House SubCommittee Looks at Proposed Revisions to COPPA

House SubCommittee Looks at Proposed Revisions to COPPA

The Federal Trade Commission (FTC) recently revealed its proposed amendments to the Children’s Online Privacy Protection Rule (COPPA). COPPA requires that operators of websites or online services notify parents and obtain their consent when collecting, using, or disclosing the personal information of children under the age of 13. FPF shares the FTC’s visions to protect children online and fully supports the Commission’s intention to revise the current rule in response to changing technologies.

Tomorrow, October 5, 2011, the SubCommittee on Commerce, Manufacturing and Trade of the House Energy and Commerce Committee holds a hearing titled Protecting Children’s Privacy in an Electronic World. We look forward to the discussion. We are still reviewing the proposed revisions to the Rule and will be filing formal comments. Generally, we think that keeping the age restriction at under 13 makes sense as do many of the changes proposed by the FTC. Other points raised, such as the extent that companies will be able to be responsible for unrelated 3rd parties may be a challenge for some businesses. But we are also not entirely clear about the intention of the FTC in some areas, such as location and tracking, and are hoping for some clarification so we and others can comment in a useful way.


The FTC proposes to amend the statutory definition of “personal information” to include include: (1) an identifier that links the activities of a child across different Websites or online services and (2) geolocation information. With regard to identifiers, it is clear that the FTC has been concerned about companies that create and use behavioral profiles to advertise to children. We don’t think any responsible company does this and support the proposed effort to ensure that doing so is a violation of the Rule. But the revision as worded would seem to cover any advertising on a kids site that would track which ads are bringing users to an advertiser’s site, even if the data is used in the aggregate. The same data that is collected and logged for basic analytics and ad reporting, logged individually but used in aggregate, is generally the same data that can be mined for use in behavioral advertising. Is the intention to restrict any collection of tracking data across sites, even if used in a more limited way? Or is the FTC staking out a broad position because the data is kids data? Is this a precursor of the FTC’s final position on Do Not Track and collection limits which we may see in their upcoming broader privacy report? Clarification will be useful here.


In addition, a better understanding of the proposal to include precise geolocation information as personal information that requires consent before collection will be useful. Clearly there are instances where precise location can be used in a very “personal” manner, enabling a user to be identified or contacted. In other instances, precise location is a simple service that can help a user find where they are on a map or to find nearby resources. What obligations are imposed on an app developer providing a kids app that collects no personal information, but which includes an option to “show me directions from my location to this place”? Since the location consent mechanisms are created by Apple’s iOS mobile operating system and by Google’s Andriod system, what options does an app developer have?

We hope the hearing will get into these issues. We welcome your thoughts. FPF will be submitting comments to the FTC on these as well as others proposals set forth in the report. The deadline for filing is November 28, 2011.

Leave a Reply

Privacy Calendar

all-day George Washington Law Review 201... @ George Washington University Law School
George Washington Law Review 201... @ George Washington University Law School
Nov 7 – Nov 8 all-day
Save the date for the GW Law Review‘s Annual Symposium, The FTC at 100: Centennial Commemorations and Proposals for Progress, which will be held on Saturday, November 8, 2014, in Washington, DC. This year’s symposium, hosted in[...]
10:15 am You Are Here: GPS Location Track... @ Mauna Lani Bay Hotel & Bungalows
You Are Here: GPS Location Track... @ Mauna Lani Bay Hotel & Bungalows
Nov 11 @ 10:15 am
EFF Staff Attorney Hanni Fakhoury will present twice at the Oregon Criminal Defense Lawyers Association’s Annual Sunny Climate Seminar. He will give a presentation on government location tracking issues and then participate in a panel[...]
all-day PCLOB Public Meeting on “Definin... @ Washington Marriott Hotel
PCLOB Public Meeting on “Definin... @ Washington Marriott Hotel
Nov 12 all-day
The Privacy and Civil Liberties Oversight Board will conduct a public meeting with industry representatives, academics, technologists, government personnel, and members of the advocacy community, on the topic: “Defining Privacy.”   While the Board will[...]
all-day W3C Workshop on Privacy and User... @ Berlin, Germany
W3C Workshop on Privacy and User... @ Berlin, Germany
Nov 20 – Nov 21 all-day
The Workshop on User Centric App Controls intents to further the discussion among stakeholders of the mobile web platform, including researchers, developers and service providers. This workshop serves to investigate strategies toward better privacy protection[...]
all-day IAPP Practical Privacy Series 2014
IAPP Practical Privacy Series 2014
Dec 2 – Dec 3 all-day
Government and FTC and Consumer Privacy return to Washington, DC. For more information, click here.
9:00 am Progress of the EU Data Protecti...
Progress of the EU Data Protecti...
Dec 11 @ 9:00 am
The EU Member States have agreed to conclude the negotiations on the EU Data Protection draft Regulation in 2015. The process will have arrived at a critical point by the end of this year. The[...]

View Calendar