FTC Sends Letters to Businesses in Advance of New COPPA Requirements

The Federal Trade Commission (FTC) has reportedly sent letters to more than
90 businesses in an effort to educate them about updates to the Children’s
Online Privacy Protection Act (COPPA) that take effect July 1, 2013. According
to a May 15, 2013, FTC press release, the agency sent separate letters to both
domestic and foreign companies “that may be collecting images or sounds
of children” as well as those “that may be collecting persistent identifiers
from children.” The letters explain to recipients that under the new rules,
personal information now includes (i) “a photograph or video with a child’s
image, or an audio file that has a child’s voice,” and (ii) “persistent identifiers,
such as cookies, IP addresses and mobile device IDs, that can recognize users
over time and across different websites or online services.”

“Companies whose apps collect, store or transmit this information, as well as
other personal information previously covered by the rule like a child’s name
or address, must get parents’ consent before collecting the information,” states
the commission. “In addition, companies must also ensure that any third
party receiving the information can keep it secure and confidential, as well as
abiding by new rules affecting how the information is stored and retained.”