Home Brand New COPPA Amendments Are Already Behind The Times

Brand New COPPA Amendments Are Already Behind The Times

As innovation moves into the future at warp speed, the U.S. government has struggled  to keep its own rules and regulations up to date with current technology. So when Congress and the Federal Trade Commission set out to do just that with a landmark children’s online privacy law, it’s no surprise that they may have fallen short of the mark. Already.

At issue is the Children’s Online Privacy Protection Act of 1998, known as COPPA, a law that requires websites that specifically cater to children to obtain parental consent before gathering personal information about the kids. Until the new proposed amendments were announced on Wednesday, COPPA did not take into account new technologies like social networks and mobile apps that children might be using. The new amendments still need to be signed into law, but they’re finalized as far as the FTC is concerned.

Insert Loopholes Here

This was not an easy revision, and indeed, the final proposed amendments to COPPA reflect a lot of compromises. For example, while individual apps will still be responsible for obtaining parental consent, Google and Apple will be off the hook for hosting and selling such apps in their respective app stores.

Facebook also avoided regulations that would have restricted under-13 users from joining the site. The amendment’s language specifies that no consent is needed if acquired data is used only “for the sole purpose of supporting the website or online service’s internal operations, such as contextual advertising, frequency capping, legal compliance, site analysis, and network communications.”

Since this advertising can be contextual, and not behavioral, in nature, it clears the way for Facebook and other networks to bring in younger members, because adhering to COPPA rules is a whole lot easier.

The big players got what they lobbied for, which might make a lot of parents nervous for that reason alone. By dancing around the intent of online privacy for children, major software companies have washed their hands of real responsibility when dealing with young online visitors. Their motto seems to be: Leave it to the third-party vendors to comply.

And under the new rules, it will be the third-party vendors who will have to figure out what needs to be done and how to do it. When information like geo-location and behavior has to have consent, it puts a serious burden on those vendors. Don’t look to the FTC, which will enforce these new rules, for much guidance either. In Wednesday’s press conference, FTC Chairman Jon Leibowitz all but said that it would be up to the technology sector to figure out how to make compliance work.

“That’s like telling someone to jump off a cliff and having them build a parachute on the way down,” chided Morgan Reed, Executive Director for the Association for Competitive Technology.

Control Versus Consent

Reed acknowledged that Congress, the FTC and all the industry players in this discussion, including the smaller software companies his organization represents, are doing their best to protect children. But he clearly sees some shortcomings with the new set of rules, particularly when it comes to smaller software development shops.

Many times app developers may not even realize they may be subject to the new COPPA rules. Even the simple collection of analytics could fall within the new guidelines, putting developers at risk of breaking the rules if they aren’t paying attention.

“A lot of these developers feel like they’re not violating privacy rules, but by actual design, they may be,” Reed said.

There is also the problem of the new COPPA rules already being behind the times. Many of the new regulations, which are focused on parental consent, completely miss the fact that many mobile platforms already have granulated controls that can enable parents to manage their child’s privacy beyond the level of the COPAA amendments.

Controls such as location blocking and privacy management accomplish the same goals as the COPPA rules, Reed explained, thus outdating COPPA’s scope. Even the language of COPPA itself is dated, calling for parent consent notification procedures that use what could be considered archaic technology, including fax transmissions.

“We need to make sure what is already happening with mobile technology will count under these rules,” Reed said. “We need to put this new technology on a par with the fax machine.”

Image courtesy of Shutterstock.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.