How to Keep Web Businesses Out of COPPA Trouble - Free Enterprise
Free Enterprise - The FindLaw Small Business Law Blog

How to Keep Web Businesses Out of COPPA Trouble

For many businesses, expanding to the internet seems almost like a necessity.

But, did you know that having an effective web privacy policy can be essential to avoiding some legal headaches? The Children's Online Privacy Protection Act (COPPA) requires websites to do some very specific things - even if your business does not target the "under age 13" group.

Many businesses do not realize that their websites need to be COPPA compliant.

Businesses that need to comply with COPPA include:

(1) businesses that are directed at children under the age of 13; and

(2) a general audience website that collects personal data from children, or has actual knowledge that some site visitors are children.

According to the FTC, "personal data" is all "individually identifiable information about a child" such as a full name, address, e-mail and telephone number. Other information, like hobbies and interests, can also be considered "personal data" if they are collected through cookies or other web tracking mechanisms.

As a business owner, complying with COPPA can mean avoiding costly litigation down the road. Developing a COPPA-compliant web privacy policy as outlined by FTC includes:

  • Website owners should place a clear and prominent link to a privacy policy that goes over how information is collected on the site and how it will be used. If the link is buried at the bottom of the page in a small font, it is not considered clear and prominent according to the FTC.
  • This web privacy policy should include information including the contact information of all operators collecting information from children, the kind of information that is being collected and how it is being used, and if the operator will disclose the information to third parties.
  • The web privacy policy should clearly state that the website may not require the child to disclose more information than is necessary to use the website.
  • The web privacy policy should also clearly state that the parent has the right to review any of the information collected from their child and have it deleted. The privacy policy should detail a clear procedure on how parents can do this.
  • The parents must also be given the option to consent to collection of personal information from their child without consenting to third party disclosure of this information.

If you would like more information about complying with COPPA regulations and developing a web privacy policy, consult the FTC website for helpful tips.

Related Resources: