Following last year’s revisions to the COPPA Rule (see our post outlining the changes), and the FTC’s recent approval of a new method for obtaining verifiable consent (see our post), the FTC has now approved the sixth COPPA “safe harbor” program. The operator of the kidSAFE Seal Program filed his application in August, and a public comment period followed. The FTC, on review of the application, determined that the program “provides the same or greater protections for children as those contained in the COPPA Rule.” In its letter to kidSAFE approving the program, the FTC indicated that some commenters had expressed concern about kidSAFE’s ability to enforce compliance by its members. kidSAFE modified its program to address these and other concerns raised by the FTC. Companies that follow an approved safe harbor program under the Rule are deemed to be in compliance with the Rule as long as the company follows the safe harbor program’s guidelines (16 CFR § 312.11(g)). The other approved safe harbor programs are operated by TRUSTe, CARU, ESRB (all approved in 2001), Privo (approved 2004), and Aristotle (approved 2012).
TIP: Companies that are subject to COPPA (i.e., websites directed to children under 13/websites that knowingly collect information from children under 13) may wish to consider taking advantage of the “safety” offered through participation in an approved safe harbor program. Safe harbor can be particularly helpful given confusion around compliance under the revised Rule.