In response to increases in children’s web competency and grade schools’ web integration, the Federal Trade Commission (FTC) has updated its privacy regulations to include smartphones, social networks, and location based devices and services. Over the past two years the FTC has sought to update their regulations, which are based on the Children’s Online Privacy Protection Act (COPPA), to keep up with changing technologies and to help parents better protect their children’s personal information. In doing so, they have issued a number of updates to their previously standing regulations.
The expanded regulations, which apply to children under the age of 13, aim to virtually eliminate all sharing and collecting of children’s personal information. While previous regulations held only to websites, the FTC has grown to include a host of new platforms including mobile devices, apps, and browser plug-ins. Consequently, this means that parents must now be notified and provide consent before a company can collect personal information pertaining to children.
In addition to expanding the parameters of coverage, the FTC has widened their definition of personal information past text based data (i.e. name). Now, locational data, audio files, photos, and videos are all considered to be a part of a child’s personal information. Furthermore, this extension stretches even farther to include device identifying data (i.e. an IP address sent from a computer to a phone). In doing this, the FTC has defined these types of data as being “personal identifiers,” which allows for the information to be subject to the same regulations as photos, videos, and locational data.
Aside from broadening definitions of personal data to implement tighter safeguards, the FTC has also broadened the ways in which companies can secure verified parental consent. Newer options such as electronic scans of parental consent forms and video conferencing are now viable modes of procuring consent. These newer options come in addition to those already in effect (i.e. phone calls and email+).
While this new regulation stretches to include a number of types of data, it does not affect platforms such as Apple’s App Store, and Google Play. Instead, once children are on these platforms, it becomes the responsibility of the app company to secure parental consent. Furthermore, while regulations do not apply to the app stores themselves, they do in fact apply to app developers. This means that while all apps must comply, neither Google nor Apple is required to ensure applications’ compliance.
Though the FTC’s expansion of regulation takes many precautions, one update seems strange amongst the rest. Children can now participate in interactive online communities without the expressed consent of a parent. Though some measure is taken as it is dictated that service operators must “take reasonable measures to delete all or virtually all children’s personal information before it is made public,” this change does not quite come in accordance with other measures. Despite this oddity of one change, the FTC strives to keep their regulations up to date with rapid changes in technology. In including a number of new measures, the commission has set out to help parents better safeguard their children’s personal information. In age where more and more information is readily available,the FTC sets out to eliminate, or at least inhibit, the unwanted sharing of personal information. The update will go into effect January 1, 2013.
– In the Wake of Tragedy, Schools Looking to Refine Security Infrastructure
– FTC Drops Hammer on “Rachel” & “Cardholder” Cronies
– California Bill SB 1161 to Prevent Regulation VoIP and Other Internet Services