The Federal Trade Commission (FTC) approved TRUSTe’s proposed modifications to their Children’s Online Privacy Protection Act (COPPA) safe harbor program this week.
COPPA requires, among other things, that commercial website and mobile app operators that knowingly collect personal information from children under age 13 post comprehensive privacy policies on their websites and in their mobile apps, notify parents and guardians of the website’s or mobile app’s information practices, and obtain parental consent before collecting, using or disclosing any personal information from children under age 13. However, COPPA includes a ‘safe harbor’ provision whereby industry groups may seek approval from the FTC to create self-regulatory guidelines that implement “the same or great protections for children” as those in COPPA. Website and mobile app operators that participate in FTC-approved safe harbor programs are subject to the review and disciplinary procedures provided in the safe harbor guidelines in lieu of an FTC’s formal investigation or enforcement.
TRUSTe, a risk management and privacy compliance company, proposed changes to its existing COPPA safe harbor program, including:
- New requirement that participants conduct an annual internal assessment of third parties’ collection of personal information from children through their websites and mobile apps;
- Uses the term “seal” rather than “trustmark” and “Privacy Notice” rather than “Privacy Statement;”
- Additional data security requirements; and
Adds personnel training requirements for program participants.