June 26, 2022

Volume XII, Number 177

Advertisement
Advertisement

June 24, 2022

Subscribe to Latest Legal News and Analysis

FTC Adopts Policy Statement to Increase Scrutiny for COPPA Violations

On May 19, 2022, the Federal Trade Commission (FTC) adopted the “Policy Statement [  ] on Education Technology and the Children’s Online Privacy Protection Act (COPPA),” which calls for increased scrutiny for violations of COPPA by education technology companies. The FTC said in its statement:

The [FTC] is committed to ensuring that education technology (“ed tech”) tools and their attendant benefits do not become an excuse to ignore critical privacy protections for children. The [FTC]’s COPPA authority demands enforcement of meaningful substantive limitations on operators’ ability to collect, use, and retain children’s data, and requirements to keep that data secure. The [FTC] intends to fully enforce these requirements—including in school and learning settings where parents may feel they lack alternatives.

COPPA became effective in 2000, and was amended in 2013. However, since that amendment, technology has surpassed expectations and online data collection and monetization of data have skyrocketed. Now, during and post-pandemic, schools are using education tools for all levels and activities, and, in most cases, without any choice. Parents often question the education technology (ed tech) and online learning services, wondering how (and what) personal information is being collected, who it is being shared with, and how it is being used.

The FTC seeks to focus on ed tech providers’ compliance with COPPA related to:

  • Prohibitions against mandatory collection;

  • Use prohibitions;

  • Retention prohibitions;

  • Security requirements.

The FTC’s statement emphasizes that the burden for COPPA compliance is on the business,  not on schools or parents. Importantly, the FTC notes that any agreements between schools and these ed tech companies must appropriately reflect that point.

The FTC said:

Children should not have to needlessly hand over their data and forfeit their privacy in order to do their schoolwork or participate in remote learning, especially given the wide and increasing adoption of ed tech tools. Going forward, the Commission will closely scrutinize the providers of these services and will not hesitate to act where providers fail to meet their legal obligations with respect to children’s privacy. To see the full statement, click here.

Copyright © 2022 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XII, Number 146
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Kathryn Rattigan Attorney Cybersecurity Data Privacy
Associate

Kathryn Rattigan is a member of the firm's Business Litigation Group and Data Privacy + Cybersecurity Team. She advises clients on data privacy and security, cybersecurity, and compliance with related state and federal laws. Kathryn also provides legal advice regarding the use of unmanned aerial systems (UAS, or drones) and Federal Aviation Administration (FAA) regulations. She represents clients across all industries, such as insurance, health care, education, energy, and construction.

Data Privacy and Cybersecurity Compliance

Kathryn helps clients comply...

401-709-3357
Advertisement
Advertisement
Advertisement