WASHINGTON, April 26, 2013 (GLOBE NEWSWIRE) -- The Federal Trade Commission (FTC) released its responses to frequently asked questions ("FAQs") relating to compliance with the Children's Online Privacy Protection Act ("COPPA"). That law was designed to protect children under 13 online by regulating how their personal information can be collected, used, and/or transferred.
"Today the FTC further clarified how merchants can comply with the law governing collection and dissemination of childrens' data," said Aristotle CEO John Aristotle Phillips. "This clarification was good for parents and kids and good for all businesses that want to interact with children in a responsible, legal manner.
"There is nothing standing in the way of implementation of these important rules and we look forward to helping our Integrity clients meet the requirements by July 1st deadline."
The COPPA rules, which were recently amended, are fairly complex and the FAQs are designed to help those who seek to understand and comply with these changes. The FAQs cover important topics such as:
- Who is covered by the Rule:
- Operators of commercial websites and online services (including mobile apps) directed to children under 13 that collect, use, or disclosure personal information from children;
- Operators of general audience websites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under 13; and
- Websites or online services that have actual knowledge that they are collecting personal information directly from users of another website or online service directed to children
- What those covered must do to comply, including:
- Posting a clear and comprehensive online privacy policy
- Providing direct notice to parents and obtaining Verifiable Parental Consent, with limited exceptions, before collecting personal information online from children
- Providing parents access to their children's personal information
- Maintaining the confidentiality, security, and integrity of information they collect from children;
- Retaining personal information collected online from a child for only as long as is necessary to fulfill the purpose for which it was collected and deleting the information using reasonable measures to protect against its unauthorized access or use.
- How the rule defines "Personal Information", which can now include geolocation information and persistent identifiers used to recognize a user over time and across different websites or online services;
- How to treat information collected from children prior to the effective date that was not considered personal under the original Rule but now is considered personal information under the amended Rule.
- A summary of the changes in the Rule.
- Where to find information about COPPA
- What sorts of information collection use or transfer can trigger the need to comply with COPPA
- How the FTC enforces the rule:
- A court can hold operators who violate the Rule liable for civil penalties of up to $16,000 per violation (COPPA fines actually levied have been as high as 3 million dollars)
- Information about Privacy Policies and direct notices to parents and a summary these requirements
- How to obtain "Verifiable Parental Consent"
- Using a third party such as one of the FTC-approved COPPA safe harbor programs that offer parental notification and consent systems for operators who are members of their programs.
- Exceptions to the requirement to obtain Verifiable Parental Consent
- Use of "e-mail plus" where information utilized in "support for the internal operations of the website or online service
- Many other definitions, hypothetical situations, and areas of questions that operators and websites, online services and mobile apps must address
The FAQs also outline the standards for obtaining Safe Harbor Program status, such that the website or online service may utilize a Safe Harbor program to facilitate compliance. The primary benefits of using an FTC-Approved Safe Harbor Provider are:
- You're subject to Safe Harbor's Guidelines in lieu of formal FTC investigation and enforcement (The FTC has announced that COPPA enforcement will be a priority)
- Safe Harbor seal tells parents you're trustworthy
- Safe Harbor provider can administer your notice and verifiable parental consent programs
- Using a Safe Harbor provider allows more freedom to focus on your business
- Safe Harbor assists in developing guidelines for setting up the handling of kids' info (assists in drafting Privacy Policy, e.g.)
- Safe Harbor monitors for problems/deviation from Program
- Allows you more freedom to innovate
- Safe Harbor is resource when changes planned
- Safe Harbor greatly decreases risk of:
- FTC Investigation
- FTC Penalties (as high as $3 million to date)
- Legal Expenses
- Distractions/Uncertainty
- Stigma/Damage to Reputation from Investigations, violations, negative publicity
The FAQs may be found at http://business.ftc.gov/documents/Complying-with-COPPA-Frequently-Asked-Questions#coppasafe .
The Integrity Children's Privacy Compliance Program, has been designed by Aristotle, as a "safe harbor" program under the Children's Online Privacy Protection Act (COPPA).
About Aristotle
Aristotle has delivered smarter tools to political campaigns since 1983. Every U.S. President - Democrat and Republican - from Reagan through Obama, has used Aristotle products and/or services, as have many U.S. Senators, members of the U.S. House of Representatives, Democratic and Republican state party organizations and other major campaigns worldwide.
About Integrity
Integrity services more countries and have greater depth of information worldwide than any other provider with over 135 countries and 3.4 billion records internationally. Changes in country demographics make this important and companies find global coverage is essential in modern borderless internet economies.
http://www.youtube.com/watch?v=QyvWaz0aY3s&feature=player_embedded