The FTC recently updated their guidelines on COPPA (Child Online Privacy Protection Act), to further protect children's use of the internet and social media when in school and in educational settings.
As addressed in our previous blog, websites collecting the information of children under the age of 13 must comply with the FTC’s COPPA regulations. These regulations address standards of adequate user safeguards and guardian approved agreements, or face harsh fines from the FTC, and should archive themselves inline with FTC compliance standards.
These new regulations are based in an educational context, for school, state and government enforcement. Under these new guidelines:
- Educational bodies, acting as the parent's agent, can now consent to the use and disclosure of a student's personal information to a website or app. This is limited to an educational context and is strictly not for commercial or marketing purposes, and must be in line with FERPA.
- When collecting a student's information for strictly educational purposes, the school's authorisation is presumed by contract with the operator in question, and additional consent form parents is not necessary.
- Where an operator gets consent directly from the school, the operator’s method must be reasonably calculated by available technology, to ensure that a school has provided actual consent, and not a child pretending to be a teacher, for example.
- In light of best practice standards and compliance, the school should provide parents with a notice of the websites and online services whose collection it has consented to on behalf of the parent.
- Schools should approach and utilise this provision and all online technologies with discretion and caution, and fully understand the use, collection and disclosure of personal information by the operator.
- Specific attention should be paid to the operator's data retention policies, security and confidentiality standards, and ensure that it will not be used for commercial purposes.
The PageFreezer Solution for FTC Compliance
Website operators and companies complying with COPPA and FTC standards should ensure that they have a comprehensive records management system, as is necessary with FTC regulations, for the proper use and retention of personal information and data - especially due to the sensitive nature of minor's data that can be quickly accumulated and exploited.
There is also an onus on schools and school districts to assess, monitor and ensure COPPA compliance when utilizing online and interactive educational tools targeted at students. FTC compliant companies must store transparent and reliable records, for the safety of their customers and their reputation in the threat of non-compliance.
Ensure the integrity and safety standards of child-targeted websites when reviewing compliance standards by recording the information collected, privacy policies and more using this efficient and simple tool.
The information and materials on this blog are provided for general and informative purposes only and are not intended to be construed as legal advice. Content on this blog is not intended to substitute the advice of a licensed attorney, as laws are subject to change and vary with time, from jurisdiction to jurisdiction. Content on this blog may be changed without notice and is not guaranteed to be complete, correct or up-to-date.