The Federal Trade Commission on Thursday proposed changes to its rules implementing a 1998 federal law aimed at protecting children online to respond to the evolving ways children access online services.
The Children’s Online Privacy Protection Act requires websites aimed at children under 13 to obtain parental consent before collecting, using or disclosing personal information about those children.
“In this era of rapid technological change, kids are often tech-savvy but judgment-poor. We want to ensure that the COPPA rule is effective in helping parents protect their children online, without unnecessarily burdening online businesses,” FTC Chairman Jon Leibowitz said in a news release.
Among the changes the agency is proposing are revisions to the definition of “personal information” to include geolocation data and persistent identifiers, which are not necessary to the basic function of a computer or website, such as online tracking cookies.
FTC also is aiming to improve parental notification and consent procedures required by the law. It proposed new ways to obtain verifiable parental consent such as having parents submit electronically scanned signed parental-consent forms and also called for eliminating the use of e-mail to obtain parental consent.
When it launched its review of its COPPA regulation, FTC sought comment on how it should account for the new ways children access online services such as through mobile phones and interactive gaming devices. It said on Thursday that it believes the current rules already cover these types of new technologies and do not need to be expanded.
Some privacy advocates want COPPA to be expanded to include teens, given their increasing use of social-networking sites like Facebook and other services that collect personal information from them. The commission said it did not believe COPPA is appropriate for teens but plans to explore “new privacy approaches that will ensure that teens—and adults—benefit from stronger privacy protections than are currently generally available.”
Several privacy advocates praised FTC’s proposed revisions to COPPA, particularly the expanded definition of personal information to include tracking cookies and other identifiers, which are used by some companies to track users and collect information about them for online ads.
“At a time when our children spend much of their daily lives online and are always connected to the Internet via games, cell phones, and other devices, parents should thank the FTC for acting responsibly on behalf of children,” Center for Digital Democracy Executive Director Jeff Chester said in a statement.
Rep. Edward Markey, D-Mass., who helped draft the original COPPA law, said, “I commend the commission for rejecting arguments that voluntary, self-regulatory efforts are the best way to address privacy concerns in connection with behavioral targeting of children online.”
The Direct Marketing Association, however, criticized the expansion of the personal information definition.
Noting the increasing importance of being able to use new technologies, DMA Executive Vice President Linda Woolley said in a statement, “It would be a disservice to our children—and the U.S. economy—if our regulations unnecessarily inhibited growth in new areas such as mobile technology.”
FTC is giving the public until Nov. 28 to comment on the proposed rule changes. Rep. Mary Bono Mack, R-Calif., who chairs the Energy and Commerce subcommittee with jurisdiction over privacy, said on Thursday she plans to hold a hearing on Oct. 5 on FTC’s proposed changes to COPPA.