This week, the Federal Trade Commission announced the latest updates to its Frequently Asked Questions (“FAQs”) document to assist online operators as they work to comply with changes to the Children’s Online Privacy Protection (“COPPA”) Rule that went into effect on July 1, 2013. The updated FAQs address the following topics:
- Share buttons – FAQ D.9 confirms that if an online or mobile app contains embedded buttons or plug-ins that allow children to send email or otherwise post information (for example, through a social network), the operator of such app must obtain verifiable parental consent unless an exception applies. Such consent is required even if the app does not otherwise collect personal information from children.
- Actual knowledge – FAQs D.10-D.12 describe various instances where an operator of a third-party advertising network will be deemed to have “actual knowledge” that it is collecting personal information directly from users of another Web site or online service directed to children.
- Information collected from a child-directed site – FAQ K.2 addresses the notice and consent obligations of ad networks that collected personal information through child-directed websites prior to the July 1 rule changes. According to the FTC, in the absence of an applicable exception, the operator must stop collecting information immediately and obtain verifiable parental consent before using any personal information that the operator knows came from the child-directed website or online service.
These updates are the latest in a series of recent updates to the COPPA FAQs (also see here, here, and here) to educate operators of websites and online services directed to children about their obligations under the amended Rule.