Rebecca Kelly Slaughter, the new acting FTC chair, has recently signaled that the Federal Trade Commission may increase CID investigations, enforcement and penalties for violations of its Children’s Online Privacy Protection Act Rule, including, but not limited to obtaining verified parental consent prior to collecting information online from children under the age of thirteen.
Digital marketers that interact with children under the age of thirteen without complying with applicable legal regulations do so at their own peril. For example and with limited exception, COPPA requires verified parental consent to collect personal information from children under the age of thirteen.
Importantly, there are requirements set forth under CCPA and European Union countries - as well as countries with certain privacy regulatory requirements – may also have laws that impact collecting information from children online.
The FTC recently revamped its FAQs for complying with COPPA and the verifiable parental consent requirement is one which leaves marketers that do not comply, vulnerable.
COPPA generally provides that an operator must obtain verifiable parental consent before collecting any personal information from a child, unless the collection fits into one of the Rule’s exceptions. As a general rule, operators must get verifiable parental consent before collecting personal information online from children under thirteen.
Consult with experienced counsel to assess how to lawfully obtain parental consent, in addition to how to determine if your company is a website or online service that collects personal information from children under thirteen, how to post a privacy policy that complies with COPPA, how to notify parents directly prior to collection of personal information from their children, how to honor parents’ ongoing rights with respect to personal information collected from their children, and how to implement reasonable procedures to protect the security of childrens’ personal information.