Marketing On-Line to Children Just Got Stricter
Posted on 06/24/2013 at 08:42 AM by The Newsroom
The subject matter
Visual or audio content;
The age of models on the site;
Whether the advertising on the site is directed to children;
Information regarding the age of the actual or intended audience; and
Whether a site uses animated characters or other child-oriented features.
To determine whether an entity is an 'operator' with respect to information collected on a site, the FTC will consider:
Who owns and controls the information;
Who pays for the collection and maintenance of the information;
What the pre-existing contractual relationships are in connection with the information; and
What role the website plays in collecting or maintaining the information.
In December 2012, the FTC recommended several changes to COPPA which take effective July 1, 2013. These amendments include:
Covering data collection by plug-ins, software downloads, or advertising networks integrated into websites (this closed a loophole for third parties);
Requiring parental consent to include persistent identifiers (e.g., IP addresses, mobile devices) used for behavioral advertising and other tracking across web sites;
Allowing persistent identifiers to be used without parental consent if the use is limited to supporting their own operations and not as a marketing tool;
Treating geo-location information and any photo, video or audio file that includes a child's image or voice as personal information;
Allowing child-directed sites and services to differentiate among users by age-screening, and to provide notice and obtain parental consent only for those self-identifying as under 13;
Streamlining the notice requirements to ensure information about data collection and use practices is presented to parents in a succinct 'just-in-time' notice;
Requiring 'reasonable steps' to ensure any release of a child's personal information is made only to service providers and third parties capable of maintaining its confidentiality, security, and integrity; and
Regulating data retention and deletion.
Penalties are steep for violators - up to $16,000 per violation. There has been some indication that small companies who make a good faith effort to comply may be given a grace period; however that remains to be seen.
The material in this blog is not intended, nor should it be construed or relied upon, as legal advice. Please consult with an attorney if specific legal information is needed.
Categories: Intellectual Property Law
Questions, Contact us today.
The material, whether written or oral (including videos) that is posted on the various blogs of Dickinson Bradshaw is not intended, nor should it be construed or relied upon, as legal advice. The opinions expressed in the various blog posting are those of the individual author, they may not reflect the opinions of the firm. Your use of the Dickinson Bradshaw blog postings does NOT create an attorney-client relationship between you and Dickinson, Bradshaw, Fowler & Hagen, P.C. or any of its attorneys. If specific legal information is needed, please retain and consult with an attorney of your own selection.