SlideShare uma empresa Scribd logo

COPPA for Newbies

Transferir como PPTX, PDF
Kegan Blumenthal
Kegan Blumenthal

Famigo helps you understand the COPPA regulations and best practices to comply with the regulations.

NegóciosTecnologiaSaúde e medicina
1 de 25
How to comply with COPPA By: Gen Li
Disclaimer This is not a legal advice. You must not rely on the information on this slide as an alternative to legal advice from your attorney or other professional legal services provider. If you have any specific questions about any legal matter you should consult your attorney or other professional legal services provider. You should never delay seeking legal advice, disregard legal advice, or commence or discontinue any legal action because of information in this presentation.
What is COPPA?
A type of meat? A restaurant’s name? !
COPPA • The Children’s Online Privacy Protection Act (COPPA) was enacted by Congress in 1998. COPPA required the Federal Trade Commission (FTC) to issue and enforce regulations concerning children’s online privacy. The FTC’s amended Rule became effective on July 1, 2013. • COPPA’s primary goal is to ensure that parents have control over what information is collected from their young children online. • The Rule only covers developers that: (1) that operate mobile apps that are directed to children under 13 and collect, use or disclose personal information from children, and (2) those who have actual knowledge that they are collecting, using, or disclosing personal information from children under 13.
What does “personal information” include? (5) a telephone number; (6) a social security number; (7) a persistent identifier; (8) a photograph, video, or audio file, where such file contains a child’s image or voice; or (9) geo-location information sufficient to identify street name and name of a city or town. (1) first and last name; (2) a home or other physical address including street name and name of a city or town; (3) online contact information; (4) a screen or user name that functions as online contact information;
If you are covered, what should you do? • Post a clear and comprehensive privacy policy • Send direct notice to parents • Obtain verifiable parental consent from parents • Provide sufficient security to collected personal information • Allow parents to review collected information
Post a clear and comprehensive Privacy Policy
What does “comprehensive” mean? Your privacy policy needs to include the following information: • The developer and related operators’ personal information. Including: (1) name, (2) address, (3) telephone number and (4) email address. • A description of the types of information the developer collects from children, and how the developer uses the information. • A statement that parents can review or delete their children’s personal information and prevent future collection.
For example:
What does “clear” mean? The amended Rule requires the developer to post the privacy policy link in a clear and prominent location on the website or on the landing page. A“clear and prominent” link must stand out and be noticeable to the site’s visitors. The link is likely to be “clear and prominent” if it is in a larger font size and in all caps in a color that contrasts with the background. For example:
Send a direct notice to parents
What needs to be in the notice? 1. If the notice is used to obtain a parent’s verifiable consent prior to the collection of a child’s personal information, then you must: • State that you have collected the parent’s online contact information from the child, and that it is only used to obtain the parent’s consent; • State that the parent’s consent is required for the information collection; • List the personal information that is going to be collected if there is consent; • Include a hyperlink to your privacy policy; • State how the parent can grant verifiable parental consent; and • State that if the parent does not provide consent within a reasonable amount of time, then you will delete the parent’s online contact information.
2. If the notice is to provide a parent information about the child’s online activities and does not involve personal information collection, then : • State that you have collected the parent’s online contact information from the child, and that it is used to obtain the parent’s consent; • State that the parent’s online contact information will not be used or disclosed for any other purpose; • State that the parent can prevent the child from using the app and may require you to delete the online contact information, and how the parent can do so, and • Include a hyperlink to your privacy policy.
• For example:
How to send a notice? Based on section 312.4 (b) of the amended Rule, you must make reasonable efforts, taking into consideration the available technology, to ensure that a parent or child receives the direct notice. There is no absolute standard about what counts as a proper way to send a direct notice, and you need to make your own decision based on the available technology and information. For example:
Obtain verifiable parental consent from parents
Obtain verifiable parental consent from parents • Existing approved verifiable parental consent methods • Alternative “Email-plus” method
Existing approved verifiable parental consent • Provide consent through mail or fax; • Provide information about a credit card or a debt card; • Call a toll-free telephone; • Send consent via video-conference; • Checking a government-issued identification.
Alternative “Email-plus” method If you will only use the personal information for internal purposes, then you can use the next two steps: First: send an email to the child’s parent, and the parent can manifest his consent in the returning email Second, after receiving the email consent, you need to either (1) make a confirmation phone call, fax or letter to the parent; or (2) send a confirmation message via the parent’s online contact information within a reasonable amount of time.
Provide sufficient security to collected personal information
Provide sufficient security to collected personal information • COPPA requires developers to establish and maintain reasonable procedures to protect the confidentiality, security, and integrity of personal information collected from children. • If there is an industry security standard, FOLLOW IT! For example:
Allow parents to review collected information
Allow parents to review collected information • Based on section 312.6 of the COPPA Rule, upon a parent’s request, the developer must grant the parent access to the collected personal information. For example:
For more detailed information, please see...... Famigo’s “COPPA for Newbies” blog series: • http://www.famigo.com/blog/2013/09/coppa-for-newbies- your-privacy-policy/ • http://www.famigo.com/blog/2013/08/coppa-for-newbies- who-is-covered-by-this-rule/ • http://www.famigo.com/blog/?p=3653 • http://www.famigo.com/blog/2013/10/coppa-for-newbies- what-do-we-need-to-get-from-the-parents/

Recomendados

Types of electronic contracts
Types of electronic contractsTypes of electronic contracts
Types of electronic contracts
Vijay Dalmia
 
Children as target of cyber crimes
Children as target of cyber crimesChildren as target of cyber crimes
Children as target of cyber crimes
Nilendra Kumar
 
IT ACT 2000
IT ACT 2000IT ACT 2000
IT ACT 2000
Sudarsan Subramanian
 
Tinba Virus
Tinba VirusTinba Virus
Tinba Virus
AanchalJain72
 
Information & technology Act, 2000.
Information & technology Act, 2000.Information & technology Act, 2000.
Information & technology Act, 2000.
Vaishnavi Meghe
 
Social Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaSocial Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social Media
Shawn Tuma
 
Information and Technology Act
Information and Technology ActInformation and Technology Act
Information and Technology Act
Applied Forensic Research Sciences
 
FERPA
FERPAFERPA
FERPA
Dodge City Public Schools
 

Recomendados

Types of electronic contracts
Types of electronic contractsTypes of electronic contracts
Types of electronic contracts
Vijay Dalmia
 
Children as target of cyber crimes
Children as target of cyber crimesChildren as target of cyber crimes
Children as target of cyber crimes
Nilendra Kumar
 
IT ACT 2000
IT ACT 2000IT ACT 2000
IT ACT 2000
Sudarsan Subramanian
 
Tinba Virus
Tinba VirusTinba Virus
Tinba Virus
AanchalJain72
 
Information & technology Act, 2000.
Information & technology Act, 2000.Information & technology Act, 2000.
Information & technology Act, 2000.
Vaishnavi Meghe
 
Social Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaSocial Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social Media
Shawn Tuma
 
Information and Technology Act
Information and Technology ActInformation and Technology Act
Information and Technology Act
Applied Forensic Research Sciences
 
FERPA
FERPAFERPA
FERPA
Dodge City Public Schools
 
The information technology act 2000
The information technology act 2000The information technology act 2000
The information technology act 2000
Naveen Kumar C
 
IT Act 2000
IT Act 2000IT Act 2000
IT Act 2000
Pradeep Tomar
 
TM Infringement- Rajeev Mandal.
TM Infringement- Rajeev Mandal.TM Infringement- Rajeev Mandal.
TM Infringement- Rajeev Mandal.
Rajiv Mandal
 
Online defamation
Online defamationOnline defamation
Online defamation
Apostolos Syropoulos
 
Tietosuojavaatimukset markkinointiviestinnässä
Tietosuojavaatimukset markkinointiviestinnässäTietosuojavaatimukset markkinointiviestinnässä
Tietosuojavaatimukset markkinointiviestinnässä
Harto Pönkä
 
COPPA
COPPACOPPA
COPPA
culturewins
 
The Past, Present, and Future of Clinical Research Recruitment
The Past, Present, and Future of Clinical Research RecruitmentThe Past, Present, and Future of Clinical Research Recruitment
The Past, Present, and Future of Clinical Research Recruitment
Clinical List America
 
Tietosuoja ja digitaalinen turvallisuus koulussa
Tietosuoja ja digitaalinen turvallisuus koulussaTietosuoja ja digitaalinen turvallisuus koulussa
Tietosuoja ja digitaalinen turvallisuus koulussa
Harto Pönkä
 
Passing off ppt
Passing off pptPassing off ppt
Passing off ppt
Roopanshi Virang
 
Online grocery shopping survey results
Online grocery shopping survey resultsOnline grocery shopping survey results
Online grocery shopping survey results
Misty Sharkey, M.S. - Strategic Marketing
 
Trade secrets and conflicts of interest
Trade secrets and conflicts of interestTrade secrets and conflicts of interest
Trade secrets and conflicts of interest
Hagi Sahib
 
Consumer Privacy
Consumer PrivacyConsumer Privacy
Consumer Privacy
Ashish Jain
 
Unit 5 Intellectual Property Protection in Cyberspace
Unit 5 Intellectual Property Protection in CyberspaceUnit 5 Intellectual Property Protection in Cyberspace
Unit 5 Intellectual Property Protection in Cyberspace
Tushar Rajput
 
E-Signature Vs. Digital Signature
E-Signature Vs. Digital Signature E-Signature Vs. Digital Signature
E-Signature Vs. Digital Signature
Mahmoud Ezzat
 
Cyber securitylaw
Cyber securitylawCyber securitylaw
Cyber securitylaw
kinjal vaghela
 
Data Privacy Compliance
Data Privacy ComplianceData Privacy Compliance
Data Privacy Compliance
Financial Poise
 
Right to Information
Right to InformationRight to Information
Right to Information
Kunal Thakur
 
Cyberstalking
CyberstalkingCyberstalking
Cyberstalking
Trevschic
 
Blockchain and intellectual property v1
Blockchain and intellectual property v1Blockchain and intellectual property v1
Blockchain and intellectual property v1
Nelson Rosario
 
Data Protection and Privacy
Data Protection and PrivacyData Protection and Privacy
Data Protection and Privacy
Vertex Holdings
 
Legislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to KnowLegislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to Know
Kaley Perkins, MA
 
Business COPPA 6 Steps
Business COPPA 6 StepsBusiness COPPA 6 Steps
Business COPPA 6 Steps
- Mark - Fullbright
 

Mais conteúdo relacionado

Mais procurados

TM Infringement- Rajeev Mandal.
TM Infringement- Rajeev Mandal.TM Infringement- Rajeev Mandal.
TM Infringement- Rajeev Mandal.
Rajiv Mandal
 
Data Privacy Compliance
Data Privacy ComplianceData Privacy Compliance
Data Privacy Compliance
Financial Poise
 
Right to Information
Right to InformationRight to Information
Right to Information
Kunal Thakur
 
Cyberstalking
CyberstalkingCyberstalking
Cyberstalking
Trevschic
 

Mais procurados (20)

The information technology act 2000
The information technology act 2000The information technology act 2000
The information technology act 2000
 
IT Act 2000
IT Act 2000IT Act 2000
IT Act 2000
 
TM Infringement- Rajeev Mandal.
TM Infringement- Rajeev Mandal.TM Infringement- Rajeev Mandal.
TM Infringement- Rajeev Mandal.
 
Online defamation
Online defamationOnline defamation
Online defamation
 
Tietosuojavaatimukset markkinointiviestinnässä
Tietosuojavaatimukset markkinointiviestinnässäTietosuojavaatimukset markkinointiviestinnässä
Tietosuojavaatimukset markkinointiviestinnässä
 
COPPA
COPPACOPPA
COPPA
 
The Past, Present, and Future of Clinical Research Recruitment
The Past, Present, and Future of Clinical Research RecruitmentThe Past, Present, and Future of Clinical Research Recruitment
The Past, Present, and Future of Clinical Research Recruitment
 
Tietosuoja ja digitaalinen turvallisuus koulussa
Tietosuoja ja digitaalinen turvallisuus koulussaTietosuoja ja digitaalinen turvallisuus koulussa
Tietosuoja ja digitaalinen turvallisuus koulussa
 
Passing off ppt
Passing off pptPassing off ppt
Passing off ppt
 
Online grocery shopping survey results
Online grocery shopping survey resultsOnline grocery shopping survey results
Online grocery shopping survey results
 
Trade secrets and conflicts of interest
Trade secrets and conflicts of interestTrade secrets and conflicts of interest
Trade secrets and conflicts of interest
 
Consumer Privacy
Consumer PrivacyConsumer Privacy
Consumer Privacy
 
Unit 5 Intellectual Property Protection in Cyberspace
Unit 5 Intellectual Property Protection in CyberspaceUnit 5 Intellectual Property Protection in Cyberspace
Unit 5 Intellectual Property Protection in Cyberspace
 
E-Signature Vs. Digital Signature
E-Signature Vs. Digital Signature E-Signature Vs. Digital Signature
E-Signature Vs. Digital Signature
 
Cyber securitylaw
Cyber securitylawCyber securitylaw
Cyber securitylaw
 
Data Privacy Compliance
Data Privacy ComplianceData Privacy Compliance
Data Privacy Compliance
 
Right to Information
Right to InformationRight to Information
Right to Information
 
Cyberstalking
CyberstalkingCyberstalking
Cyberstalking
 
Blockchain and intellectual property v1
Blockchain and intellectual property v1Blockchain and intellectual property v1
Blockchain and intellectual property v1
 
Data Protection and Privacy
Data Protection and PrivacyData Protection and Privacy
Data Protection and Privacy
 

Semelhante a COPPA for Newbies

Children Online Privacy Komal Bansal
Children Online Privacy Komal BansalChildren Online Privacy Komal Bansal
Children Online Privacy Komal Bansal
Komal Bansal
 
parent_teacher_tutorial
parent_teacher_tutorialparent_teacher_tutorial
parent_teacher_tutorial
tutorialsruby
 
parent_teacher_tutorial
parent_teacher_tutorialparent_teacher_tutorial
parent_teacher_tutorial
tutorialsruby
 
mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10) mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10)
Jim Kaplan CIA CFE
 
Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10) Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10)
Jim Kaplan CIA CFE
 
Internet Liabilities Presentation
Internet Liabilities PresentationInternet Liabilities Presentation
Internet Liabilities Presentation
Shannon Evans
 
How to Write a Privacy Policy For Your Blog?
How to Write a Privacy Policy For Your Blog?How to Write a Privacy Policy For Your Blog?
How to Write a Privacy Policy For Your Blog?
Saikrishna Tipparapu
 

Semelhante a COPPA for Newbies (20)

Legislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to KnowLegislation That Internet Marketers Need to Know
Legislation That Internet Marketers Need to Know
 
Business COPPA 6 Steps
Business COPPA 6 StepsBusiness COPPA 6 Steps
Business COPPA 6 Steps
 
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
 
Children Online Privacy Komal Bansal
Children Online Privacy Komal BansalChildren Online Privacy Komal Bansal
Children Online Privacy Komal Bansal
 
pp_101_notes_eng.pdf
pp_101_notes_eng.pdfpp_101_notes_eng.pdf
pp_101_notes_eng.pdf
 
Social media marketing presentation
Social media marketing presentation Social media marketing presentation
Social media marketing presentation
 
parent_teacher_tutorial
parent_teacher_tutorialparent_teacher_tutorial
parent_teacher_tutorial
 
parent_teacher_tutorial
parent_teacher_tutorialparent_teacher_tutorial
parent_teacher_tutorial
 
The Top Five Legal Pitfalls of Social Media for School Districts
The Top Five Legal Pitfalls of Social Media for School DistrictsThe Top Five Legal Pitfalls of Social Media for School Districts
The Top Five Legal Pitfalls of Social Media for School Districts
 
Fundraising On The Internet
Fundraising On The InternetFundraising On The Internet
Fundraising On The Internet
 
mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10) mplementing and Auditing GDPR Series (10 of 10)
mplementing and Auditing GDPR Series (10 of 10)
 
Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10) Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10)
 
The changing face of privacy laws
The changing face of privacy lawsThe changing face of privacy laws
The changing face of privacy laws
 
Privacy and Civil Liberties
Privacy and Civil LibertiesPrivacy and Civil Liberties
Privacy and Civil Liberties
 
Safeguarding Your Child's Future
Safeguarding Your Child's FutureSafeguarding Your Child's Future
Safeguarding Your Child's Future
 
Privacy Policy FAQ
Privacy Policy FAQPrivacy Policy FAQ
Privacy Policy FAQ
 
Internet Liabilities Presentation
Internet Liabilities PresentationInternet Liabilities Presentation
Internet Liabilities Presentation
 
Education law conference, March 2017 - Manchester - Understanding and dischar...
Education law conference, March 2017 - Manchester - Understanding and dischar...Education law conference, March 2017 - Manchester - Understanding and dischar...
Education law conference, March 2017 - Manchester - Understanding and dischar...
 
The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)
 
How to Write a Privacy Policy For Your Blog?
How to Write a Privacy Policy For Your Blog?How to Write a Privacy Policy For Your Blog?
How to Write a Privacy Policy For Your Blog?
 

Último

Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
allensay1
 
Mifepristone Available in Muscat +918761049707^^ €€ Buy Abortion Pills in Oman
Mifepristone Available in Muscat +918761049707^^ €€ Buy Abortion Pills in OmanMifepristone Available in Muscat +918761049707^^ €€ Buy Abortion Pills in Oman
Mifepristone Available in Muscat +918761049707^^ €€ Buy Abortion Pills in Oman
instagramfab782445
 
Mckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for ViewingMckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for Viewing
Nauman Safdar
 
Structuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdfStructuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdf
laloo_007
 
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
pr788182
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
Roofing Contractor
 

Último (20)

Buy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail AccountsBuy gmail accounts.pdf buy Old Gmail Accounts
Buy gmail accounts.pdf buy Old Gmail Accounts
 
Falcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business PotentialFalcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business Potential
 
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
Lucknow Housewife Escorts by Sexy Bhabhi Service 8250092165
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
PHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation FinalPHX May 2024 Corporate Presentation Final
PHX May 2024 Corporate Presentation Final
 
Mifepristone Available in Muscat +918761049707^^ €€ Buy Abortion Pills in Oman
Mifepristone Available in Muscat +918761049707^^ €€ Buy Abortion Pills in OmanMifepristone Available in Muscat +918761049707^^ €€ Buy Abortion Pills in Oman
Mifepristone Available in Muscat +918761049707^^ €€ Buy Abortion Pills in Oman
 
Mckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for ViewingMckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for Viewing
 
Structuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdfStructuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdf
 
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
CROSS CULTURAL NEGOTIATION BY PANMISEM NS
CROSS CULTURAL NEGOTIATION BY PANMISEM NSCROSS CULTURAL NEGOTIATION BY PANMISEM NS
CROSS CULTURAL NEGOTIATION BY PANMISEM NS
 
Pre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptxPre Engineered Building Manufacturers Hyderabad.pptx
Pre Engineered Building Manufacturers Hyderabad.pptx
 
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business Growth
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
Power point presentation on enterprise performance management
Power point presentation on enterprise performance managementPower point presentation on enterprise performance management
Power point presentation on enterprise performance management
 
Over the Top (OTT) Market Size & Growth Outlook 2024-2030
Over the Top (OTT) Market Size & Growth Outlook 2024-2030Over the Top (OTT) Market Size & Growth Outlook 2024-2030
Over the Top (OTT) Market Size & Growth Outlook 2024-2030
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
joint cost.pptx COST ACCOUNTING Sixteenth Edition ...
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
Falcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow ChallengesFalcon Invoice Discounting: Aviate Your Cash Flow Challenges
Falcon Invoice Discounting: Aviate Your Cash Flow Challenges
 

COPPA for Newbies

  • 1. How to comply with COPPA By: Gen Li
  • 2. Disclaimer This is not a legal advice. You must not rely on the information on this slide as an alternative to legal advice from your attorney or other professional legal services provider. If you have any specific questions about any legal matter you should consult your attorney or other professional legal services provider. You should never delay seeking legal advice, disregard legal advice, or commence or discontinue any legal action because of information in this presentation.
  • 4. A type of meat? A restaurant’s name? !
  • 5. COPPA • The Children’s Online Privacy Protection Act (COPPA) was enacted by Congress in 1998. COPPA required the Federal Trade Commission (FTC) to issue and enforce regulations concerning children’s online privacy. The FTC’s amended Rule became effective on July 1, 2013. • COPPA’s primary goal is to ensure that parents have control over what information is collected from their young children online. • The Rule only covers developers that: (1) that operate mobile apps that are directed to children under 13 and collect, use or disclose personal information from children, and (2) those who have actual knowledge that they are collecting, using, or disclosing personal information from children under 13.
  • 6. What does “personal information” include? (5) a telephone number; (6) a social security number; (7) a persistent identifier; (8) a photograph, video, or audio file, where such file contains a child’s image or voice; or (9) geo-location information sufficient to identify street name and name of a city or town. (1) first and last name; (2) a home or other physical address including street name and name of a city or town; (3) online contact information; (4) a screen or user name that functions as online contact information;
  • 7. If you are covered, what should you do? • Post a clear and comprehensive privacy policy • Send direct notice to parents • Obtain verifiable parental consent from parents • Provide sufficient security to collected personal information • Allow parents to review collected information
  • 8. Post a clear and comprehensive Privacy Policy
  • 9. What does “comprehensive” mean? Your privacy policy needs to include the following information: • The developer and related operators’ personal information. Including: (1) name, (2) address, (3) telephone number and (4) email address. • A description of the types of information the developer collects from children, and how the developer uses the information. • A statement that parents can review or delete their children’s personal information and prevent future collection.
  • 11. What does “clear” mean? The amended Rule requires the developer to post the privacy policy link in a clear and prominent location on the website or on the landing page. A“clear and prominent” link must stand out and be noticeable to the site’s visitors. The link is likely to be “clear and prominent” if it is in a larger font size and in all caps in a color that contrasts with the background. For example:
  • 12. Send a direct notice to parents
  • 13. What needs to be in the notice? 1. If the notice is used to obtain a parent’s verifiable consent prior to the collection of a child’s personal information, then you must: • State that you have collected the parent’s online contact information from the child, and that it is only used to obtain the parent’s consent; • State that the parent’s consent is required for the information collection; • List the personal information that is going to be collected if there is consent; • Include a hyperlink to your privacy policy; • State how the parent can grant verifiable parental consent; and • State that if the parent does not provide consent within a reasonable amount of time, then you will delete the parent’s online contact information.
  • 14. 2. If the notice is to provide a parent information about the child’s online activities and does not involve personal information collection, then : • State that you have collected the parent’s online contact information from the child, and that it is used to obtain the parent’s consent; • State that the parent’s online contact information will not be used or disclosed for any other purpose; • State that the parent can prevent the child from using the app and may require you to delete the online contact information, and how the parent can do so, and • Include a hyperlink to your privacy policy.
  • 16. How to send a notice? Based on section 312.4 (b) of the amended Rule, you must make reasonable efforts, taking into consideration the available technology, to ensure that a parent or child receives the direct notice. There is no absolute standard about what counts as a proper way to send a direct notice, and you need to make your own decision based on the available technology and information. For example:
  • 17. Obtain verifiable parental consent from parents
  • 18. Obtain verifiable parental consent from parents • Existing approved verifiable parental consent methods • Alternative “Email-plus” method
  • 19. Existing approved verifiable parental consent • Provide consent through mail or fax; • Provide information about a credit card or a debt card; • Call a toll-free telephone; • Send consent via video-conference; • Checking a government-issued identification.
  • 20. Alternative “Email-plus” method If you will only use the personal information for internal purposes, then you can use the next two steps: First: send an email to the child’s parent, and the parent can manifest his consent in the returning email Second, after receiving the email consent, you need to either (1) make a confirmation phone call, fax or letter to the parent; or (2) send a confirmation message via the parent’s online contact information within a reasonable amount of time.
  • 21. Provide sufficient security to collected personal information
  • 22. Provide sufficient security to collected personal information • COPPA requires developers to establish and maintain reasonable procedures to protect the confidentiality, security, and integrity of personal information collected from children. • If there is an industry security standard, FOLLOW IT! For example:
  • 23. Allow parents to review collected information
  • 24. Allow parents to review collected information • Based on section 312.6 of the COPPA Rule, upon a parent’s request, the developer must grant the parent access to the collected personal information. For example:
  • 25. For more detailed information, please see...... Famigo’s “COPPA for Newbies” blog series: • http://www.famigo.com/blog/2013/09/coppa-for-newbies- your-privacy-policy/ • http://www.famigo.com/blog/2013/08/coppa-for-newbies- who-is-covered-by-this-rule/ • http://www.famigo.com/blog/?p=3653 • http://www.famigo.com/blog/2013/10/coppa-for-newbies- what-do-we-need-to-get-from-the-parents/