September 21, 2020

Volume X, Number 265

September 18, 2020

Subscribe to Latest Legal News and Analysis

Privacy Tip #242 – Protecting Children’s Privacy

The Children’s Online Privacy Protection Act (COPPA) has been on the books for years and is enforced by the Federal Trade Commission (FTC). COPPA basically prohibits companies from collecting personal information from children under the age of 13 without parental consent. The FTC has an impressive record of enforcement actions under COPPA and compliance with COPPA is an important part of a company’s compliance program, as applicable.

Many companies are unaware that there are also state laws applicable to the collection of children’s personal information, so consideration of compliance with those laws is important as well.

This week, Washington’s Attorney General Bob Ferguson (AG) announced that his office has settled an enforcement action against tech companies Super Basic LLC and its parent Maple Media LLC, which developed the “We Heart It” app, for $100,000 to end allegations that the companies unlawfully collected children’s data without parental consent.

In addition to the monetary penalty, the companies have agreed to pay $400,000 if they fail to comply with COPPA and the consent decree entered into between the parties.

The decree requires that companies use an “age gate” to prevent children under 13 from opening accounts; obtain parental consent before collecting data from children under 13; give notice directly to adults of children’s online data practices;audit user accounts to track whether accounts are being opened by children; and delete any accounts that belong to children under the age of 13.

The consent decree is similar to those handed out by the FTC,  and also serves as a reminder that both the FTC and State AGs are focused on the protection of the collection of children’s personal information and are stepping up enforcement in this area.

It also reminds parents to continue to monitor their children’s online behavior. These state and federal children’s privacy laws are for the protection of children, which is, and should be, a public-private partnership between agencies and parents.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.National Law Review, Volume X, Number 177

TRENDING LEGAL ANALYSIS


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence
Partner

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...

401-709-3353