Parental Education Key to COPPA Compliance, FOSI Panelists Say
Parental engagement is one of the biggest hurdles to developer compliance with the Children’s Online Privacy Protection Act (COPPA), said speakers from the application developer industry, a safe harbor program and the FTC during a Thursday panel at the Family Online Safety Institute 2013 Conference. “We can’t legislate parenting,” said Dona Fraser, vice president of Entertainment Software Rating Board Privacy Certified, an FTC-approved safe harbor program for COPPA compliance. Many parents share account or credit card information with their children, said Mark Eichorn, FTC assistant director-Consumer Protection Bureau’s Division of Privacy and Identity Protection. That makes it hard to verify that an app has received parental consent to collect information on a user under the age of 13, he said. “Until that changes, we've got to recognize a lot of parents do this,” he said.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
"Engage the parents” is the one thing Fraser said she always tells companies seeking COPPA-compliance advice. With the proliferation of mobile apps and mobile app vendors, parental interactions are becoming more difficult, said Dan Nelson, CEO and founder of Kpass, which helps developers comply with COPPA rules. “Right now parents are required to have individualized relationships with every single vendor,” he said.
The uncertainty among vendors about how to create a relationship with parents that is COPPA-compliant has the potential to create a “chilling effect” in the app marketplace, Fraser said. Developers and companies have to “determine whether they want to roll the dice or not,” she said. Fraser has seen some developers simply stop pursuing apps for children because they decide the risks, costs and uncertainties outweigh the possible rewards. “It’s very difficult for me to encourage companies” to comply, Fraser said.
Updating the “Frequently Asked Questions” page on the COPPA section of the FTC website could help developers better understand compliance, said Association for Competitive Technology Executive Director Morgan Reed. Some of the language is “static,” he said. The wording was “accurate at the time they were written” but doesn’t “represent the dynamism of the market” anymore, he said.
Eichorn understood Reed’s point, but said “there’s a consumer perspective” to consider. Reed and his group work with small and mid-sized app developers. Eichorn said he hears from people who want the FAQs to be more understandable to a layperson. His team tries to balance its responsibility to both groups, he said. Both Reed and Fraser agreed that if developers run afoul of the rules laid out in the FAQs, the FTC should “come after us,” Reed said. Fraser added: “The FTC has to make it clear there are real consequences for not complying.”