Professional Documents
Culture Documents
Coppa Paper 1
Coppa Paper 1
Madeline Ile
Dr. Kielbowicz
COM 440 AB
13 March 2020
Modern Communication and the Inefficacy of the Children’s Online Privacy Protection Act
The influence of the Internet has changed drastically since its development. People’s
whole lives-their finances, school, work, social interaction, even the security of their homes-exist
on their phones and computers. The federal government has made efforts to regulate what
happens on the internet as it relates to people’s privacy. One of such efforts is the Children’s
Online Privacy Protection Act of 1998 (COPPA), a law that enables the Federal Trade
Commission (FTC) to hold websites that collect information from children accountable in their
treatment of that information. However, since time has passed and technology has further
advanced, COPPA has struggled to keep up with the new means of which corporations can
collect data from children. COPPA does not go far enough in its efforts to protect children from
unethical online business practices, and should continue to adopt more rules as technology
develops.
Senators Richard Bryan (D-NV) and John McCain (R-AZ) introduced the Children’s
Online Privacy Protection Act of 1998 (COPPA) on July 17th, 1998 (Cong.). The senators had
learned through research conducted by the Center for Media Education that many websites were
gathering personal information from children, often through ploys like games and contests to
learn about their personal lives and families’ financial situations (Cong.). In their original
proposal of the bill, Sen. Bryan and Sen. McCain stated that the FTC should have the ability to
Ile 2
create requirements that commercial websites aimed at minors disclose that they are receiving
information from children, obtain consent from parents before collecting data on children 12
years of age and under, that the parents of children ages 13-16 be able to opt-out from such data
collection, that parents be able to access the information that has been collected about their child,
and that the data collected from children be secure (Cong.). The proposal also suggested
self-regulation as a means to ensure compliance with the law, and that state attorney generals
enforce it (Cong.).
the September 23, 1998 hearing for this bill (Cong.). Many experts in the industry gave
testimony, all of whom focused a great deal on the efficacy of self-regulation and how much the
bill should allow the government to control business (Cong.). Hon. Robert Pitofsky, the
Chairman of the FTC at the time, said that self-regulation efforts were not working, and that he
thought the government should get involved in the matter (Cong.). Steven J. Cole of Better
Business Bureaus Inc. (BBB) and Gerald Cerasale of the Direct Marketing Association did not
agree, and spoke to the ability of their organizations to help with self-regulation (Cong.). Further
testimony from Deirdre Mulligan (Center for Democracy and Technology) and Kathryn
Montgomery (Center for Media Education) contradicted Cole and Cerasale, reiterating the idea
that self-regulation was insufficient in controlling internet activities (Cong.). Self-regulation was
included in the final section of the law (Admin.). COPPA requires that the FTC evaluate whether
or not a service is complying with COPPA, and also created a provision in which certain
organizations (such as BBB) can create their own compliance programs, and if members break
Ile 3
them, they are subject to safe harbor discipline instead of enforcement from the federal
government (Admin.).
The government has amended COPPA since it came into existence, and may soon modify
the law again. According to the FTC, COPPA was left unchanged after a 2005 review of the act,
but was amended in 2013 after further scrutiny in 2010 (Admin.). The revision to COPPA adds
“geolocation information, photos, videos and audio recordings” as well as cookies to the list of
information collected about children that operators would have to disclose to parents and keep
secure (Admin.). The FTC is currently considering changing the language of COPPA again to
Despite these efforts to keep up with the ever-changing nature of the internet, COPPA
has failed to protect children from the collection of their data on many platforms. Social media,
YouTube, and even smart toys have successfully gathered information from minors through
loopholes. COPPA applies to websites that target children as well as websites with “actual
knowledge” that minors under 13 use their site (L. Rev.). This fact means that sites like
Facebook can (and have) created limits on how old one has to be to create an account without
developing any method to verify that someone 13 years or older is running the account (L. Rev.).
COPPA also fails to define what actual knowledge means, which makes it easier to get away
with collecting information from children (L. Rev.). Facebook only investigates profiles of
people whom others have reported to be underage, which ignores a large number of children who
have profiles on social media (L. Rev.). Facebook and other social media platforms should make
a greater effort to ensure that the people who use their site are of the age that they say they are
(L. Rev.).
Ile 4
YouTube is another site that has previously not been COPPA compliant, and may still be
uncooperative. In September 2019, Google (which owns YouTube) paid a fine of $170 million to
the FTC for tracking children and subsequently placing advertisements on videos intended for
those minors (Pub. Involv.). As a result, all YouTube videos created for children cannot have
advertisements or comments (Pub. Involv.). If a video reaches children and is not labelled “for
kids”, the creator of the video, not YouTube, would be held legally responsible for violating
COPPA (Pub. Involv.). This change has led to a significant loss of money for creators of kids'
content on the platform, and a legal burden that they should not have to carry. If COPPA
included more specific language which implicated YouTube (instead of content creators) for the
data collection of younger children, COPPA would do its job more effectively and could keep
YouTube from transferring the responsibility of keeping kids safe to those who make videos.
Finally, insufficient regulation of smart toys and other home devices shows that COPPA
does not cover a broad enough scope to fully protect children from the gathering of their personal
information. There are toys that exist which use technology like microphones, cameras,
internet-connectivity, and GPS to influence what the toy does based on its interaction with the
child (Cong.). Since the 2013 amendment to COPPA, a company would need to disclose this
type of data collection to the parents of the children who own the toy (Cong.). COPPA did
clarify, however, that if the toy deletes the recording immediately then it will not be subject to
the enforcement of COPPA (Cong.). This new rule, while somewhat clarifying enforcement of
COPPA relating to smart toys, does not provide clarification for other devices like Google’s
Assistant or Amazon’s Alexa, which can also collect a child’s data (Cong.).
Ile 5
In summary, the Children’s Online Privacy Protection Act has somewhat accomplished
its goal of protecting children’s personal information, but it has a long way to go. COPPA should
be re-evaluated every five years in order to assess whether or not it is serving the public the way
that it should. With respect to social media, YouTube, and Internet of Things devices, COPPA
could be doing more to hold the industry accountable for the safety of the children who use their
services. Hopefully, the current review of COPPA will lead to more effective rules.
Ile 6
Bibliography
Bergen, Mark, and Lucas Shaw. 2019. “Inside YouTube’s Year of Responsibility.”
http://search.ebscohost.com.offcampus.lib.washington.edu/login.aspx?direct=true&db=bth&AN
Gina Stevens, “Smart Toys and the Children's Online Privacy Protection Act of 1998,”
House Hearing Before the Committee on Commerce, 105th Cong., 2nd Sess., p. 310-378 (1998)
(Cong.)
Senator Bryan (NV). “Children’s Online Privacy.” Congressional Record (October 21, 1998) p.
Senator Bryan (NV). “The Children’s Online Privacy Protection Act of 1998.” Congressional
Record ( July 17, 1998) p. S8482. Available from: HeinOnline; Accessed: 3/9/20. (Cong.)
Shannon Finnegan, "How Facebook Beat the Children's Online Privacy Protection Act: A Look
into the Continued Ineffectiveness of COPPA and How to Hold Social Media Sites Accountable
in the Future," Seton Hall Law Review 50, no. 3 (2020): 827-854 (L. Rev.)
“Request for Public Comment on the Federal Trade Commission's Implementation of the
Children's Online Privacy Protection Rule,” last modified July 25, 2019,
https://www.federalregister.gov/documents/2019/07/25/2019-15754/request-for-public-comment
-on-the-federal-trade-commissions-implementation-of-the-childrens-online. (Admin.)
“Revised Children’s Online Privacy Protection Rule Goes Into Effect Today,” last modified July
1, 2013,
Ile 7
https://www.ftc.gov/news-events/press-releases/2013/07/revised-childrens-online-privacy-protec
tion-rule-goes-effect. (Admin.)