in decades". NBC News. July 30, 2024. Retrieved August 16, 2024.
  23. ^ "Complying with COPPA: Frequently Asked Questions". Federal Trade Commission. July 20, 2020. Retrieved October 25, 2020.
  24. ^ "FTC Announces Settlements with Web Sites That Collected Children's Personal Data Without Parental Permission". FTC Press Releases. Federal Trade Commission. April 19, 2001. Retrieved June 22, 2016.
  25. ^ "Popcorn Company Settles FTC Privacy Violation Charges". FTC Press Releases. Federal Trade Commission. February 14, 2002. Retrieved June 22, 2016.
  26. ^ "Web Site Targeting Girls Settles FTC Privacy Charges". FTC Press Releases. Federal Trade Commission. October 2, 2001. Retrieved June 22, 2016.
  27. ^ "FTC Receives Largest COPPA Civil Penalties to Date in Settlements with Mrs. Fields Cookies and Hershey Foods". FTC Press Releases. Federal Trade Commission. February 27, 2003. Retrieved June 22, 2016.
  28. ^ "UMG Recordings, Inc. to Pay $400,000, Bonzi Software, Inc. To Pay $75,000 to Settle COPPA Civil Penalty Charges". FTC Press Releases. Federal Trade Commission. February 18, 2004. Retrieved June 22, 2016.
  29. ^ Sullivan, B. (September 7, 2006). "FTC fines Xanga for violating kids' privacy". NBCNews.com. NBCUniversal Media, LLC. Archived from the original on August 2, 2013. Retrieved June 22, 2016.
  30. ^ "Mobile Advertising Network InMobi Settles FTC Charges It Tracked Hundreds of Millions of Consumers' Locations Without Permission". Federal Trade Commission. June 22, 2016. Retrieved March 4, 2018.
  31. ^ "Imbee.com Settles FTC Charges Social Networking Site for Kids Violated the Children's Online Privacy Protection Act; Settlement Includes $130,000 Civil Penalty". FTC Press Releases. Federal Trade Commission. January 30, 2008. Retrieved June 22, 2016.
  32. ^ Engle, M.K. (July 12, 2011). "Kidswirl, LLC, FTC File No. 112-3034" (PDF). Federal Trade Commission. Retrieved June 22, 2016.
  33. ^ "Operator of Social Networking Website for Kids Settles FTC Charges Site Collected Kids Personal Information Without Parental Consent". FTC Press Releases. Federal Trade Commission. November 8, 2011. Retrieved June 22, 2016.
  34. ^ "Largest FTC COPPA settlement requires Musical.ly to change its tune". Federal Trade Commission. February 27, 2019. Retrieved February 27, 2019.
  35. ^ Fingas, Jon (May 6, 2019). "App stores pull dating apps after FTC warning about underage users". Engadget. Retrieved June 19, 2019.
  36. ^ Fung, Brian (September 4, 2019). "Google and FTC reach $170 million settlement over alleged YouTube violations of kids' privacy". CNN Business. Retrieved September 4, 2019.
  37. ^ Boyd, Danah; Hargittai, Eszter; Schultz, Jason; Palfrey, John (October 31, 2011). "Why parents help their children lie to Facebook about age: Unintended consequences of the 'Children's Online Privacy Protection Act'". First Monday. doi:10.5210/fm.v16i11.3850. ISSN 1396-0466.
  38. ^ "Guidelines for child-oriented content on YouTube". Believe Digital. Retrieved August 22, 2020.
  39. ^ Kelly, Makena; Alexander, Julia (November 13, 2019). "YouTube's new kids' content system has creators scrambling". The Verge. Retrieved November 22, 2019.
  40. ^ Important Update for All Creators: Complying with COPPA. YouTube. November 12, 2019. Archived from the original on December 11, 2021.
  41. ^ "FTC Issues Orders to Nine Social Media and Video Streaming Services Seeking Data About How They Collect, Use, and Present Information". Federal Trade Commission. December 14, 2020. Retrieved March 26, 2022.
  42. ^   One or more of the preceding sentences incorporates text from this source, which is in the public domain: "YouTube channel owners: Is your content directed to children?". Federal Trade Commission. November 22, 2019. Retrieved March 15, 2022.
  43. ^ Singer, Natasha (December 19, 2022). "Epic Games to Pay $520 Million Over Children's Privacy and Trickery Charges". The New York Times. ISSN 0362-4331. Retrieved December 19, 2022.
  44. ^ Tenbarge, Kat (August 2, 2024). "U.S. sues TikTok, alleging millions of child privacy violations". NBC News. Retrieved August 2, 2024.
  45. ^ a b Percival IV, L.C.; Johnson, E. (July 1, 2013). "New Children's Online Privacy Protection Act (COPPA) Rule Now In Effect". The National Law Review. Ifrah PLLC. Retrieved June 22, 2016.
  46. ^ a b Larose, C.J.; Siripurapu, J.M. (June 28, 2013). "Guide to Compliance with the Amended Children's Online Privacy Protection Act (COPPA) Rule". The National Law Review. Ifrah PLLC. Retrieved June 22, 2016.
  47. ^ Larose, C.J. (June 29, 2013). "Amended Children's Online Privacy Protection Act (COPPA) Rule Compliance Deadline Approaching". The National Law Review. Ifrah PLLC. Retrieved June 22, 2016.
  48. ^ "Children's Online Privacy Protection Rule: Not Just for Kids' Sites". FTC Business Center. Federal Trade Commission. April 2013. Retrieved July 7, 2013.
  49. ^ "Why does Microsoft charge me when I create an account for my child?". support.microsoft.com. Retrieved March 26, 2017.
  50. ^ a b "FTC Strengthens Kids' Privacy, Gives Parents Greater Control Over Their Information By Amending Childrens Online Privacy Protection Rule". FTC Press Releases. Federal Trade Commission. December 19, 2012. Retrieved June 22, 2016.
  51. ^ "FTC Grants Approval for New COPPA Verifiable Parental Consent Method". FTC Press Releases. Federal Trade Commission. November 19, 2015. Retrieved June 22, 2016.
  52. ^ "International". Federal Trade Commission. March 1, 2013. Retrieved March 26, 2022.
  53. ^ Tonsager, Lindsay (January 9, 2015). "FTC Warns Foreign Mobile-App Developer To Comply With COPPA". Inside Privacy. Retrieved July 21, 2019.
  54. ^ "Largest FTC COPPA settlement requires Musical.ly to change its tune". Federal Trade Commission. February 27, 2019. Retrieved September 1, 2021.
  55. ^ a b Matecki, L.A. (2010). "Update: COPPA is Ineffective Legislation! Next Steps for Protecting Youth Privacy Rights in the Social Networking Era". Journal of Lawn and Social Policy. 5 (2): 7. Archived from the original on June 29, 2016. Retrieved June 22, 2016.
  56. ^ a b Magid, L. (August 4, 2012). "Unintended Consequences of FTC's New COPPA Children's Online Privacy Rules". The Huffington Post. TheHuffingtonPost.com, Inc. Retrieved June 22, 2016.
  57. ^ "New Internet Privacy Rules Will Not Protect Kids". Archived from the original on August 3, 2017. Retrieved August 2, 2017.
  58. ^ a b Magid, L. (August 29, 2014). "Magid: Protecting children online needs to allow for their right to free speech". The Mercury News. Digital First Media. Archived from the original on March 25, 2016. Retrieved June 22, 2016.
  59. ^ Morris, J. (November 23, 2010). "Ask CDT: Answers on First Amendment Rights Online". CDT Blog. Center for Democracy and Technology. Retrieved June 22, 2016.
  60. ^ a b Puckett, J.M. (May 14, 2013). "Insider insights on COPPA". Emoderation Blog. Emoderation Limited. Archived from the original on November 18, 2016. Retrieved June 22, 2016.
  61. ^ Boyd, D.; Hargittai, E.; Schultz, J.; Palfrey, J. (November 7, 2011). "Why parents help their children lie to Facebook about age: Unintended consequences of the Children's Online Privacy Protection Act". First Monday. 16 (11). Retrieved June 22, 2016.
  62. ^ Griggs, B. (November 1, 2011). "Parents help kids lie to get on Facebook, study finds". CNN.com. Turner Broadcasting System, Inc. Retrieved June 22, 2016.
  63. ^ Perlroth, N. (June 17, 2012). "Verifying Ages Online Is a Daunting Task, Even for Experts". The New York Times. Archived from the original on January 31, 2018. Retrieved July 21, 2019.{{cite web}}: CS1 maint: unfit URL (link)
  64. ^ Kluver, C. (July 5, 2013). "Parental Notification, the FTC and Kids Apps: What's COPPA all about?". Digital Media Diet. Archived from the original on September 6, 2015. Retrieved June 22, 2016.
  65. ^ Chaey, C. (June 24, 2013). "Snapchat Debuts SnapKidz, A Sext-Free App For Kids Under 13". Fast Company. Mansueto Ventures, LLC. Retrieved June 22, 2016.
  66. ^ Kamenetz, A. (June 28, 2013). "How the New COPPA Requirements Are Bad for Businesses and Kids". Fast Company. Mansueto Ventures, LLC. Retrieved June 22, 2016.
  67. ^ Davis, W. (September 25, 2012). "IAB: Proposed Children's Privacy Rules Undermine Business Model". Online Media Daily. MediaPost Communications. Retrieved June 22, 2016.
  68. ^ "Apple, Netflix and YouTube among Streamers Flouting EU Privacy Law, Say New Complaints". Fortune. Retrieved September 8, 2019.
  69. ^ Feiner, Lauren (September 4, 2019). "YouTube fine shows the US government is not serious about a Big Tech crackdown". CNBC. Retrieved September 8, 2019.
  70. ^ Binder, Matt (September 4, 2019). "YouTube's $170 million fine isn't enough—and part of the FTC knows it". Mashable. Retrieved September 8, 2019.
  71. ^ Hostetler, David R (2013). "Children's privacy in virtual K-12 education: virtual solutions of the amended Children's Online Privacy Protection Act (COPPA) rule". North Carolina Journal of Law & Technology. Online Ed 167.
  72. ^ Lev-Ram, M. (May 20, 2011). "Zuckerberg: Kids under 13 should be allowed on Facebook". Fortune. Time, Inc. Retrieved June 22, 2016.
  73. ^ "Keeping Your Kids Safe Online". NPR.
  74. ^ Tagarth, Shaun (November 20, 2019). "All You Need To Know About COPPA On Youtube". WGN Radio.
  75. ^ "YouTube's new kids' content system has creators scrambling". The Verge. November 13, 2019.
  76. ^ Hart, Matthew (November 18, 2019). "YouTube's FTC-Mandated Rules for Kids Content Infuriate Creators". Nerdist.
  77. ^ "YouTube channel owners: Is your content directed to children?". Federal Trade Commission. November 22, 2019.
  78. ^ "COPPA: Everything Content Creators Need To Know". TheGamer. November 23, 2019.
  79. ^ "Misinformed YouTubers Are Undermining the Fight for Children's Privacy Online". Slate Magazine. November 27, 2019.
  80. ^ "COPPA Hasn't Fined ANYONE Yet? ($42,000)". YouTube. Deep Humor. July 13, 2020. Archived from the original on December 11, 2021.
  81. ^ Kelly, Makena (January 9, 2020). "'Eraser button' for children's data gains support in the House". The Verge. Retrieved January 17, 2020.
  82. ^ Jenner; Saunders, Block LLP-David P.; Martinez, Jessica A. (January 14, 2020). "New Bill Seeks to Update Children's Online Privacy Protections with the PROTECT Kids Act". Lexology. Retrieved January 17, 2020.
  83. ^ Eggerton, John (May 23, 2018). "Kids Online 'Erase Button' Penciled In Once Again". Multichannel. Retrieved January 17, 2020.
edit