House SubCommittee Looks at Proposed Revisions to COPPA

House SubCommittee Looks at Proposed Revisions to COPPA

The Federal Trade Commission (FTC) recently revealed its proposed amendments to the Children’s Online Privacy Protection Rule (COPPA). COPPA requires that operators of websites or online services notify parents and obtain their consent when collecting, using, or disclosing the personal information of children under the age of 13. FPF shares the FTC’s visions to protect children online and fully supports the Commission’s intention to revise the current rule in response to changing technologies.

Tomorrow, October 5, 2011, the SubCommittee on Commerce, Manufacturing and Trade of the House Energy and Commerce Committee holds a hearing titled Protecting Children’s Privacy in an Electronic World. We look forward to the discussion. We are still reviewing the proposed revisions to the Rule and will be filing formal comments. Generally, we think that keeping the age restriction at under 13 makes sense as do many of the changes proposed by the FTC. Other points raised, such as the extent that companies will be able to be responsible for unrelated 3rd parties may be a challenge for some businesses. But we are also not entirely clear about the intention of the FTC in some areas, such as location and tracking, and are hoping for some clarification so we and others can comment in a useful way.


The FTC proposes to amend the statutory definition of “personal information” to include include: (1) an identifier that links the activities of a child across different Websites or online services and (2) geolocation information. With regard to identifiers, it is clear that the FTC has been concerned about companies that create and use behavioral profiles to advertise to children. We don’t think any responsible company does this and support the proposed effort to ensure that doing so is a violation of the Rule. But the revision as worded would seem to cover any advertising on a kids site that would track which ads are bringing users to an advertiser’s site, even if the data is used in the aggregate. The same data that is collected and logged for basic analytics and ad reporting, logged individually but used in aggregate, is generally the same data that can be mined for use in behavioral advertising. Is the intention to restrict any collection of tracking data across sites, even if used in a more limited way? Or is the FTC staking out a broad position because the data is kids data? Is this a precursor of the FTC’s final position on Do Not Track and collection limits which we may see in their upcoming broader privacy report? Clarification will be useful here.


In addition, a better understanding of the proposal to include precise geolocation information as personal information that requires consent before collection will be useful. Clearly there are instances where precise location can be used in a very “personal” manner, enabling a user to be identified or contacted. In other instances, precise location is a simple service that can help a user find where they are on a map or to find nearby resources. What obligations are imposed on an app developer providing a kids app that collects no personal information, but which includes an option to “show me directions from my location to this place”? Since the location consent mechanisms are created by Apple’s iOS mobile operating system and by Google’s Andriod system, what options does an app developer have?

We hope the hearing will get into these issues. We welcome your thoughts. FPF will be submitting comments to the FTC on these as well as others proposals set forth in the report. The deadline for filing is November 28, 2011.

Leave a Reply

Privacy Calendar

9:30 am The Federal Trade commission and Its Section 5 Authority: Prosecutor, Judge, and Jury @ Rayburn House Office Building, Room 2154
The Federal Trade commission and… @ Rayburn House Office Building, Room 2154
Jul 24 @ 9:30 am – 11:00 am
The House Oversight and Government Reform Committee will be holding a hearing on the Federal Trade Commission and its Section 5 authority.
all-day Big Data: A Tool for Inclusion or Exclusion? @ Constitution Center
Big Data: A Tool for Inclusion o… @ Constitution Center
Sep 15 all-day
The Federal Trade Commission will host a public workshop entitled “Big Data: A Tool for Inclusion or Exclusion?” in Washington on September 15, 2014, to [...]
all-day IAPP Privacy Academy and CSA Congress 2014 @ San Jose Convention Center
IAPP Privacy Academy and CSA Con… @ San Jose Convention Center
Sep 17 – Sep 19 all-day
This fall, the International Association of Privacy Professionals (IAPP) and Cloud Security Alliance (CSA) are bringing together the IAPP Privacy Academy and the CSA Congress [...]
6:00 pm Consumer Action’s 43rd Annual Awards Reception @ Google
Consumer Action’s 43rd Annual Aw… @ Google
Oct 21 @ 6:00 pm – 8:00 pm
To mark its 43rd anniversary, Consumer Action’s Annual Awards Reception on October 21, 2014, will celebrate the theme of “Train the Trainer.” Through the power of [...]
all-day Data Privacy Day
Data Privacy Day
Jan 28 all-day
“Data Privacy Day began in the United States and Canada in January 2008, as an extension of the Data Protection Day celebration in Europe. The [...]

View Calendar