What is COPPA?

The Children's Online Privacy Protection Act (COPPA), places certain requirements on operators of websites and online services to place parents in control over what information is collected from their young children under 13 yrs old online.

The Children's Online Privacy Protection Act, known as COPPA, was enacted by the United States Congress in 1998, and became effective on April 21, 2000. COPPA required the Federal Trade Commission to issue and enforce regulations concerning children’s online privacy. In addition, COPPA gives states and certain federal agencies authority to enforce compliance with respect to entities over which they have jurisdiction.

COPPA places certain requirements on operators of websites or online services (apps, games online, connected toys, learning platforms, etc.) that are directed to children under 13 years of age or that have actual knowledge that they are collecting personal information online from a child under 13 years of age.

COPPA requires operators to notify parents of their information practices; obtain verifiable parental consent; collect the least amount of data possible; and maintain reasonable procedures to protect the confidentiality, security, and integrity of children’s personal information.

The primary goal of COPPA is to place parents in control over what information is collected from their young children under the age of 13 online and to protect them while accounting for the dynamic nature of the Internet.

COPPA provides the FTC with civil penalty authority to encourage compliance with the COPPA Rule. The FTC has taken law enforcement actions against companies that failed to comply with the provisions of the law. A court can hold operators who violate the Rule liable for civil penalties of up to $41,484 per violation.

For more information about COPPA and a child’s rights to online privacy, visit the FTC’s Kids’ Privacy website for parents at http://www.ftc.gov/privacy/privacyinitiatives/childrens.html.