December 18, 2018

December 18, 2018

Subscribe to Latest Legal News and Analysis

December 17, 2018

Subscribe to Latest Legal News and Analysis

FTC Explains Evolution of COPPA in Live Twitter Chat

On March 6, 2018, the FTC hosted a live Twitter chat to mark the twentieth anniversary of the Children’s Online Privacy Protection Act (COPPA).  The stated purpose of the chat was to discuss the FTC’s work to enforce COPPA and to ensure the FTC’s rule implementing the law stays in step with evolving technologies and data collection practices.

The chat began with the FTC pointing to its published FAQs, as well as two recent COPPA settlements:  a $650,000 settlement with VTech Electronics Limited, which was the FTC’s first children’s privacy case involving Internet-connected toys, and a $235,000 settlement with Prime Sites, Inc., which focused on how a company can gain “actual knowledge” that it is collecting information from a child.

The chat then moved into a question and answer session, with the FTC guiding the discussion through a series of questions to Acting Chairman Maureen K. Ohlhausen.  For the most part, these questions tried to highlight how the FTC has tried and is trying to stay current with a law that was passed before social media even existed.

The specific topics included:

  • How COPPA has been updated to apply to connected toys and other Internet of Things products intended for children;
  • How COPPA has adapted to a world where teachers increasingly rely on tech in the classroom by allowing schools (in some cases) to provide consent to operators who collect information from kids in the educational context;
  • COPPA’s expanded definition of “personal information,” which includes audio files containing a child’s voice, and how the FTC’s guidance explains that the FTC won’t take action where the voice recording is used solely as a replacement for written words, such as to perform a search, and the company deletes the file immediately after use;
  • COPPA’s Safe Harbor Program; and
  • The new ways in which the FTC has found that a “general audience” operator can gain “actual knowledge” that it is collecting data from children.

Although the format somewhat limited the amount of detail and the depth of the discussion, it provided a useful overview of how the FTC’s enforcement of COPPA is constantly evolving to try to keep up with the changing landscape.  At the very least, online discussions such as #COPPAChat are noteworthy as they alert companies and the public that the FTC may be pivoting to new types of enforcement actions.

Copyright © by Ballard Spahr LLP


About this Author

Philip Yannella, Ballard Spahr Law Firm, Philadelphia, Data Security Attorney

As Co-Practice Leader of Ballard’s Privacy and Data Security Group, and Practice Leader of the firm’s E-Discovery and Data Management Group, Philip N. Yannella provides clients with 360-degree advice on the transfer, storage, and use of digital information.

Mr. Yannella regularly advises clients on the Stored Communications Act (SCA), Computer Fraud and Abuse Act (CFAA), EU-US Privacy Shield, General Data Protection Regulation (GDPR), Defense of Trade Secrets Act, PCI-DSS, Telephone Consumer Protection Act (TCPA), New York Department of...

Gregory Szewczyk, Ballard Spahr Law Firm, Denver, Privacy and Litigation Attorney

Greg Szewczyk is a litigator with experience serving as a member of several trial and arbitration teams. His responsibilities include examining witnesses at trial; drafting opening and closing presentations; drafting dispositive, discovery and pretrial motions, as well as appellate briefs; taking and defending depositions; arguing evidentiary and procedural issues; preparing witnesses for testimony; and drafting scripts for direct and cross-examinations. He is also a member of the Denver office’s cybersecurity practice group.