GO BACKTechnical AccessibilityWhat needs to be accessible?Find out if your website is compliant
- Free Tools
- About Us
If you run a website that collects personal information, there’s a chance you’re going to need to comply with the Children’s Online Privacy Protection Act – also referred to as COPPA.
In this detailed guide, we provide you with essential information on the purpose of COPPA and whether it applies to your website or mobile application.
We also cover the steps you need to take to achieve COPPA compliance and avoid unnecessary lawsuits.
Created in 2000, the Children’s Online Privacy Protection Act (COPPA) regulates how websites collect information from children. It prevents marketers from targeting children with unethical campaigns in order to gather data.
The aim of the act is to protect children, not hinder online businesses and innovation.
COPPA compliance is applicable to websites, mobile apps, and any other online services that fall into the following categories:
COPPA applies to both active and passive data collection such as tracking cookies.
It’s also important to understand exactly what is meant by personal information.
Next, let’s look at how COPPA compliance is enforced.
The Federal Trade Commission (FTC) is responsible for enforcing COPPA. Anyone who believes that a website or mobile app owner or operator is violating COPPA can report the matter to the FTC online.
By not complying with COPPA regulations, you could find yourself being fined up to $46,000 per violation. How flagrant the violation is, the number of minors affected, how the personal information was used, and how many times an offense has occurred are factors that determine the total penalty.
There have even been instances where penalties have amounted to millions of dollars, which could essentially ruin a business or brand for life.
Absolutely! COPPA has given certain federal agencies and states the authority to enforce compliance requirements, provided they have jurisdiction.
There are two primary requirements for complying with COPPA regulations:
This policy should outline how you collect and handle personal information from children who are 13 or younger. It should also be written in simple language so that even a child could understand it.
Along with it being easy to find and read, it should also be distinguishable from other links on your site too. It’s best practice to place this link somewhere close to where you collect personal information.
The second requirement is to send a direct notice to the parents of a child using a particular device. You can only collect personal information once this direct notice has been sent.
Let’s finish by looking at a few exceptions and what mixed audience website owners should know about COPPA compliance.
If your website or mobile app doesn’t collect, disclose, or make use of personal information collected from children, COPPA doesn’t apply to you.
And if you are unsure whether your website or app is deemed to be directed at children, consider the following factors:
Also, if you are using any data from children that have been collected from another website, COPPA applies to you.
Now, what about websites that target a mixed audience that includes children?
Basically, if there is any content, product, or services on your website that are directed at children, you need to comply with COPPA.
COPPA requirements are simple and straightforward, so there’s no reason why you should delay compliance.
Plus, by complying, not only are you doing your part to protect a younger online audience, but you’re avoiding costly lawsuits and business failure.
Your feedback has been sent. Thank you :)