Complying With COPPA: Privacy Lawyers Share Strategies as FTC Strengthens Enforcement
Even if a site is open to all audiences, such as YouTube or TikTok, lawyers say features like bright colors or emojis could lead the FTC to classify it as a platform appealing to children.
July 25, 2019 at 06:42 PM
3 minute read
Google subsidiary YouTube is the latest general audience site to face mass fines over Children's Online Privacy Protection Act violations, according to reports this week, a sign general counsel may want to rethink their compliance approach.
Alphabet Inc.'s Google settlement comes just months after the Federal Trade Commission slapped another general audience site, TikTok, with a record-setting $5.7 million COPPA violation fine. Tyler Newby, co-chair of Fenwick & West's privacy and cybersecurity practice group, said the TikTok fine marked “a shift in how the FTC approaches COPPA enforcement.”
Michelle Cohen, a member attorney at Ifrah Law, said many companies used to safely assume that if their site wasn't targeted at children under 13, they weren't liable under COPPA. But that's no longer the case.
Even if a site is open to all audiences, such as YouTube or TikTok, the lawyers said features like bright colors or emojis could lead the FTC to classify it as a platform appealing to children.
“I think having some mechanisms is certainly better from a regulatory, compliance [and] defense perspective than just saying, 'Well, our website is not designed for kids and so we're not responsible for COPPA,'” Cohen said.
Those defense mechanisms could differ for each company, the lawyers said. A good first step is figuring out whether a platform truly is general audience, or whether aspects of the site target young children.
Newby said it should be easy for users to submit notices flagging concerns about children on the platform. Offering a contact point shows sites are making an effort, Cohen said. And if notices are flooding in, or are reporting similar parts of the site repeatedly, those concerns should be brought to legal.
“If you receive a lot of notices that many users, thousands of users, are under 13, then you can't really just treat those as individual one-offs,” Newby said. “You need to reassess whether you are in fact a general audience site or whether you're directed to children under 13.”
If parts of the site are likely to attract young children, Newby said general counsel may consider putting an age gate for that content that would block user data collection or prompt verifiable consent questions in compliance with COPPA.
And make sure data collection is actually altered for children under 13. Newby said he's seen companies fined for “self-inflicted” issues more than once, establishing age gates to weed out young children but forgetting to change data collection processes.
Companies can also double-check users' ages as they sign up for the site. Cohen suggested platforms prompt users to input their birthdays or ages more than once, to catch children who may be using a fake date to access the site.
“You can't turn a blind eye,” Cohen said. “You can't watch everything, but you also can't say, 'Oh, I'm this general website,' when some of your biggest [users] are young kids.”
Read More:
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllIn Lawsuit, Ex-Google Employee Says Company’s Layoffs Targeted Parents and Others on Leave
6 minute readPre-Internet High Court Ruling Hobbling Efforts to Keep Tech Giants from Using Below-Cost Pricing to Bury Rivals
6 minute readWill Khan Resign? FTC Chair Isn't Saying Whether She'll Stick Around After Giving Up Gavel
$25M Grubhub Settlement Sheds Light on How Other Gig Economy Firms Can Avoid Regulatory Trouble
8 minute readTrending Stories
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250