SlideShare a Scribd company logo

10 Step Guide to COPPA Compliance

Kegan Blumenthal
Kegan Blumenthal

A 10 Step Guide to COPPA Compliance. Legislation goes into effect July 1, 2013.

EducationTechnologyNews & Politics
1 of 13
Download to read offline
A 10 Step Guide to COPPA Compliance Wednesday, June 19, 13
Introduction •There’s lots of talk about the Children’s Online Privacy Protection Act (COPPA), but do you really understand how the law works?  COPPA was enacted in 1998 and was enacted to protect the privacy of children under 13 years of age. COPPA charged the FederalTrade Commission (FTC) with creating the regulations necessary to implement the goals of the law. •The original act also required that the law be reviewed 5 years after the effective date of the regulation (April 21, 2000). This review took several years and various stakeholders were given the opportunity to comment on the proposed revisions. The revised Coppa Rule was released in December 2012 and is set to go into effect on July 1, 2013. •What follows are 10 questions that every developer should ask herself over the next couple weeks in order to conduct an internal COPPA audit and ensure compliance.  If you have any questions, please let us know in the comments. Wednesday, June 19, 13
1)   Did you read the Rule? This seems obvious, but have you read the revised Rule yet?  It might look big and scary at first, but it’s not rocket surgery – anyone who can develop their own application can grasp the content of the revised  COPPA Rule. Wednesday, June 19, 13
2)   Does the Rule apply to you? Ask yourself this question:  “Am I operating a child-directed website or service or do I have actual knowledge that I’m collecting, using or disclosing personal information from a child under 13?” If you have any doubt, the smart bet is to assume COPPA applies to you and read on. Wednesday, June 19, 13
3)   Do you collect personal information? The general idea is that personal information is any information that can be matched to a single person.  Phone numbers and email addresses are obvious examples, but it’s worth going through the whole list to determine if you collect personal information, as the definition has expanded. Wednesday, June 19, 13
4)   What information do you collect? It’s time to compile an exhaustive list of all the information you collect. Remember that feature you built, but never used? Make sure it isn’t still collecting information.  Figuring out what you collect is perhaps the most important part of your own COPPA audit.  Leave no stone unturned.  After all, there’s still time to clean up your act before July 1. Wednesday, June 19, 13
Now that you know what you collect, it’s time to understand why you collect it. It’s useful to divide all the information you collect into two categories: information for the support of internal operations (defined in §312.2) and information that is disclosed to third parties. If it’s for the support of internal operations (e.g. collecting data to optimize product features) make sure you’re using the data and storing it securely. If you don’t use it, stop collecting it.  If the information is disclosed to third parties, ask yourself why you’re disclosing that data in the first place.  In the general interest of protecting children’s privacy, disclosure of this data should be carefully and rigorously scrutinized. 5)   What do you NEED to collect? Wednesday, June 19, 13
6)   Do you have a privacy policy? The first step in effectively communicating with parents is to have a well-written privacy policy. This can seem like a daunting task to non-lawyers, but there are plenty of good resources to help you out. Here are a few tools to help you get started: We also recommend looking at the privacy policies of developers that are doing similar work or offering similar services.  What's more important than perfect legalese is honesty and transparency. Wednesday, June 19, 13
7)   How are you going to provide notice of your privacy practices? Congratulations, you now have your very own privacy policy! Now, how are you going to tell parents about your data collection, use and disclosure practices?   The California Attorney General provides some really good guidance in Privacy on the Go: Recommendations for the Mobile Ecosystem, and as always, reread the Rule. Wednesday, June 19, 13
I’m willing to bet that you probably have questions at this point.The good news is that you’re not alone.  In May the FTC released a set of FAQ’s to address the most common and vexing questions they had received in the months since the amended rule was released.The good news is that you’ll probably find some clarification to your questions, but be prepared to add some items to your to-do list as well. 8)   Have you read the FAQ? Wednesday, June 19, 13
COPPA Safe Harbor Programs: These FTC-approved safe harbor programs are an attempt to provide businesses with the ability to self- regulate when it comes to COPPA compliance. 9)   Have you considered getting a second opinion? Wednesday, June 19, 13
10) What’s next?  Developers are certainly not strangers to constant product iterations and you should get used to thinking of your privacy-related activities the same way. Children’s privacy is very important, and if you take your obligation seriously, it will require constant refinement. Wednesday, June 19, 13
A FinalThought Hopefully this 10-step guide is helpful in starting you on your journey to COPPA compliance.This information is not meant as legal advice, but it does accurately reflect a process that we’ve used ourselves and that other developers have had some success with too.  If you have suggestions or care to share your own experiences please leave a comment. Wednesday, June 19, 13

Recommended

COPPA and Over 13 Age Restrictions
COPPA and Over 13 Age RestrictionsCOPPA and Over 13 Age Restrictions
COPPA and Over 13 Age RestrictionsMark Moran
 
Coppa overview
Coppa overviewCoppa overview
Coppa overviewchstokes
 
COPPA for Newbies
COPPA for NewbiesCOPPA for Newbies
COPPA for NewbiesKegan Blumenthal
 
COPPA Compliance
COPPA ComplianceCOPPA Compliance
COPPA ComplianceKegan Blumenthal
 
COPPA
COPPACOPPA
COPPAculturewins
 
Finalproject
FinalprojectFinalproject
Finalprojectkrisondarocks
 
The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)WilmerHale
 
USLFG Corporate & Securities Presentation
USLFG Corporate & Securities PresentationUSLFG Corporate & Securities Presentation
USLFG Corporate & Securities PresentationArmstrong Teasdale
 

Recommended

COPPA and Over 13 Age Restrictions
COPPA and Over 13 Age RestrictionsCOPPA and Over 13 Age Restrictions
COPPA and Over 13 Age RestrictionsMark Moran
 
Coppa overview
Coppa overviewCoppa overview
Coppa overviewchstokes
 
COPPA for Newbies
COPPA for NewbiesCOPPA for Newbies
COPPA for NewbiesKegan Blumenthal
 
COPPA Compliance
COPPA ComplianceCOPPA Compliance
COPPA ComplianceKegan Blumenthal
 
COPPA
COPPACOPPA
COPPAculturewins
 
Finalproject
FinalprojectFinalproject
Finalprojectkrisondarocks
 
The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)The FTC’s Revised COPPA Rules (Stanford Presentation)
The FTC’s Revised COPPA Rules (Stanford Presentation)WilmerHale
 
USLFG Corporate & Securities Presentation
USLFG Corporate & Securities PresentationUSLFG Corporate & Securities Presentation
USLFG Corporate & Securities PresentationArmstrong Teasdale
 
Safer Children in a Digital World: a summary for children and young people
Safer Children in a Digital World: a summary for children and young peopleSafer Children in a Digital World: a summary for children and young people
Safer Children in a Digital World: a summary for children and young peopleEduserv Foundation
 
Using Computer Technology to Protect Individuals and Families
Using Computer Technology to Protect Individuals and FamiliesUsing Computer Technology to Protect Individuals and Families
Using Computer Technology to Protect Individuals and FamiliesLightedCandle
 
Children and the Media
Children and the MediaChildren and the Media
Children and the MediaEllieWeedon
 
Media Law
Media LawMedia Law
Media Lawsrcarrol
 
Facebook: Assignment 2a: Policy Primer
Facebook: Assignment 2a: Policy PrimerFacebook: Assignment 2a: Policy Primer
Facebook: Assignment 2a: Policy Primerjames24587
 
Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”IDology, Inc
 
Parenting the MySpace Generation
Parenting the MySpace GenerationParenting the MySpace Generation
Parenting the MySpace Generationdlevin
 
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Shawn Tuma
 
Social Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaSocial Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaShawn Tuma
 
Kid Safety On The Internet
Kid Safety On The InternetKid Safety On The Internet
Kid Safety On The InternetJennifer Chilek
 
Protecting Your Child
Protecting Your ChildProtecting Your Child
Protecting Your ChildMatthew Irvine
 
Social Media in the Workplace
Social Media in the Workplace Social Media in the Workplace
Social Media in the Workplace Rachel Hamilton
 
Dangers Of Internet - Parents Beware
Dangers Of Internet - Parents BewareDangers Of Internet - Parents Beware
Dangers Of Internet - Parents BewareNurizcka
 
Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...
Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...
Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...lekhim006
 
1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from Misuse1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from MisuseWendi Lazar
 
Cyber Predator Presentation
Cyber Predator PresentationCyber Predator Presentation
Cyber Predator Presentationgrp4.ed451
 
Online safety
Online safetyOnline safety
Online safetyDr. Pravin Yadav
 
Invisible Preadators: Hidden Dangers of the Internet
Invisible Preadators: Hidden Dangers of the InternetInvisible Preadators: Hidden Dangers of the Internet
Invisible Preadators: Hidden Dangers of the Internetmalissa_1041
 
Hurd, lindse slide share presentation
Hurd, lindse slide share presentationHurd, lindse slide share presentation
Hurd, lindse slide share presentationlhurd01
 
Business ethics talk
Business ethics talkBusiness ethics talk
Business ethics talkRobert Bodle
 
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...- Mark - Fullbright
 
Business COPPA 6 Steps
Business COPPA 6 StepsBusiness COPPA 6 Steps
Business COPPA 6 Steps- Mark - Fullbright
 

More Related Content

What's hot

Safer Children in a Digital World: a summary for children and young people
Safer Children in a Digital World: a summary for children and young peopleSafer Children in a Digital World: a summary for children and young people
Safer Children in a Digital World: a summary for children and young peopleEduserv Foundation
 
Using Computer Technology to Protect Individuals and Families
Using Computer Technology to Protect Individuals and FamiliesUsing Computer Technology to Protect Individuals and Families
Using Computer Technology to Protect Individuals and FamiliesLightedCandle
 
Children and the Media
Children and the MediaChildren and the Media
Children and the MediaEllieWeedon
 
Facebook: Assignment 2a: Policy Primer
Facebook: Assignment 2a: Policy PrimerFacebook: Assignment 2a: Policy Primer
Facebook: Assignment 2a: Policy Primerjames24587
 
Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”IDology, Inc
 
Parenting the MySpace Generation
Parenting the MySpace GenerationParenting the MySpace Generation
Parenting the MySpace Generationdlevin
 
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Shawn Tuma
 
Social Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaSocial Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaShawn Tuma
 
Kid Safety On The Internet
Kid Safety On The InternetKid Safety On The Internet
Kid Safety On The InternetJennifer Chilek
 
Social Media in the Workplace
Social Media in the Workplace Social Media in the Workplace
Social Media in the Workplace Rachel Hamilton
 
Dangers Of Internet - Parents Beware
Dangers Of Internet - Parents BewareDangers Of Internet - Parents Beware
Dangers Of Internet - Parents BewareNurizcka
 
Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...
Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...
Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...lekhim006
 
1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from Misuse1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from MisuseWendi Lazar
 
Cyber Predator Presentation
Cyber Predator PresentationCyber Predator Presentation
Cyber Predator Presentationgrp4.ed451
 
Invisible Preadators: Hidden Dangers of the Internet
Invisible Preadators: Hidden Dangers of the InternetInvisible Preadators: Hidden Dangers of the Internet
Invisible Preadators: Hidden Dangers of the Internetmalissa_1041
 
Hurd, lindse slide share presentation
Hurd, lindse slide share presentationHurd, lindse slide share presentation
Hurd, lindse slide share presentationlhurd01
 
Business ethics talk
Business ethics talkBusiness ethics talk
Business ethics talkRobert Bodle
 

What's hot (20)

Safer Children in a Digital World: a summary for children and young people
Safer Children in a Digital World: a summary for children and young peopleSafer Children in a Digital World: a summary for children and young people
Safer Children in a Digital World: a summary for children and young people
 
Using Computer Technology to Protect Individuals and Families
Using Computer Technology to Protect Individuals and FamiliesUsing Computer Technology to Protect Individuals and Families
Using Computer Technology to Protect Individuals and Families
 
Children and the Media
Children and the MediaChildren and the Media
Children and the Media
 
Media Law
Media LawMedia Law
Media Law
 
Facebook: Assignment 2a: Policy Primer
Facebook: Assignment 2a: Policy PrimerFacebook: Assignment 2a: Policy Primer
Facebook: Assignment 2a: Policy Primer
 
Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”Age Verification / “Doing the Right Thing”
Age Verification / “Doing the Right Thing”
 
Parenting the MySpace Generation
Parenting the MySpace GenerationParenting the MySpace Generation
Parenting the MySpace Generation
 
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
Social Media Law: It is Real, and, Yes, It Really Can Impact Your Business - ...
 
Social Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social MediaSocial Media Law: The Legal Do's and Don'ts of Social Media
Social Media Law: The Legal Do's and Don'ts of Social Media
 
Kid Safety On The Internet
Kid Safety On The InternetKid Safety On The Internet
Kid Safety On The Internet
 
Protecting Your Child
Protecting Your ChildProtecting Your Child
Protecting Your Child
 
Social Media in the Workplace
Social Media in the Workplace Social Media in the Workplace
Social Media in the Workplace
 
Dangers Of Internet - Parents Beware
Dangers Of Internet - Parents BewareDangers Of Internet - Parents Beware
Dangers Of Internet - Parents Beware
 
Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...
Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...
Abney & Associates Technology Updates: Sheriff’s forum to open eyes of parent...
 
1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from Misuse1984 in 2015 Protecting Employees' Social Media from Misuse
1984 in 2015 Protecting Employees' Social Media from Misuse
 
Cyber Predator Presentation
Cyber Predator PresentationCyber Predator Presentation
Cyber Predator Presentation
 
Online safety
Online safetyOnline safety
Online safety
 
Invisible Preadators: Hidden Dangers of the Internet
Invisible Preadators: Hidden Dangers of the InternetInvisible Preadators: Hidden Dangers of the Internet
Invisible Preadators: Hidden Dangers of the Internet
 
Hurd, lindse slide share presentation
Hurd, lindse slide share presentationHurd, lindse slide share presentation
Hurd, lindse slide share presentation
 
Business ethics talk
Business ethics talkBusiness ethics talk
Business ethics talk
 

Similar to 10 Step Guide to COPPA Compliance

Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...- Mark - Fullbright
 
Digital Sobriety - How tech companies are controlling you and what to do abou...
Digital Sobriety - How tech companies are controlling you and what to do abou...Digital Sobriety - How tech companies are controlling you and what to do abou...
Digital Sobriety - How tech companies are controlling you and what to do abou...Ida Olsson
 
pp_101_notes_eng.pdf
pp_101_notes_eng.pdfpp_101_notes_eng.pdf
pp_101_notes_eng.pdfAbel Mutize
 
Business Marketing Your Mobile app
Business Marketing Your Mobile appBusiness Marketing Your Mobile app
Business Marketing Your Mobile app- Mark - Fullbright
 
Awesome Mobile Content Marketing
Awesome Mobile Content MarketingAwesome Mobile Content Marketing
Awesome Mobile Content MarketingMarcia Kadanoff
 
The future of search powerpoint
The future of search powerpointThe future of search powerpoint
The future of search powerpointcc204834
 
Social media and the hiring process
Social media and the hiring processSocial media and the hiring process
Social media and the hiring processDan Michaluk
 
Helping Developers with Privacy
Helping Developers with PrivacyHelping Developers with Privacy
Helping Developers with PrivacyJason Hong
 
Vint big data research privacy technology and the law
Vint big data research privacy technology and the lawVint big data research privacy technology and the law
Vint big data research privacy technology and the lawKarlos Svoboda
 
Big data 3 4- vint-big-data-research-privacy-technology-and-the-law - big dat...
Big data 3 4- vint-big-data-research-privacy-technology-and-the-law - big dat...Big data 3 4- vint-big-data-research-privacy-technology-and-the-law - big dat...
Big data 3 4- vint-big-data-research-privacy-technology-and-the-law - big dat...Rick Bouter
 
Sogeti big data research privacy technology and the law
Sogeti big data research privacy technology and the lawSogeti big data research privacy technology and the law
Sogeti big data research privacy technology and the lawYann SESE
 
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take NowGDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take NowHackerOne
 
Trending Topics in Data Collection & Targeted Marketing
Trending Topics in Data Collection & Targeted MarketingTrending Topics in Data Collection & Targeted Marketing
Trending Topics in Data Collection & Targeted MarketingcdasLLP
 
CSUN - Youth Driven Information Privacy Education Campaign
CSUN - Youth Driven Information Privacy Education CampaignCSUN - Youth Driven Information Privacy Education Campaign
CSUN - Youth Driven Information Privacy Education CampaignKimberly Gonzalez
 
Inquiry Learning Power Point Rev
Inquiry Learning Power Point RevInquiry Learning Power Point Rev
Inquiry Learning Power Point RevMuriel Larry
 
12 steps to prepare for GDPR
12 steps to prepare for GDPR12 steps to prepare for GDPR
12 steps to prepare for GDPRGary Chambers
 

Similar to 10 Step Guide to COPPA Compliance (20)

Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
Children’s Online Privacy Protection Rule- A Six-Step Compliance Plan for You...
 
Business COPPA 6 Steps
Business COPPA 6 StepsBusiness COPPA 6 Steps
Business COPPA 6 Steps
 
Digital Sobriety - How tech companies are controlling you and what to do abou...
Digital Sobriety - How tech companies are controlling you and what to do abou...Digital Sobriety - How tech companies are controlling you and what to do abou...
Digital Sobriety - How tech companies are controlling you and what to do abou...
 
pp_101_notes_eng.pdf
pp_101_notes_eng.pdfpp_101_notes_eng.pdf
pp_101_notes_eng.pdf
 
Business Marketing Your Mobile app
Business Marketing Your Mobile appBusiness Marketing Your Mobile app
Business Marketing Your Mobile app
 
Awesome Mobile Content Marketing
Awesome Mobile Content MarketingAwesome Mobile Content Marketing
Awesome Mobile Content Marketing
 
The future of search powerpoint
The future of search powerpointThe future of search powerpoint
The future of search powerpoint
 
Social media and the hiring process
Social media and the hiring processSocial media and the hiring process
Social media and the hiring process
 
The price of free
The price of freeThe price of free
The price of free
 
Helping Developers with Privacy
Helping Developers with PrivacyHelping Developers with Privacy
Helping Developers with Privacy
 
Vint big data research privacy technology and the law
Vint big data research privacy technology and the lawVint big data research privacy technology and the law
Vint big data research privacy technology and the law
 
Big data 3 4- vint-big-data-research-privacy-technology-and-the-law - big dat...
Big data 3 4- vint-big-data-research-privacy-technology-and-the-law - big dat...Big data 3 4- vint-big-data-research-privacy-technology-and-the-law - big dat...
Big data 3 4- vint-big-data-research-privacy-technology-and-the-law - big dat...
 
Sogeti big data research privacy technology and the law
Sogeti big data research privacy technology and the lawSogeti big data research privacy technology and the law
Sogeti big data research privacy technology and the law
 
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take NowGDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
 
Digital Literacy Fundamentals Part 2.pptx
Digital Literacy Fundamentals Part 2.pptxDigital Literacy Fundamentals Part 2.pptx
Digital Literacy Fundamentals Part 2.pptx
 
Trending Topics in Data Collection & Targeted Marketing
Trending Topics in Data Collection & Targeted MarketingTrending Topics in Data Collection & Targeted Marketing
Trending Topics in Data Collection & Targeted Marketing
 
CSUN - Youth Driven Information Privacy Education Campaign
CSUN - Youth Driven Information Privacy Education CampaignCSUN - Youth Driven Information Privacy Education Campaign
CSUN - Youth Driven Information Privacy Education Campaign
 
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016
 
Inquiry Learning Power Point Rev
Inquiry Learning Power Point RevInquiry Learning Power Point Rev
Inquiry Learning Power Point Rev
 
12 steps to prepare for GDPR
12 steps to prepare for GDPR12 steps to prepare for GDPR
12 steps to prepare for GDPR
 

Recently uploaded

Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 

Recently uploaded (20)

Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 

10 Step Guide to COPPA Compliance

  • 1. A 10 Step Guide to COPPA Compliance Wednesday, June 19, 13
  • 2. Introduction •There’s lots of talk about the Children’s Online Privacy Protection Act (COPPA), but do you really understand how the law works?  COPPA was enacted in 1998 and was enacted to protect the privacy of children under 13 years of age. COPPA charged the FederalTrade Commission (FTC) with creating the regulations necessary to implement the goals of the law. •The original act also required that the law be reviewed 5 years after the effective date of the regulation (April 21, 2000). This review took several years and various stakeholders were given the opportunity to comment on the proposed revisions. The revised Coppa Rule was released in December 2012 and is set to go into effect on July 1, 2013. •What follows are 10 questions that every developer should ask herself over the next couple weeks in order to conduct an internal COPPA audit and ensure compliance.  If you have any questions, please let us know in the comments. Wednesday, June 19, 13
  • 3. 1)   Did you read the Rule? This seems obvious, but have you read the revised Rule yet?  It might look big and scary at first, but it’s not rocket surgery – anyone who can develop their own application can grasp the content of the revised  COPPA Rule. Wednesday, June 19, 13
  • 4. 2)   Does the Rule apply to you? Ask yourself this question:  “Am I operating a child-directed website or service or do I have actual knowledge that I’m collecting, using or disclosing personal information from a child under 13?” If you have any doubt, the smart bet is to assume COPPA applies to you and read on. Wednesday, June 19, 13
  • 5. 3)   Do you collect personal information? The general idea is that personal information is any information that can be matched to a single person.  Phone numbers and email addresses are obvious examples, but it’s worth going through the whole list to determine if you collect personal information, as the definition has expanded. Wednesday, June 19, 13
  • 6. 4)   What information do you collect? It’s time to compile an exhaustive list of all the information you collect. Remember that feature you built, but never used? Make sure it isn’t still collecting information.  Figuring out what you collect is perhaps the most important part of your own COPPA audit.  Leave no stone unturned.  After all, there’s still time to clean up your act before July 1. Wednesday, June 19, 13
  • 7. Now that you know what you collect, it’s time to understand why you collect it. It’s useful to divide all the information you collect into two categories: information for the support of internal operations (defined in §312.2) and information that is disclosed to third parties. If it’s for the support of internal operations (e.g. collecting data to optimize product features) make sure you’re using the data and storing it securely. If you don’t use it, stop collecting it.  If the information is disclosed to third parties, ask yourself why you’re disclosing that data in the first place.  In the general interest of protecting children’s privacy, disclosure of this data should be carefully and rigorously scrutinized. 5)   What do you NEED to collect? Wednesday, June 19, 13
  • 8. 6)   Do you have a privacy policy? The first step in effectively communicating with parents is to have a well-written privacy policy. This can seem like a daunting task to non-lawyers, but there are plenty of good resources to help you out. Here are a few tools to help you get started: We also recommend looking at the privacy policies of developers that are doing similar work or offering similar services.  What's more important than perfect legalese is honesty and transparency. Wednesday, June 19, 13
  • 9. 7)   How are you going to provide notice of your privacy practices? Congratulations, you now have your very own privacy policy! Now, how are you going to tell parents about your data collection, use and disclosure practices?   The California Attorney General provides some really good guidance in Privacy on the Go: Recommendations for the Mobile Ecosystem, and as always, reread the Rule. Wednesday, June 19, 13
  • 10. I’m willing to bet that you probably have questions at this point.The good news is that you’re not alone.  In May the FTC released a set of FAQ’s to address the most common and vexing questions they had received in the months since the amended rule was released.The good news is that you’ll probably find some clarification to your questions, but be prepared to add some items to your to-do list as well. 8)   Have you read the FAQ? Wednesday, June 19, 13
  • 11. COPPA Safe Harbor Programs: These FTC-approved safe harbor programs are an attempt to provide businesses with the ability to self- regulate when it comes to COPPA compliance. 9)   Have you considered getting a second opinion? Wednesday, June 19, 13
  • 12. 10) What’s next?  Developers are certainly not strangers to constant product iterations and you should get used to thinking of your privacy-related activities the same way. Children’s privacy is very important, and if you take your obligation seriously, it will require constant refinement. Wednesday, June 19, 13
  • 13. A FinalThought Hopefully this 10-step guide is helpful in starting you on your journey to COPPA compliance.This information is not meant as legal advice, but it does accurately reflect a process that we’ve used ourselves and that other developers have had some success with too.  If you have suggestions or care to share your own experiences please leave a comment. Wednesday, June 19, 13