A COPPA First: Safe Harbor Program Removed From Approved List
The FTC recently announced the removal of Aristotle International, Inc. from the list of seven approved safe harbor programs under the Children’s Online Privacy Protection Act. Programs that are approved by the FTC must place requirements on participating organizations that are the same -or greater- than the requirements of COPPA. (As we have reported in the past, COPPA requires, inter alia, getting verified parental consent before collecting personal information from children online.) Companies that participate in those approved COPPA safe harbor programs are deemed in compliance with COPPA. Such protection can be valuable with a law, like COPPA, that has been found to be confusing to operationalize.
The FTC had expressed concern with Aristotle’s monitoring efforts, fearing that the company was not taking steps to ensure that participants complied with the requirements of Aristotle’s safe harbor program. The FTC indicated to Aristotle that its response was inadequate, and Aristotle withdrew from the COPPA safe harbor scheme as a result.
Putting it into Practice: Companies that participate in a COPPA safe harbor program might see an increased scrutiny by their COPPA safe harbor provider as a result of Aristotle’s removal from the approved list.