SlideShare a Scribd company logo

The FTC’s Revised COPPA Rules (Stanford Presentation)

WilmerHale
WilmerHale

This panel discussion explored topics including: - Expanded definition of “personal information” - Application of expanded definition of “personal information” - Strict liability for child-directed websites and services - Third-party liability and the “actual knowledge” standard - Third-party social media plug-ins, ad networks, and analytics - Age screening - Mechanisms for obtaining parental consent - Practical impacts of the COPPA rules (e.g., on content, parents, states) - Privacy policy and parental notice requirements - Security and retention of children’s personal information

BusinessTechnologyEducation
1 of 13
Download to read offline
The FTC’s Revised COPPA Rules: Practical Impacts and Compliance Challenges 10th Annual Stanford E-Commerce Best Practices Conference June 28, 2013 Jennifer Hanley, Family Online Safety Institute Shai Samet, kidSAFE Seal Program Jennifer Sanders, formerly Nickelodeon Kids and Family Games Group Heather Zachary, WilmerHale Attorney Advertising
Overview of Panel Discussion Topics  Expanded definition of “personal information”  Application of expanded definition of “personal information”  Strict liability for child-directed websites and services  Third-party liability and the “actual knowledge” standard  Third-party social media plug-ins, ad networks, and analytics  Age screening  Mechanisms for obtaining parental consent  Practical impacts of the COPPA rules (e.g., on content, parents, states)  Privacy policy and parental notice requirements  Security and retention of children’s personal information  Other issues © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 2
Expanded Definition of “Personal Information”  Prior to the amendments, “personal information” included: full name, physical address, online contact information, telephone number, social security number, information concerning a child or that child’s parents when combined with another element of personal information  The FTC added four types of information to the definition: – Geolocation information sufficient to identify the street name and the name of the city/town; the FTC clarified that this information is covered by the existing rule (FAQs A4, F1 to F4) – Photos, videos, or audio files that contain a child’s image or voice (FAQs E1 to E5) – Screen or user names that function like “online contact information” – “Persistent identifiers” that can be used to recognize a user over time and across different sites or services (e.g., cookies, device IDs, IP addresses) (FAQs C6, H2) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 3
Application of Personal Information Definition  In some cases, these definitional changes affect information that already has been collected from children, especially when such information is combined with newlycollected information (FAQ A4)  When an operator collects a persistent identifier and no other personal information, there is no notice or consent requirement when the identifier “is used for the sole purpose of providing support for the internal operations of the Web site or online service.” (Rule 312.5(c)(7); FAQs C6, H2, I5)  “Support for the internal operations” includes: maintaining or analyzing the functioning of a site or service; performing network communications; authenticating users or personalizing content on the site or service; serving contextual advertising (but not behavioral advertising); capping the frequency of ads; protecting the security or integrity of the site or service; ensuring legal or regulatory compliance; and fulfilling certain types of requests from a child (FAQs I5 to I8; Rule 312.2) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 4
Strict Liability for Child-Directed Websites and Services  A child-directed site or service generally cannot permit a third-party plug-in or ad network to collect personal information without notice and consent (FAQs A5, D6, D8)  Such collection is deemed to be “on behalf of” the operator, even if the third party does not share such information with the child-directed site or service.  The child-directed site or service is strictly liable for the integration of third-party features and must ensure that any collection of personal information complies with COPPA (FAQs D6, D8) – There is no good-faith exception; operators must investigate whether any third-party plug-in or ad network collects information through the child-directed site or service.  On the other hand, the new rules relax the existing “100% deletion standard” and permit interactive features (such as chats and message-posting features) for children without parental consent if the operator takes “reasonable measures to delete all or virtually all” of children’s personal information before it is made public (Rule 312.2) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 5
Third-Party Liability and the “Actual Knowledge” Standard  A general-audience website or service must comply with COPPA when the operator has “actual knowledge” that it has collected personal information from a child (e.g., through a customer service interaction or a post on a monitored message board) (FAQs G4, G5)  A third-party plug-in, ad network, or other service that collects personal information through another site or service must comply with COPPA if it has “actual knowledge” that it is integrated into a child-directed site or service (FAQs A5, D5)  Unlike under the strict-liability standard for child-directed sites, there is no duty for third parties to investigate. Instead, FAQ D5 states that a third party has actual knowledge when: – The child-directed website or service directly communicates the nature of its content to the third-party provider; or – A representative of the third party recognizes the child-directed nature of the site © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 6
Specific Third-Party Features  Social media plug-ins (e.g., Facebook share) — FAQs H2, I10; Rule 312.5(c)(8) – Generally must obtain parental consent to use these features on child-directed sites and services – Exception to notice and consent if: (1) the plug-in collects only a persistent identifier; (2) the user interacts with the third party to trigger the collection; and (3) the third party has previously conducted an age-screen of the user, confirming that the user is not a child (FAQs H2, I10)  Ad networks (e.g., Google AdSense) — FAQs D7, I8 – Contextual ads are allowed without parental notice and consent in many circumstances – IP addresses or other persistent identifiers may be used for capping the frequency of ads, provided they are not linked to other personal information – Behaviorally targeted or retargeted ads are not allowed without parental notice and consent  Analytics (e.g., Google Analytics) — FAQ I7 – No consent is needed if persistent identifiers are collected and used only for analytics on the child-directed site or service (or for other “support for the internal operations”) – But such data cannot be linked to other personal information or used by the analytics vendor or the operator for other purposes, such as behavioral ads © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 7
Age Screening  General audience sites and services need not age screen users  Child-directed sites and services that target children as their “primary audience” must assume that all users are under 13 and provide appropriate COPPA protections (FAQ D2)  Under the new rules, some sites and services now occupy a middle ground. They are directed to children, but they do not target children as their “primary audience” (FAQs D2 to D4, G2) – May age screen prior to collecting personal information and either (1) provide COPPA protections to users under age 13, or (2) avoid collecting personal information from such users – But cannot entirely block children under 13 from using the site or service  Age screening must be done neutrally (FAQ G3) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 8
Mechanisms for Obtaining Parental Consent  The rules provide new ways to obtain parental consent: scans of signed consent forms; video conferencing; government ID checked against a database; a debit card or online payment system that provides a notification of each transaction (FAQ H4)  Sites and services can participate in an FTC-approved safe harbor program (FAQ H13)  Consent through an app store account (e.g., an iTunes password) is not sufficient, even if linked to a credit card (FAQ H10)  “Email plus” remains a legitimate means of obtaining parental consent, but only for internal uses of personal information (i.e., no disclosure to third parties or the public is permitted) (FAQs H3, H4, H12; Rule 312.5(b)(2)(vi))  Schools can provide consent under certain circumstances (FAQs M1 to M4)  The list of approved mechanisms is not exhaustive, and parties can seek FTC approval for new methods (FAQs H14, H15) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 9
Practical Impacts of the COPPA Rules  Some app developers and commenters have expressed concern that the rules will negatively impact the content and features available to children  Many parents are confused about the purpose and mechanics of COPPA, and about how to protect their children online – Many organizations are taking steps to educate parents and make them more engaged with respect to children’s online privacy (e.g., resources from FOSI and kidSAFE Seal)  The FTC is not the only government entity actively engaged in protecting children’s privacy – States have undertaken efforts to enforce COPPA (FAQ B3) – Some states have attempted to enact legislation or take additional measures to protect minors online and limit advertising to children © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 10
Privacy Policy and Parental Notice Requirements  The new rules streamline the elements that are required in a COPPAcompliant privacy policy (FAQ C2; Rule 312.4(d))  A privacy policy must be posted on the home or landing screen of a childdirected website or mobile app (FAQs C7, C9; Rule 312.4(d)) – Posting on the app store page is not sufficient or required (but is recommended) – The privacy policy must also be provided on any forms or features within the site or app that collect/upload personal information from children – If personal information is collected as soon as an app is downloaded, notice and parental consent are required before the download is complete (e.g., at checkout or on a landing page appearing before the download ends)  The rules require fact-specific direct notices to parents: – The notices vary depending on the type of activity triggering the notice. A detailed roadmap is provided in FAQ C11 and Rule 312.4(c)(1)-(4) – The FTC has called for succinct and “just-in-time” notices (FAQs A5, C12) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 11
Security and Retention of Personal Information  The new rules strengthen existing security protections and add new obligations concerning data retention and deletion  Operators must take “reasonable steps” to release personal information only to vendors and other third parties that are capable of protecting it, and that provide assurances they will do so. Such steps include: – Expressly addressing security expectations in contracts with service providers and third parties – Using reasonable means, such as periodic monitoring, to confirm that any service providers or third parties are maintaining the confidentiality and security of personal information (FAQ K1)  Operators may retain children’s personal information for only so long as is reasonably necessary to fulfill the purpose for which it was collected and must take steps to safely delete personal information (FAQ A1) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 12
Other Issues  Consent exceptions for one-time use and multiple contacts with children (e.g., contests, newsletters) — FAQs H2, I1 to I3; Rule 312.5(c)  How to determine whether a site is “directed to children” — FAQs D1, D5; Rule 312.2  Mobile app push notifications — FAQ I9  Safe Harbor Programs — FAQs N1 to N3 Wilmer Cutler Pickering Hale and Dorr LLP is a Delaware limited liability partnership. WilmerHale principal law offices: 60 State Street, Boston, Massachusetts 02109, +1 617 526 6000; 1875 Pennsylvania Avenue, NW, Washington, DC 20006, +1 202 663 6000. Our United Kingdom offices are operated under a separate Delaware limited liability partnership of solicitors and registered foreign lawyers authorized and regulated by the Solicitors Regulation Authority (SRA No. 287488). Our professional rules can be found at www.sra.org.uk/solicitors/codeof-conduct.page. A list of partners and their professional qualifications is available for inspection at our UK offices. In Beijing, we are registered to operate as a Foreign Law Firm Representative Office. This material is for general informational purposes only and does not represent our advice as to any particular set of facts; nor does it represent any undertaking to keep recipients advised of all legal developments. Prior results do not guarantee a similar outcome. © 2014 Wilmer Cutler Pickering Hale and Dorr LLP © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 13

Recommended

COPPA
COPPACOPPA
COPPAculturewins
 
COPPA Compliance
COPPA ComplianceCOPPA Compliance
COPPA ComplianceKegan Blumenthal
 
COPPA for Newbies
COPPA for NewbiesCOPPA for Newbies
COPPA for NewbiesKegan Blumenthal
 
Coppa overview
Coppa overviewCoppa overview
Coppa overviewchstokes
 
Business COPPA 6 Steps
Business COPPA 6 StepsBusiness COPPA 6 Steps
Business COPPA 6 Steps- Mark - Fullbright
 
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...- Mark - Fullbright
 
USLFG Corporate & Securities Presentation
USLFG Corporate & Securities PresentationUSLFG Corporate & Securities Presentation
USLFG Corporate & Securities PresentationArmstrong Teasdale
 
Fundraising On The Internet
Fundraising On The InternetFundraising On The Internet
Fundraising On The InternetMessrs G Owen & Co
 

Recommended

COPPA
COPPACOPPA
COPPAculturewins
 
COPPA Compliance
COPPA ComplianceCOPPA Compliance
COPPA ComplianceKegan Blumenthal
 
COPPA for Newbies
COPPA for NewbiesCOPPA for Newbies
COPPA for NewbiesKegan Blumenthal
 
Coppa overview
Coppa overviewCoppa overview
Coppa overviewchstokes
 
Business COPPA 6 Steps
Business COPPA 6 StepsBusiness COPPA 6 Steps
Business COPPA 6 Steps- Mark - Fullbright
 
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...- Mark - Fullbright
 
USLFG Corporate & Securities Presentation
USLFG Corporate & Securities PresentationUSLFG Corporate & Securities Presentation
USLFG Corporate & Securities PresentationArmstrong Teasdale
 
Fundraising On The Internet
Fundraising On The InternetFundraising On The Internet
Fundraising On The InternetMessrs G Owen & Co
 
Legislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to KnowLegislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to KnowKaley Perkins, MA
 
10 Step Guide to COPPA Compliance
10 Step Guide to COPPA Compliance10 Step Guide to COPPA Compliance
10 Step Guide to COPPA ComplianceKegan Blumenthal
 
1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from Misuse1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from MisuseWendi Lazar
 
Social Media and the Law
Social Media and the LawSocial Media and the Law
Social Media and the LawChristina Gagnier
 
Google Health - NYHIMA
Google Health - NYHIMAGoogle Health - NYHIMA
Google Health - NYHIMARaj Goel
 
Social Media Privacy Laws and Legal Liabilities
Social Media Privacy Laws and Legal LiabilitiesSocial Media Privacy Laws and Legal Liabilities
Social Media Privacy Laws and Legal LiabilitiesTommy Hobin
 
Risk Factory: Security Lessons From the Online Adult Entertainment Industry
Risk Factory: Security Lessons From the Online Adult Entertainment IndustryRisk Factory: Security Lessons From the Online Adult Entertainment Industry
Risk Factory: Security Lessons From the Online Adult Entertainment IndustryRisk Crew
 
Email And Social Networking
Email And Social NetworkingEmail And Social Networking
Email And Social NetworkingHeather Grimes
 
GDPR: New Privacy Rules, Digital Communications, Marketing Opportunities
GDPR: New Privacy Rules, Digital Communications, Marketing OpportunitiesGDPR: New Privacy Rules, Digital Communications, Marketing Opportunities
GDPR: New Privacy Rules, Digital Communications, Marketing OpportunitiesBob Johnson, Ph.D.
 
Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings
Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings
Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings Christina Gagnier
 
Social Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaSocial Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaShawn Tuma
 
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Shawn Tuma
 
Lathrop & Gage Legal Pitfalls Presentation
Lathrop & Gage Legal Pitfalls PresentationLathrop & Gage Legal Pitfalls Presentation
Lathrop & Gage Legal Pitfalls PresentationSocial Media Club of Kansas City
 
Who ownes the customer? Privacy in the connected age.
Who ownes the customer? Privacy in the connected age.Who ownes the customer? Privacy in the connected age.
Who ownes the customer? Privacy in the connected age.jatharrison
 
Data Mining: Privacy and Concerns
Data Mining: Privacy and ConcernsData Mining: Privacy and Concerns
Data Mining: Privacy and ConcernsBradley Buchanan
 
Pli workplace privacy in the year 2013 2013-6-13
Pli workplace privacy in the year 2013 2013-6-13Pli workplace privacy in the year 2013 2013-6-13
Pli workplace privacy in the year 2013 2013-6-13mkeane
 
Privacy and social media in the workplace
Privacy and social media in the workplacePrivacy and social media in the workplace
Privacy and social media in the workplaceBailey and Wyant PLLC
 
OLC Presentation Jipson
OLC Presentation JipsonOLC Presentation Jipson
OLC Presentation JipsonUniversity of Dayton
 
Wills and estates law in the digital age
Wills and estates law in the digital ageWills and estates law in the digital age
Wills and estates law in the digital ageClio - Cloud-Based Legal Technology
 
Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”IDology, Inc
 
Ferpa
FerpaFerpa
Ferpabrandyholekamp
 
Session V. Estoppel and Privity in US PTO Post-Grant Proceedings
Session V. Estoppel and Privity in US PTO Post-Grant ProceedingsSession V. Estoppel and Privity in US PTO Post-Grant Proceedings
Session V. Estoppel and Privity in US PTO Post-Grant ProceedingsWilmerHale
 

More Related Content

What's hot

Legislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to KnowLegislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to KnowKaley Perkins, MA
 
10 Step Guide to COPPA Compliance
10 Step Guide to COPPA Compliance10 Step Guide to COPPA Compliance
10 Step Guide to COPPA ComplianceKegan Blumenthal
 
1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from Misuse1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from MisuseWendi Lazar
 
Google Health - NYHIMA
Google Health - NYHIMAGoogle Health - NYHIMA
Google Health - NYHIMARaj Goel
 
Social Media Privacy Laws and Legal Liabilities
Social Media Privacy Laws and Legal LiabilitiesSocial Media Privacy Laws and Legal Liabilities
Social Media Privacy Laws and Legal LiabilitiesTommy Hobin
 
Risk Factory: Security Lessons From the Online Adult Entertainment Industry
Risk Factory: Security Lessons From the Online Adult Entertainment IndustryRisk Factory: Security Lessons From the Online Adult Entertainment Industry
Risk Factory: Security Lessons From the Online Adult Entertainment IndustryRisk Crew
 
Email And Social Networking
Email And Social NetworkingEmail And Social Networking
Email And Social NetworkingHeather Grimes
 
GDPR: New Privacy Rules, Digital Communications, Marketing Opportunities
GDPR: New Privacy Rules, Digital Communications, Marketing OpportunitiesGDPR: New Privacy Rules, Digital Communications, Marketing Opportunities
GDPR: New Privacy Rules, Digital Communications, Marketing OpportunitiesBob Johnson, Ph.D.
 
Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings
Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings
Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings Christina Gagnier
 
Social Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaSocial Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaShawn Tuma
 
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Shawn Tuma
 
Who ownes the customer? Privacy in the connected age.
Who ownes the customer? Privacy in the connected age.Who ownes the customer? Privacy in the connected age.
Who ownes the customer? Privacy in the connected age.jatharrison
 
Data Mining: Privacy and Concerns
Data Mining: Privacy and ConcernsData Mining: Privacy and Concerns
Data Mining: Privacy and ConcernsBradley Buchanan
 
Pli workplace privacy in the year 2013 2013-6-13
Pli workplace privacy in the year 2013 2013-6-13Pli workplace privacy in the year 2013 2013-6-13
Pli workplace privacy in the year 2013 2013-6-13mkeane
 
Privacy and social media in the workplace
Privacy and social media in the workplacePrivacy and social media in the workplace
Privacy and social media in the workplaceBailey and Wyant PLLC
 
Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”IDology, Inc
 

What's hot (20)

Legislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to KnowLegislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to Know
 
10 Step Guide to COPPA Compliance
10 Step Guide to COPPA Compliance10 Step Guide to COPPA Compliance
10 Step Guide to COPPA Compliance
 
1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from Misuse1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from Misuse
 
Social Media and the Law
Social Media and the LawSocial Media and the Law
Social Media and the Law
 
Google Health - NYHIMA
Google Health - NYHIMAGoogle Health - NYHIMA
Google Health - NYHIMA
 
Social Media Privacy Laws and Legal Liabilities
Social Media Privacy Laws and Legal LiabilitiesSocial Media Privacy Laws and Legal Liabilities
Social Media Privacy Laws and Legal Liabilities
 
Risk Factory: Security Lessons From the Online Adult Entertainment Industry
Risk Factory: Security Lessons From the Online Adult Entertainment IndustryRisk Factory: Security Lessons From the Online Adult Entertainment Industry
Risk Factory: Security Lessons From the Online Adult Entertainment Industry
 
Email And Social Networking
Email And Social NetworkingEmail And Social Networking
Email And Social Networking
 
GDPR: New Privacy Rules, Digital Communications, Marketing Opportunities
GDPR: New Privacy Rules, Digital Communications, Marketing OpportunitiesGDPR: New Privacy Rules, Digital Communications, Marketing Opportunities
GDPR: New Privacy Rules, Digital Communications, Marketing Opportunities
 
Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings
Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings
Data Privacy: A Snapshot of Recent Federal Trade Commission Rulings
 
Social Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaSocial Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social Media
 
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
 
Lathrop & Gage Legal Pitfalls Presentation
Lathrop & Gage Legal Pitfalls PresentationLathrop & Gage Legal Pitfalls Presentation
Lathrop & Gage Legal Pitfalls Presentation
 
Who ownes the customer? Privacy in the connected age.
Who ownes the customer? Privacy in the connected age.Who ownes the customer? Privacy in the connected age.
Who ownes the customer? Privacy in the connected age.
 
Data Mining: Privacy and Concerns
Data Mining: Privacy and ConcernsData Mining: Privacy and Concerns
Data Mining: Privacy and Concerns
 
Pli workplace privacy in the year 2013 2013-6-13
Pli workplace privacy in the year 2013 2013-6-13Pli workplace privacy in the year 2013 2013-6-13
Pli workplace privacy in the year 2013 2013-6-13
 
Privacy and social media in the workplace
Privacy and social media in the workplacePrivacy and social media in the workplace
Privacy and social media in the workplace
 
OLC Presentation Jipson
OLC Presentation JipsonOLC Presentation Jipson
OLC Presentation Jipson
 
Wills and estates law in the digital age
Wills and estates law in the digital ageWills and estates law in the digital age
Wills and estates law in the digital age
 
Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”
 

Viewers also liked

Session V. Estoppel and Privity in US PTO Post-Grant Proceedings
Session V. Estoppel and Privity in US PTO Post-Grant ProceedingsSession V. Estoppel and Privity in US PTO Post-Grant Proceedings
Session V. Estoppel and Privity in US PTO Post-Grant ProceedingsWilmerHale
 
Georgetown Univ. Law Center Conference: Post-Grant Patent Proceedings: Are th...
Georgetown Univ. Law Center Conference: Post-Grant Patent Proceedings: Are th...Georgetown Univ. Law Center Conference: Post-Grant Patent Proceedings: Are th...
Georgetown Univ. Law Center Conference: Post-Grant Patent Proceedings: Are th...WilmerHale
 
Georgetown Univ. Law Center Conference: Strategies for Worldwide Patent Litig...
Georgetown Univ. Law Center Conference: Strategies for Worldwide Patent Litig...Georgetown Univ. Law Center Conference: Strategies for Worldwide Patent Litig...
Georgetown Univ. Law Center Conference: Strategies for Worldwide Patent Litig...WilmerHale
 
Harlem Biospace Seminar: Raising Money by Convertible Debt
Harlem Biospace Seminar: Raising Money by Convertible DebtHarlem Biospace Seminar: Raising Money by Convertible Debt
Harlem Biospace Seminar: Raising Money by Convertible DebtWilmerHale
 
COPPA and Over 13 Age Restrictions
COPPA and Over 13 Age RestrictionsCOPPA and Over 13 Age Restrictions
COPPA and Over 13 Age RestrictionsMark Moran
 
Georgetown Univ. Law Center Conference: Patent Law Developments in the Suprem...
Georgetown Univ. Law Center Conference: Patent Law Developments in the Suprem...Georgetown Univ. Law Center Conference: Patent Law Developments in the Suprem...
Georgetown Univ. Law Center Conference: Patent Law Developments in the Suprem...WilmerHale
 

Viewers also liked (9)

Ferpa
FerpaFerpa
Ferpa
 
Session V. Estoppel and Privity in US PTO Post-Grant Proceedings
Session V. Estoppel and Privity in US PTO Post-Grant ProceedingsSession V. Estoppel and Privity in US PTO Post-Grant Proceedings
Session V. Estoppel and Privity in US PTO Post-Grant Proceedings
 
Georgetown Univ. Law Center Conference: Post-Grant Patent Proceedings: Are th...
Georgetown Univ. Law Center Conference: Post-Grant Patent Proceedings: Are th...Georgetown Univ. Law Center Conference: Post-Grant Patent Proceedings: Are th...
Georgetown Univ. Law Center Conference: Post-Grant Patent Proceedings: Are th...
 
Georgetown Univ. Law Center Conference: Strategies for Worldwide Patent Litig...
Georgetown Univ. Law Center Conference: Strategies for Worldwide Patent Litig...Georgetown Univ. Law Center Conference: Strategies for Worldwide Patent Litig...
Georgetown Univ. Law Center Conference: Strategies for Worldwide Patent Litig...
 
Harlem Biospace Seminar: Raising Money by Convertible Debt
Harlem Biospace Seminar: Raising Money by Convertible DebtHarlem Biospace Seminar: Raising Money by Convertible Debt
Harlem Biospace Seminar: Raising Money by Convertible Debt
 
COPPA and Over 13 Age Restrictions
COPPA and Over 13 Age RestrictionsCOPPA and Over 13 Age Restrictions
COPPA and Over 13 Age Restrictions
 
Georgetown Univ. Law Center Conference: Patent Law Developments in the Suprem...
Georgetown Univ. Law Center Conference: Patent Law Developments in the Suprem...Georgetown Univ. Law Center Conference: Patent Law Developments in the Suprem...
Georgetown Univ. Law Center Conference: Patent Law Developments in the Suprem...
 
COPPA
COPPACOPPA
COPPA
 
COPPA and YOU
COPPA and YOUCOPPA and YOU
COPPA and YOU
 

Similar to The FTC’s Revised COPPA Rules (Stanford Presentation)

Trending Topics in Data Collection & Targeted Marketing
Trending Topics in Data Collection & Targeted MarketingTrending Topics in Data Collection & Targeted Marketing
Trending Topics in Data Collection & Targeted MarketingcdasLLP
 
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...TrustArc
 
Avoiding Privacy Pitfalls When Using Big Data in Marketing
Avoiding Privacy Pitfalls When Using Big Data in MarketingAvoiding Privacy Pitfalls When Using Big Data in Marketing
Avoiding Privacy Pitfalls When Using Big Data in MarketingTokusoudeka
 
Privacy and Civil Liberties
Privacy and Civil LibertiesPrivacy and Civil Liberties
Privacy and Civil LibertiesUpekha Vandebona
 
CSR PII White Paper
CSR PII White PaperCSR PII White Paper
CSR PII White PaperDmcenter
 
Golden Gekko, 10 burning questions on privacy
Golden Gekko, 10 burning questions on privacyGolden Gekko, 10 burning questions on privacy
Golden Gekko, 10 burning questions on privacyDMI
 
Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)Jason Haislmaier
 
GAMABrief: When Education Meets Big Data
GAMABrief: When Education Meets Big DataGAMABrief: When Education Meets Big Data
GAMABrief: When Education Meets Big DataChristina Gagnier
 
Children Online Privacy Komal Bansal
Children Online Privacy Komal BansalChildren Online Privacy Komal Bansal
Children Online Privacy Komal BansalKomal Bansal
 
Session B: Handout 1
Session B: Handout 1Session B: Handout 1
Session B: Handout 1feitwincities
 
Business Marketing Your Mobile app
Business Marketing Your Mobile appBusiness Marketing Your Mobile app
Business Marketing Your Mobile app- Mark - Fullbright
 
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAWDIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAWSpice Route Legal
 
Introduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and RequirementsIntroduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and RequirementsFinancial Poise
 
How the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteHow the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteSilverTech
 
Cookies, FLoC & GDPR: Marketing Impact
Cookies, FLoC & GDPR: Marketing ImpactCookies, FLoC & GDPR: Marketing Impact
Cookies, FLoC & GDPR: Marketing ImpactCMassociates
 
Data protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalData protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalDr. Donald Macfarlane
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalDr. Donald Macfarlane
 
Report_PrivacyAmongChildren.pdf
Report_PrivacyAmongChildren.pdfReport_PrivacyAmongChildren.pdf
Report_PrivacyAmongChildren.pdfDaviesParker
 

Similar to The FTC’s Revised COPPA Rules (Stanford Presentation) (20)

Trending Topics in Data Collection & Targeted Marketing
Trending Topics in Data Collection & Targeted MarketingTrending Topics in Data Collection & Targeted Marketing
Trending Topics in Data Collection & Targeted Marketing
 
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
How to Leverage Your GDPR Compliance for CCPA, Privacy Shield & More New Requ...
 
Avoiding Privacy Pitfalls When Using Big Data in Marketing
Avoiding Privacy Pitfalls When Using Big Data in MarketingAvoiding Privacy Pitfalls When Using Big Data in Marketing
Avoiding Privacy Pitfalls When Using Big Data in Marketing
 
Privacy and Civil Liberties
Privacy and Civil LibertiesPrivacy and Civil Liberties
Privacy and Civil Liberties
 
Dpl november colombia
Dpl november colombiaDpl november colombia
Dpl november colombia
 
CSR PII White Paper
CSR PII White PaperCSR PII White Paper
CSR PII White Paper
 
Golden Gekko, 10 burning questions on privacy
Golden Gekko, 10 burning questions on privacyGolden Gekko, 10 burning questions on privacy
Golden Gekko, 10 burning questions on privacy
 
Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)Crash Course on Data Privacy (December 2012)
Crash Course on Data Privacy (December 2012)
 
GAMABrief: When Education Meets Big Data
GAMABrief: When Education Meets Big DataGAMABrief: When Education Meets Big Data
GAMABrief: When Education Meets Big Data
 
Children Online Privacy Komal Bansal
Children Online Privacy Komal BansalChildren Online Privacy Komal Bansal
Children Online Privacy Komal Bansal
 
Session B: Handout 1
Session B: Handout 1Session B: Handout 1
Session B: Handout 1
 
Business Marketing Your Mobile app
Business Marketing Your Mobile appBusiness Marketing Your Mobile app
Business Marketing Your Mobile app
 
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAWDIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
DIRECT MARKETING UNDER INDIA’S NEW DIGITAL DATA PROTECTION LAW
 
Introduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and RequirementsIntroduction to US Privacy and Data Security: Regulations and Requirements
Introduction to US Privacy and Data Security: Regulations and Requirements
 
How the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your WebsiteHow the EU-GDPR May Affect Your Website
How the EU-GDPR May Affect Your Website
 
Cookies, FLoC & GDPR: Marketing Impact
Cookies, FLoC & GDPR: Marketing ImpactCookies, FLoC & GDPR: Marketing Impact
Cookies, FLoC & GDPR: Marketing Impact
 
Data protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalData protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-final
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
 
Report_PrivacyAmongChildren.pdf
Report_PrivacyAmongChildren.pdfReport_PrivacyAmongChildren.pdf
Report_PrivacyAmongChildren.pdf
 
GDPR: how IT works
GDPR: how IT worksGDPR: how IT works
GDPR: how IT works
 

More from WilmerHale

Harlem Biospace Seminar: Protecting Your Assets
Harlem Biospace Seminar: Protecting Your AssetsHarlem Biospace Seminar: Protecting Your Assets
Harlem Biospace Seminar: Protecting Your AssetsWilmerHale
 
WeWork Labs Seminar: Raising Money by Convertible Debt
WeWork Labs Seminar: Raising Money by Convertible DebtWeWork Labs Seminar: Raising Money by Convertible Debt
WeWork Labs Seminar: Raising Money by Convertible DebtWilmerHale
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data PrivacyWilmerHale
 
Harlem Biospace Seminar: Formation
Harlem Biospace Seminar: FormationHarlem Biospace Seminar: Formation
Harlem Biospace Seminar: FormationWilmerHale
 
Executive Compensation: Life Sciences & HealthCare 2013 CompStudy Insights
Executive Compensation: Life Sciences & HealthCare 2013 CompStudy InsightsExecutive Compensation: Life Sciences & HealthCare 2013 CompStudy Insights
Executive Compensation: Life Sciences & HealthCare 2013 CompStudy InsightsWilmerHale
 
Introduction to Venture Capital Financing
Introduction to Venture Capital FinancingIntroduction to Venture Capital Financing
Introduction to Venture Capital FinancingWilmerHale
 
Formation of a Company
Formation of a CompanyFormation of a Company
Formation of a CompanyWilmerHale
 
Trademarks - The Basics
Trademarks - The BasicsTrademarks - The Basics
Trademarks - The BasicsWilmerHale
 
Alternative Structures for Life Sciences Companies: The LLC Holding Company
Alternative Structures for Life Sciences Companies: The LLC Holding CompanyAlternative Structures for Life Sciences Companies: The LLC Holding Company
Alternative Structures for Life Sciences Companies: The LLC Holding CompanyWilmerHale
 
Planning for Exit Events
Planning for Exit EventsPlanning for Exit Events
Planning for Exit EventsWilmerHale
 
Starting Up Right and Getting Funded
Starting Up Right and Getting FundedStarting Up Right and Getting Funded
Starting Up Right and Getting FundedWilmerHale
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data SecurityWilmerHale
 
Cybersecurity and Data Privacy Update
Cybersecurity and Data Privacy UpdateCybersecurity and Data Privacy Update
Cybersecurity and Data Privacy UpdateWilmerHale
 
Protecing Your Assets
Protecing Your AssetsProtecing Your Assets
Protecing Your AssetsWilmerHale
 
Practical on Copyrights and Trademarks
Practical on Copyrights and TrademarksPractical on Copyrights and Trademarks
Practical on Copyrights and TrademarksWilmerHale
 
Intellectual Property and Your Start-Up Company
Intellectual Property and Your Start-Up CompanyIntellectual Property and Your Start-Up Company
Intellectual Property and Your Start-Up CompanyWilmerHale
 
Legal Issues for Startups
Legal Issues for StartupsLegal Issues for Startups
Legal Issues for StartupsWilmerHale
 
Positioning Your Start-Up For Success: Advice to Entrepreneurs Forming a Company
Positioning Your Start-Up For Success: Advice to Entrepreneurs Forming a CompanyPositioning Your Start-Up For Success: Advice to Entrepreneurs Forming a Company
Positioning Your Start-Up For Success: Advice to Entrepreneurs Forming a CompanyWilmerHale
 

More from WilmerHale (20)

Harlem Biospace Seminar: Protecting Your Assets
Harlem Biospace Seminar: Protecting Your AssetsHarlem Biospace Seminar: Protecting Your Assets
Harlem Biospace Seminar: Protecting Your Assets
 
WeWork Labs Seminar: Raising Money by Convertible Debt
WeWork Labs Seminar: Raising Money by Convertible DebtWeWork Labs Seminar: Raising Money by Convertible Debt
WeWork Labs Seminar: Raising Money by Convertible Debt
 
Cybersecurity and Data Privacy
Cybersecurity and Data PrivacyCybersecurity and Data Privacy
Cybersecurity and Data Privacy
 
Harlem Biospace Seminar: Formation
Harlem Biospace Seminar: FormationHarlem Biospace Seminar: Formation
Harlem Biospace Seminar: Formation
 
Executive Compensation: Life Sciences & HealthCare 2013 CompStudy Insights
Executive Compensation: Life Sciences & HealthCare 2013 CompStudy InsightsExecutive Compensation: Life Sciences & HealthCare 2013 CompStudy Insights
Executive Compensation: Life Sciences & HealthCare 2013 CompStudy Insights
 
Introduction to Venture Capital Financing
Introduction to Venture Capital FinancingIntroduction to Venture Capital Financing
Introduction to Venture Capital Financing
 
Term Sheets
Term SheetsTerm Sheets
Term Sheets
 
Formation of a Company
Formation of a CompanyFormation of a Company
Formation of a Company
 
Trademarks - The Basics
Trademarks - The BasicsTrademarks - The Basics
Trademarks - The Basics
 
Alternative Structures for Life Sciences Companies: The LLC Holding Company
Alternative Structures for Life Sciences Companies: The LLC Holding CompanyAlternative Structures for Life Sciences Companies: The LLC Holding Company
Alternative Structures for Life Sciences Companies: The LLC Holding Company
 
Planning for Exit Events
Planning for Exit EventsPlanning for Exit Events
Planning for Exit Events
 
Starting Up Right and Getting Funded
Starting Up Right and Getting FundedStarting Up Right and Getting Funded
Starting Up Right and Getting Funded
 
Privacy and Data Security
Privacy and Data SecurityPrivacy and Data Security
Privacy and Data Security
 
Cybersecurity and Data Privacy Update
Cybersecurity and Data Privacy UpdateCybersecurity and Data Privacy Update
Cybersecurity and Data Privacy Update
 
Protecing Your Assets
Protecing Your AssetsProtecing Your Assets
Protecing Your Assets
 
Practical on Copyrights and Trademarks
Practical on Copyrights and TrademarksPractical on Copyrights and Trademarks
Practical on Copyrights and Trademarks
 
Intellectual Property and Your Start-Up Company
Intellectual Property and Your Start-Up CompanyIntellectual Property and Your Start-Up Company
Intellectual Property and Your Start-Up Company
 
Legal Issues for Startups
Legal Issues for StartupsLegal Issues for Startups
Legal Issues for Startups
 
IPO Readiness
IPO ReadinessIPO Readiness
IPO Readiness
 
Positioning Your Start-Up For Success: Advice to Entrepreneurs Forming a Company
Positioning Your Start-Up For Success: Advice to Entrepreneurs Forming a CompanyPositioning Your Start-Up For Success: Advice to Entrepreneurs Forming a Company
Positioning Your Start-Up For Success: Advice to Entrepreneurs Forming a Company
 

Recently uploaded

Financial-Statement-Analysis-of-Coca-cola-Company.pptx
Financial-Statement-Analysis-of-Coca-cola-Company.pptxFinancial-Statement-Analysis-of-Coca-cola-Company.pptx
Financial-Statement-Analysis-of-Coca-cola-Company.pptxsaniyaimamuddin
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationAnamaria Contreras
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFChandresh Chudasama
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyotictsugar
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
Cyber Security Training in Office Environment
Cyber Security Training in Office EnvironmentCyber Security Training in Office Environment
Cyber Security Training in Office Environmentelijahj01012
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy Verified Accounts
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607dollysharma2066
 
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...ssuserf63bd7
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...ssuserf63bd7
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxmbikashkanyari
 
8447779800, Low rate Call girls in Dwarka mor Delhi NCR
8447779800, Low rate Call girls in Dwarka mor Delhi NCR8447779800, Low rate Call girls in Dwarka mor Delhi NCR
8447779800, Low rate Call girls in Dwarka mor Delhi NCRashishs7044
 

Recently uploaded (20)

Financial-Statement-Analysis-of-Coca-cola-Company.pptx
Financial-Statement-Analysis-of-Coca-cola-Company.pptxFinancial-Statement-Analysis-of-Coca-cola-Company.pptx
Financial-Statement-Analysis-of-Coca-cola-Company.pptx
 
Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)
 
Call Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North GoaCall Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North Goa
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement Presentation
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDF
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyot
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
Cyber Security Training in Office Environment
Cyber Security Training in Office EnvironmentCyber Security Training in Office Environment
Cyber Security Training in Office Environment
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail Accounts
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
 
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
No-1 Call Girls In Goa 93193 VIP 73153 Escort service In North Goa Panaji, Ca...
 
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
Intermediate Accounting, Volume 2, 13th Canadian Edition by Donald E. Kieso t...
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
 
8447779800, Low rate Call girls in Dwarka mor Delhi NCR
8447779800, Low rate Call girls in Dwarka mor Delhi NCR8447779800, Low rate Call girls in Dwarka mor Delhi NCR
8447779800, Low rate Call girls in Dwarka mor Delhi NCR
 

The FTC’s Revised COPPA Rules (Stanford Presentation)

  • 1. The FTC’s Revised COPPA Rules: Practical Impacts and Compliance Challenges 10th Annual Stanford E-Commerce Best Practices Conference June 28, 2013 Jennifer Hanley, Family Online Safety Institute Shai Samet, kidSAFE Seal Program Jennifer Sanders, formerly Nickelodeon Kids and Family Games Group Heather Zachary, WilmerHale Attorney Advertising
  • 2. Overview of Panel Discussion Topics  Expanded definition of “personal information”  Application of expanded definition of “personal information”  Strict liability for child-directed websites and services  Third-party liability and the “actual knowledge” standard  Third-party social media plug-ins, ad networks, and analytics  Age screening  Mechanisms for obtaining parental consent  Practical impacts of the COPPA rules (e.g., on content, parents, states)  Privacy policy and parental notice requirements  Security and retention of children’s personal information  Other issues © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 2
  • 3. Expanded Definition of “Personal Information”  Prior to the amendments, “personal information” included: full name, physical address, online contact information, telephone number, social security number, information concerning a child or that child’s parents when combined with another element of personal information  The FTC added four types of information to the definition: – Geolocation information sufficient to identify the street name and the name of the city/town; the FTC clarified that this information is covered by the existing rule (FAQs A4, F1 to F4) – Photos, videos, or audio files that contain a child’s image or voice (FAQs E1 to E5) – Screen or user names that function like “online contact information” – “Persistent identifiers” that can be used to recognize a user over time and across different sites or services (e.g., cookies, device IDs, IP addresses) (FAQs C6, H2) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 3
  • 4. Application of Personal Information Definition  In some cases, these definitional changes affect information that already has been collected from children, especially when such information is combined with newlycollected information (FAQ A4)  When an operator collects a persistent identifier and no other personal information, there is no notice or consent requirement when the identifier “is used for the sole purpose of providing support for the internal operations of the Web site or online service.” (Rule 312.5(c)(7); FAQs C6, H2, I5)  “Support for the internal operations” includes: maintaining or analyzing the functioning of a site or service; performing network communications; authenticating users or personalizing content on the site or service; serving contextual advertising (but not behavioral advertising); capping the frequency of ads; protecting the security or integrity of the site or service; ensuring legal or regulatory compliance; and fulfilling certain types of requests from a child (FAQs I5 to I8; Rule 312.2) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 4
  • 5. Strict Liability for Child-Directed Websites and Services  A child-directed site or service generally cannot permit a third-party plug-in or ad network to collect personal information without notice and consent (FAQs A5, D6, D8)  Such collection is deemed to be “on behalf of” the operator, even if the third party does not share such information with the child-directed site or service.  The child-directed site or service is strictly liable for the integration of third-party features and must ensure that any collection of personal information complies with COPPA (FAQs D6, D8) – There is no good-faith exception; operators must investigate whether any third-party plug-in or ad network collects information through the child-directed site or service.  On the other hand, the new rules relax the existing “100% deletion standard” and permit interactive features (such as chats and message-posting features) for children without parental consent if the operator takes “reasonable measures to delete all or virtually all” of children’s personal information before it is made public (Rule 312.2) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 5
  • 6. Third-Party Liability and the “Actual Knowledge” Standard  A general-audience website or service must comply with COPPA when the operator has “actual knowledge” that it has collected personal information from a child (e.g., through a customer service interaction or a post on a monitored message board) (FAQs G4, G5)  A third-party plug-in, ad network, or other service that collects personal information through another site or service must comply with COPPA if it has “actual knowledge” that it is integrated into a child-directed site or service (FAQs A5, D5)  Unlike under the strict-liability standard for child-directed sites, there is no duty for third parties to investigate. Instead, FAQ D5 states that a third party has actual knowledge when: – The child-directed website or service directly communicates the nature of its content to the third-party provider; or – A representative of the third party recognizes the child-directed nature of the site © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 6
  • 7. Specific Third-Party Features  Social media plug-ins (e.g., Facebook share) — FAQs H2, I10; Rule 312.5(c)(8) – Generally must obtain parental consent to use these features on child-directed sites and services – Exception to notice and consent if: (1) the plug-in collects only a persistent identifier; (2) the user interacts with the third party to trigger the collection; and (3) the third party has previously conducted an age-screen of the user, confirming that the user is not a child (FAQs H2, I10)  Ad networks (e.g., Google AdSense) — FAQs D7, I8 – Contextual ads are allowed without parental notice and consent in many circumstances – IP addresses or other persistent identifiers may be used for capping the frequency of ads, provided they are not linked to other personal information – Behaviorally targeted or retargeted ads are not allowed without parental notice and consent  Analytics (e.g., Google Analytics) — FAQ I7 – No consent is needed if persistent identifiers are collected and used only for analytics on the child-directed site or service (or for other “support for the internal operations”) – But such data cannot be linked to other personal information or used by the analytics vendor or the operator for other purposes, such as behavioral ads © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 7
  • 8. Age Screening  General audience sites and services need not age screen users  Child-directed sites and services that target children as their “primary audience” must assume that all users are under 13 and provide appropriate COPPA protections (FAQ D2)  Under the new rules, some sites and services now occupy a middle ground. They are directed to children, but they do not target children as their “primary audience” (FAQs D2 to D4, G2) – May age screen prior to collecting personal information and either (1) provide COPPA protections to users under age 13, or (2) avoid collecting personal information from such users – But cannot entirely block children under 13 from using the site or service  Age screening must be done neutrally (FAQ G3) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 8
  • 9. Mechanisms for Obtaining Parental Consent  The rules provide new ways to obtain parental consent: scans of signed consent forms; video conferencing; government ID checked against a database; a debit card or online payment system that provides a notification of each transaction (FAQ H4)  Sites and services can participate in an FTC-approved safe harbor program (FAQ H13)  Consent through an app store account (e.g., an iTunes password) is not sufficient, even if linked to a credit card (FAQ H10)  “Email plus” remains a legitimate means of obtaining parental consent, but only for internal uses of personal information (i.e., no disclosure to third parties or the public is permitted) (FAQs H3, H4, H12; Rule 312.5(b)(2)(vi))  Schools can provide consent under certain circumstances (FAQs M1 to M4)  The list of approved mechanisms is not exhaustive, and parties can seek FTC approval for new methods (FAQs H14, H15) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 9
  • 10. Practical Impacts of the COPPA Rules  Some app developers and commenters have expressed concern that the rules will negatively impact the content and features available to children  Many parents are confused about the purpose and mechanics of COPPA, and about how to protect their children online – Many organizations are taking steps to educate parents and make them more engaged with respect to children’s online privacy (e.g., resources from FOSI and kidSAFE Seal)  The FTC is not the only government entity actively engaged in protecting children’s privacy – States have undertaken efforts to enforce COPPA (FAQ B3) – Some states have attempted to enact legislation or take additional measures to protect minors online and limit advertising to children © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 10
  • 11. Privacy Policy and Parental Notice Requirements  The new rules streamline the elements that are required in a COPPAcompliant privacy policy (FAQ C2; Rule 312.4(d))  A privacy policy must be posted on the home or landing screen of a childdirected website or mobile app (FAQs C7, C9; Rule 312.4(d)) – Posting on the app store page is not sufficient or required (but is recommended) – The privacy policy must also be provided on any forms or features within the site or app that collect/upload personal information from children – If personal information is collected as soon as an app is downloaded, notice and parental consent are required before the download is complete (e.g., at checkout or on a landing page appearing before the download ends)  The rules require fact-specific direct notices to parents: – The notices vary depending on the type of activity triggering the notice. A detailed roadmap is provided in FAQ C11 and Rule 312.4(c)(1)-(4) – The FTC has called for succinct and “just-in-time” notices (FAQs A5, C12) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 11
  • 12. Security and Retention of Personal Information  The new rules strengthen existing security protections and add new obligations concerning data retention and deletion  Operators must take “reasonable steps” to release personal information only to vendors and other third parties that are capable of protecting it, and that provide assurances they will do so. Such steps include: – Expressly addressing security expectations in contracts with service providers and third parties – Using reasonable means, such as periodic monitoring, to confirm that any service providers or third parties are maintaining the confidentiality and security of personal information (FAQ K1)  Operators may retain children’s personal information for only so long as is reasonably necessary to fulfill the purpose for which it was collected and must take steps to safely delete personal information (FAQ A1) © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 12
  • 13. Other Issues  Consent exceptions for one-time use and multiple contacts with children (e.g., contests, newsletters) — FAQs H2, I1 to I3; Rule 312.5(c)  How to determine whether a site is “directed to children” — FAQs D1, D5; Rule 312.2  Mobile app push notifications — FAQ I9  Safe Harbor Programs — FAQs N1 to N3 Wilmer Cutler Pickering Hale and Dorr LLP is a Delaware limited liability partnership. WilmerHale principal law offices: 60 State Street, Boston, Massachusetts 02109, +1 617 526 6000; 1875 Pennsylvania Avenue, NW, Washington, DC 20006, +1 202 663 6000. Our United Kingdom offices are operated under a separate Delaware limited liability partnership of solicitors and registered foreign lawyers authorized and regulated by the Solicitors Regulation Authority (SRA No. 287488). Our professional rules can be found at www.sra.org.uk/solicitors/codeof-conduct.page. A list of partners and their professional qualifications is available for inspection at our UK offices. In Beijing, we are registered to operate as a Foreign Law Firm Representative Office. This material is for general informational purposes only and does not represent our advice as to any particular set of facts; nor does it represent any undertaking to keep recipients advised of all legal developments. Prior results do not guarantee a similar outcome. © 2014 Wilmer Cutler Pickering Hale and Dorr LLP © 2014 Wilmer Cutler Pickering Hale and Dorr LLP WilmerHale 13