Lesson's Learned From COPPA

The United States regulation, COPPA (Children’s Online Privacy Protection Act), was designed by lawmakers to introduce parents into the decision-making process and put them in control of the information collected online from their children.

The intent of the law was to give parents the final say regarding the collection, use and disclosure of their children’s personal information when engaging with online services, which includes mobile apps and connected toys.

Since its inception, COPPA has created headaches for online content providers seeking to breach children’s online privacy for marketing and other purposes, as well as for parents who are obliged to verify themselves and provide consent each time a child engages with the digital service. This has led to children lying about their age which in turn hinders data integrity and accuracy. In fact, many parents encourage their child to “age up” in order to avoid burdensome verification processes.

Digital services are either turning away U13 children and missing an opportunity or have actual knowledge that children U13 have gamed the registration and are using the service which creates risk to children’s online privacy. When children “age up” both they and the businesses are in a vulnerable position. Children are likely to see inappropriate or aggressive ads, access to adult content, chat rooms and communities that have no monitoring practices or protections.

At PRIVO, as an operator of a global kids’ privacy assured program which includes an FTC approved COPPA Safe Harbor and a GDPRKids™ solution, we took action to address these issues by developing a privacy enhanced identity and consent platform based on a trust model, the Minors Trust Framework (MTF). The MTF was developed under a White House initiative aimed at finding a better way to protect and enable consumers to manage their online identity.

Protecting children’s online privacy is a key issue for industry, parents and children. PRIVO provides a privacy enhancing single login credential to manage consent across numerous websites and apps. Before consent is obtained the parent and child is provided with transparent information on data collection and processing and the opportunity for the parent to consent at a granular level.

PRIVO only has to verify the parent-child relationship once removing the burden from businesses and families and streamlining the process. This has a measurable and positive impact on how identity is addressed for a new generation of digital natives. It also means that online content and service providers no longer need to fear COPPA or the GDPR with regard to protecting children’s online privacy. Instead they are able to embrace the regulations while increasing lifetime value and engagement and remain compliant.

*Originally published in Government Europa Magazine