Children’s Online Privacy Protection Act (COPPA)
The Children's Online Privacy Protection Act of 1998 (COPPA) is a US federal law created to protect the privacy of children under 13.
Frequently asked questions
What does the Children’s Online Privacy Protection Act require?
COPPA requires any website collecting information about children under the age of 13 to make this information available upon request of the child’s parents. This includes all user records, log-in data, profiles, and transaction data.
How much do you get fined for COPPA?
If businesses do not comply with COPPA requirements, they could be fined up to $43,792 per violation according to the FTC.
What are the rules of COPPA?
The FTC defines eight obligations for companies covered by COPPA:
- They must post a clear and comprehensive privacy policy online.
- They must provide direct notice to parents and obtain consent before collecting information.
- They must give parents the choice to prohibit the disclosure of data to third parties.
- They must provide parents access to their childrens’ data upon request
- They must give parents the choice to prohibit further use or collection of data.
- They must take reasonable steps to maintain the confidentiality and security of collected data.
- They must retain childrens’ information only so long as it is required and delete it after use.
- They must not encourage children to provide more information than is necessary.