Effective July 1, 2013, the amended Children’s Online Privacy Protection Act (COPPA) will take effect. In today’s world, as those of us in security and compliance know all too well, the same information that enables our business and moves our world quickly to the latest and greatest innovation, puts our private information and that of our friends and family at risk. Given the difficulty many of us face in assisting our adult customers and clients in the workforce with understanding the negative repercussions of “sharing too much,” one can only image how next to impossible it would be to educate children under the age of 13. This is where COPPA comes in, its goal is still to protect the online privacy of children and ensure those who collect information on children are accountable for their activities.
Those of you familiar with the act may remember back in the late 1990s when news reports were aired showing how easy it was for strangers to get access to our children’s data. At that time it was possible for anyone to gain detailed listings of children’s ages, addresses, and personal information merely by sending a couple of hundred dollars to database firms. The information collected was readily available and extensive due to the growth of the Internet and proliferation of databases created by schools, hospitals, government agencies, clubs, etc.
In recent years it has become evident that technology has moved past the original safeguards outlined in the 2000 Act and in 2010, the Federal Trade Commission began the update process. Some of the areas that needed to be addressed included mobile devices and social media. These two factors have greatly changed the way we collect and disseminate the personal information of children, and anyone with a child understands how ubiquitous social media and smart phones are with today’s youth. The digital world we live in requires that we consider mobile applications, social media plug-ins, third-party platforms, etc when we have meaningful discussions regarding privacy.
There is of course much more in the amended COPAA Rule than what has been discussed in this brief article, and it is highly recommended that businesses that collect information on children, directly or indirectly, evaluate their information gathering practices and consult their respective legal representatives to ensure the amendments to COPPA are well understood.
Editor’s Note: The views expressed in this article are the opinions of the author. Security Bistro is not responsible for the article’s content or messaging.