Looking at a tablet screen

Parent's Guide to COPPA: Children's Online Privacy Protection Act

by Screen Time Team on 20/01/2021

If you’ve ever wondered why so many apps require your child to be 13 or older to use, it’s thanks to the Children’s Online Privacy Protection Act of 1998, or COPPA. COPPA dictates much more about the internet and how your children interact with it than you might realize. Here’s a look at the useful parts of the law and the gaps you need parental control software to fill.

What Is COPPA?

COPPA is a law regulating the collection and use of the personal information of children online. It places detailed and specific limits on both, including, as of 2013, the following:

  • Posting a clear and detailed privacy policy
  • Alerting parents, within reason, about changes to this policy
  • Requiring the consent of parents or guardians to collect and use personal information
  • Giving parents tools to view the information collected and to remove it if necessary
  • Protecting the confidentiality of children, including protection against breaches
  • Keeping information only as long as needed and not making the furnishing of information a condition of using the site or app

These limitations apply regardless of whether the data collection is optional; if a site asks for the information, the regulations apply. This is why many sites simply don’t allow users under the age of 13 and purge users they discover are under that age. It’s easier than complying with the law.

What’s “Personal Information?”

Essentially, personal information is anything that could be used to track or identify a child. This includes the obvious, like name and address, but can also include other information, such as consumer profiles. The law isn’t specific, and this can be a moving target.

Smiling children looking at a laptop screen.

Who Has To Comply With COPPA?

COPPA applies to any business under U.S. jurisdiction, which includes businesses with customers on servers based in the U.S. and businesses with headquarters located in U.S. territory. In addition, if a foreign business collects information on children under 13 who reside in the U.S., it must follow COPPA as well. This is true whether they own the website or not. Third-party cookies, for example, must be COPPA-compliant.

That said, government organizations, like schools and non-profits serving an educational purpose, don’t have to comply with COPPA. If one of these groups gives the data to a third party, the law doesn’t apply in that scenario.

What Should Parents Do?

This law is largely enforced at the corporate level. That said, there are points that COPPA simply can’t address. Parents should talk to children about:

  • How to avoid posting profile pictures and information that may give away identifying information
  • How to be careful about what they share in chats and emails that others might be able to use to draw conclusions
  • How to handle inappropriate adult interactions, from rude behavior to attempts at online grooming
  • How to spot malware, hacking attempts, and other forms of fraud

Parental control software can help by blocking certain apps and websites, controlling when kids can access certain parts of the web, and locking devices during times when they should be doing homework, sleeping, or otherwise doing something else. To learn more about Screen Time, contact us!

Join the conversation