FTC wants to expand coverage of children's privacy rule

New entities covered by the proposed changes would include online advertising networks and software plug-ins

The U.S. Federal Trade Commission has proposed to add online advertising networks and makers of browser plug-ins to the entities required to get parental permission when they collect and use personal information on websites targeted at children.

The FTC on Wednesday published proposed changes to the Children's Online Privacy Protection Rule, a set of regulations that require websites targeted at children to get parental permission before collecting personal data and allows parents to prohibit the sites from sharing that information with third parties.

The rule was required in the Children's Online Privacy Protection Act (COPPA), which the U.S. Congress passed in 2000.

The proposed changes are an attempt to "to keep current with technology advances," the FTC said in a press release.

The FTC proposal aims partly at targeted advertising services that collect personal information in order to deliver relevant ads to Internet users. The proposal would expand entities covered by the rule from websites and online services directed at children to include advertising networks and software plug-ins collecting personal information integrated with those sites and services.

In addition, the proposed changes would include ad networks and plug-ins as covered by the rule if they know or have reason to believe they are collecting personal information from children through child-directed websites and services.

The changes would also change the way websites and services that contain child-oriented content treat visitors. The existing rule requires the sites to treat all visitors, even adults, as if they were under age 13 for purposes of the rule, but the new proposal would allow websites to screen visitors by age and provide the extra privacy protections only to children.

However, child-directed sites or services that knowingly target children under 13 as their primary audience or whose overall content is likely to attract children under age 13 as their primary audience must still treat all users as children, the FTC said.

Common Sense Media, an advocacy group focused on protecting children online, praised the proposed changes. "The FTC's recommendations are crucial steps toward keeping the Children's Online Privacy Protection Act up-to-date in a rapidly changing online and mobile world," CEO James Steyer said in a statement. "The digital world is constantly changing, but the goal of empowering parents to protect their children remains the same."

The FTC is seeking public comment on the proposals.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts