Joanne Furtsch, CIPP, CIPP/C
Policy & Product Architect
This morning the Federal Trade Commission [FTC] announced proposed changes to the COPPA Rule to address technological changes and the ways children under age 13 are able to access online services.
The proposed changes address five key areas:
- Definitions – clarifying current definitions and broadening the definition of Personal Information.
- Parental Consent – expanding the allowable mechanisms for verifiable parental consent and outlining a process by which industry can propose new mechanisms for obtaining consent.
- Parental Notice – streamlining the notice provided to parents including using just-in-time notices to provide parents with key information to determine whether they want to provide consent.
- Confidentiality and Security Requirements – strengthening standards to require Service Providers to have reasonable security measures in place, plus additional requirements around data deletion and retention.
- Safe Harbors – strengthening the oversight of Safe Harbor programs, like TRUSTe, by requiring an annual audit of program participants.
TRUSTe applauds the direction the Commission has taken with the proposed rule changes to address how children today engage online services and new emerging technologies. The proposed change that would allow companies to submit new mechanisms for obtaining verifiable consent to be reviewed and approved by the Commission will encourage privacy innovation.
Clarifications to current definitions will help businesses better understand how and when to comply with COPPA, such as the proposed clarification to “online contact information” to include all mechanisms by which someone can be contacted (like video chat user identifiers).
TRUSTe will continue its assessment of the proposed changes and update our program as needed, working closely with clients to ensure that they remain in compliance.
The proposed rule changes are out for public comment until November 28, 2011.