Changes may be coming to TRUSTe’s safe harbor program under the Children’s Online Privacy Protection (COPPA) Rule, and the Federal Trade Commission is seeking public comment.
Among other things, the FTC’s COPPA Rule requires that operators of commercial websites and online services directed to children under the age of 13 (or general audience websites and online services that knowingly collect personal information from children under 13) must post comprehensive privacy policies on their sites, notify parents about their information practices, and obtain parental consent before collecting, using or disclosing any personal information from children under the age of 13.
The COPPA Rule also contains a “safe harbor” provision that permits industry groups or others to submit self-regulatory guidelines that would implement the rule’s protections. If the guidelines comply with the FTC-approved guidelines, the agency will grant safe harbor status. TRUSTe received approval May 2001 to operate a self-regulatory program, which was amended in 2013 after the agency revised the COPPA Rule.
Now TRUSTe has again proposed to modify its program requirements. The alterations were triggered by an agreement with New York Attorney General Eric Schneiderman. While the requirements fundamental to COPPA remain the same, the company seeks to make substantive changes related to third-party tracking technologies and the timing for seal removal for participants who have not completed annual review and remediation by the anniversary of the prior year’s certification date.
The FTC requested comment on TRUSTe’s proposed requirement that participants conduct an annual internal assessment of third parties’ collection of personal information from children on their websites or online services. In addition, the agency asked for input on whether the mechanisms used to assess compliance with the proposed modified program requirements are effective and any benefits, costs and alternatives that should be considered.
Comments will be accepted until May 24.
To read the Federal Register notice requesting public comment, click here.
Why it matters: The changes to TRUSTe’s program were prompted by an ongoing investigation by AG Schneiderman dubbed “Operation Child Tracker” that resulted in TRUSTe paying $100,000 and promising to more effectively evaluate whether sites operated by its customers are in compliance with COPPA.