The Federal Trade Commission (FTC) has updated the Children’s Online Privacy Protection Act (COPPA) regulations to enhance privacy protections for children online. These updates require parental consent before targeted advertising can be shown to children, and the new rules impose stricter limits on how long companies can retain children’s data. The revised regulations are set to take effect 60 days after their publication in the Federal Register, aiming to provide stronger safeguards for personal information collected from children under the age of 13. Privacy advocates and children’s rights groups have closely followed these developments, as they seek to address the increasing concern over children’s data being monetized without proper oversight.
One of the key changes in the updated rule is the requirement for platforms and service providers to obtain explicit opt-in consent from parents for targeted advertising aimed at children. This new consent process ensures that parents are more involved in how their children’s data is used, especially in terms of advertising. The FTC’s action is seen as a necessary update to the COPPA rule, which had not seen substantial revisions in more than a decade. In addition, the rule now sets stricter limits on data retention, ensuring that children’s data is not kept indefinitely and is only stored for as long as necessary to fulfill its original purpose.
The updated COPPA rule also expands the definition of personal data to include biometric data and government-issued identifiers, broadening the scope of protections for children’s information. Transparency measures have been introduced for Safe Harbor programs, which allow companies to self-certify that they comply with COPPA safeguards. These companies must now publish the names of their members and report on how their accountability efforts are progressing. These steps aim to increase transparency and ensure that businesses are held accountable for their data handling practices.
Despite some of the proposals being abandoned, such as restrictions on push notifications and a measure prohibiting educational technology vendors from commercializing student data, the updated regulations continue to address major concerns about the data collection practices of online platforms, particularly in the education sector. The FTC has previously expressed concerns over educational technology companies collecting and sharing children’s data, and the new rules aim to provide clearer guidance on compliance. The updated COPPA rules reflect the growing need for stronger protections in the digital age, ensuring that children’s data is better safeguarded in the face of evolving online advertising and data-sharing practices.