The Children’s Online Privacy Protection Act of 1998 was designed specifically to regulate the online collection of personal information on children under 13 years old. Enacted on 21 October, 1998 as Public Law Number 105-277, 112 Statute 2581-728, this law is now found at 15 U.S.C. 6501-6506. The law became effective April 21, 2000. The Federal Trade Commission is responsible for regulating and enforcing this law, and provides answers to frequently asked questions on their website. The law is often referred to as COPPA.
To determine whether or not a site is directed towards these children the Federal Trade Commission takes into account several different factors. They may look at the content of the site, the language used on the site, whether or not animated characters are used on the site that would appeal to children of this age group, the subject matter, visual content, age of the models that might be used on the site, and other factors. A site they not specifically claim to be directed towards children under the age of 13, and still have to comply with this law.
To comply with COPPA a company must use “reasonable procedures” to ensure they are actually dealing with parent or legal guardian of the child. These procedures could include obtaining a signed a form from the parent, accepting credit card in the parrots name, or taking a call from the parent of a toll free number. In fact, COPPA sets out requirements to work with this age group that are so strict, time consuming, and expensive to comply with, that most web sites simply say you must be over 13 to use the site. Of course, this requires nothing more than having a check box on the site that says “I certify that I am over the age of 13” before proceeding into the site, which is easy enough for a child to click. But taking this precaution brings a company into compliance with COPPA.
The Federal Trade Commission has enforced this law several times since it became effective. In 2003 Mrs. Fields’ Original Cookies and Hershey Foods Corporation both settled suits for violation of this law. In 2006 UMG Recordings was fined $400,000 for violation. The Federal Trade Commission had an easy case here, since the recording company collected personal information including birth date on their website. The same year, Bonzi Software, Inc. also paid fines to the FTC for the same reasons.
The fact that companies have been in violation of this law has a subtext that is very important to the average consumer today. It is difficult to believe that corporations of this size simply disregard a law that is going to cost them so much in penalties. However, the fact that such fines have been paid illustrates the fact that companies often precede with marketing strategies that are in violation of laws of which they are unaware. The companies mentioned here are each of sufficient size to warrant their own legal department, or at least have legal counsel, so even with that, it is not uncommon for a company to get into hot water.