Last week, the FTC released proposed changes to the Children’s Online Privacy Protection Rule (COPPA), which gives parents control over what personal information websites may collect from children under 13. Among the FTC's proposals are updating the definition of “personal information” to include geolocation data and some persistent identifiers used in behavioral advertising. In addition, the FTC wants to update the definition of “collection” as it pertains to children’s participation in online communities.
The FTC also proposes that website operators provide parents with a succinct, easy to read notice of the site’s information practices. The proposed changes call for developing more robust ways to verify parental consent and for website operators to adopt a number of confidentiality and security procedures the Commission has recommended in other contexts. Examples of such measures include holding onto data only as long as it is needed, deleting data that is no longer needed and ensuring third parties with whom the data is shared have sufficient privacy and security safeguards in place to protect the data.
Lastly, the FTC is proposing increased oversight of self-regulatory safe harbor programs to include requiring programs to perform annual audits of their members and report the results. The FTC is accepting comments until November 28, 2011.
Go here to read the FTC’s press release and proposed changes to COPPA.