CYBERLAW Cyberlaw Meets Family Law: The Children’s Online Privacy Protection Act of 1998 (COPPA) Class of Nov. 11, 2002 Professor Susanna Fischer.

Slides:

Advertisements

Similar presentations

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.

Advertisements

Protection of privacy for all Students!

HIPAA Privacy Training Your Name Here. © 2004 MHM Resources Inc.2 HIPAA Background Health Insurance Portability and Accountability Act of 1996.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.

Key Changes to HIPAA from the Stimulus Bill (ARRA) Children’s Health System Department Leadership Meeting October 28, 2009 Kathleen Street Privacy Officer/Risk.

WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.

Silicon Valley Apps for Kids Meetup Laura D. Berger October 22, 2012 The views expressed herein are those of the speaker, and do not represent the views.

Children's Online Privacy Protection Act and the Video Privacy Protection Act By: Alana Rushing.

IS3350 Security Issues in Legal Context

Hong Kong Privacy Code on Human Resource Management

2/16/2010 The Family Educational Records and Privacy Act.

Microsoft Passport Waldemar Swiercz.

FERPA 2008 New regulations enact updates from over a decade of interpretations.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Children, Privacy and the Internet. Why do we need special protection for children?

FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

Patricia Section 06 For Children’s Online Privacy Protection Act (COPPA)

Per Anders Eriksson

DEED WorkForce Center Reception and Resource Area Certification Program Module 2 Unit 1b: WorkForce Center System II Learning Objectives III.

Office of Safe and Drug-Free Schools Advisory Committee Meeting February 21, 2007.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

“Internet” and “Operator” (COPPA Statute) InternetOperator Collectively the myriad of computer and telecommunications facilities, including equipment.

CONSUMER PROTECTION AND LITIGATION: CONSUMER PROTECTION AND LITIGATION: Ryan Mehm Attorney Bureau of Consumer Protection Federal Trade Commission The views.

FERPA Family Educational Rights and Privacy Act and Rebecca Macon Registrar University of Georgia Presentation for GASFAA October.

The U.S. Approach to Consumer Protection in the Online World U.S. Presentation FTAA Joint Government Private Sector Committee on Electronic Commerce 13th.

Using the Internet to Conduct Research What Investigators and IRB Members Should Know -- January 29, Lisa Shickle, MS Analyst, VCU Massey Cancer.

HIPAA PRIVACY AND SECURITY AWARENESS.

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

Web Awareness: Knowing the Issues Web Awareness: Knowing the Issues © Media Awareness Network 2000.

Marketing Systems Group Southern California MRA Education Seminar Presentation September 17, 2005 Privacy and Current Issues.

707 KAR 1:360 Confidentiality of Information. Section 1: Access Rights 1) An LEA shall permit a parent to inspect and review any education records relating.

Health Insurance Portability and Accountability Act (HIPAA)

Federal Trade Commission required to issue and enforce regulations concerning children’s online privacy. Initial COPPA Rule effective April 21, 2000;

2006 SISO Executive Conference Legal Issues in Using Mailing Lists: The CAN-SPAM ACT The Junk Fax Prevention Act The National Do Not Call Registry.

Family Educational Rights and Privacy Act (FERPA) UNION COLLEGE.

Health Insurance Portability and Accountability Act (HIPAA) CCAC.

Health Insurance Portability and Accountability Act of 1996 HIPAA Privacy Training for County Employees.

Understanding HIPAA (Health Insurandce Portability and Accountability Act)

The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.

LAW OF COMPUTER TECHNOLOGY FALL 2015 © 2015 MICHAEL I. SHAMOS Regulatory Law Michael I. Shamos, Ph.D., J.D. Institute for Software Research School of.

Can We Keep Our Kids Safe on the Internet? By Kim Hollingsworth - ETEC 562.

COPs You Won’t See on TV Good COPPA? Bad COPPA? Art Wolinsky Laurie Maak Full Version and Additional Resources

Federal Agencies and Laws for Consumer Rights

Computer Issues Acceptable Use Policy Online Safety Photo Permission Forms Rachel Gorsuch Stephanie Herbin Natalie Wu Acceptable Use Policy Online Safety.

The Internet of Things and Consumer Protection

Student Financial Assistance. Session 55-2 Session 55 Internet Privacy Laws.

Acceptable Use Policy By: Ashley Crehan Jessica Harmon Emily Edwards.

Third Quarter 2013 FTC – COPPA NACHA - Operating Rules Change NCUA – Loan Participations.

Essentials Of Business Law Chapter 27 Conducting Business In Cyberspace McGraw-Hill/Irwin Copyright © 2007 The McGraw-Hill Companies, Inc. All rights reserved.

May l Washington, DC l Omni Shoreham Web Hosting Potentials and Pitfalls David Snead Attorney W. David Snead, P.C.

“Kids First, New Mexico Wins!” NMPED Data Conference Spring 2016 Dan Hill General Counsel, Public Education Department Randi Johnson General Counsel, State.

Online Marketing: Industry Innovation and Government Enforcement Actions Privacy Symposium Wednesday, August 22, 2007 Christine Varney Partner, Hogan &

Laws and Regulations. Family Educational Rights and Privacy Act Children’s Online Privacy Protection Act Protection of Pupil Rights Amendment Health Insurance.

Enrollment and Degree Verification Form Revised 06/2016 Process The University of Oklahoma Health Sciences Center Office of Admissions and Records Robert.

Nassau Association of School Technologists

Student Data Privacy and Security

Silicon Valley Apps for Kids: COPPA BASICS

HIPAA Administrative Simplification

Final Amended COPPA Rule

Obligations of Educational Agencies: Parents’ Bill of Rights

Chapter 3: IRS and FTC Data Security Rules

Red Flags Rule An Introduction County College of Morris

HIPAA PRIVACY AWARENESS, COMPLIANCE and ENFORCEMENT

Disability Services Agencies Briefing On HIPAA

General Data Protection Regulations

FERPA For New Faculty Lawrence F. Glick Sr. Associate General Counsel

Presented by: Steve Gerdes 26 January 2019

Presentation transcript:

CYBERLAW Cyberlaw Meets Family Law: The Children’s Online Privacy Protection Act of 1998 (COPPA) Class of Nov. 11, 2002 Professor Susanna Fischer

COPPA, COPA, CIPA What’s the difference? COPPA is a very significant statute because it is the first and only federal privacy statute that is specific to the Internet.

WHAT IS COPPA’S MAIN GOAL? The primary goal of COPPA as well as the COPPA Rule is to place parents in control over what information is collected from their children online. The Rule was designed to be strong, yet flexible, to protect children while recognizing the dynamic nature of the Internet.

Who Must Comply With COPPA ? Operators of commercial websites 1. Directed to children 12 and under that collect/maintain personal information 2. That have actual knowledge that are collecting/maintaining personal information about children 12 and under

What is “Personal Information” Last name? First name? Address? address? Phone number? Social security number? Hobbies? IP address? Information Stored in Cookies?

WHAT DOES COPPA REQUIRE SUCH OPERATORS TO DO? Provide parents with NOTICE of their information practices Obtain PRIOR VERIFIABLE PARENTAL CONSENT for the collection, use and/or disclosure of personal information from children (with certain limited exceptions) Provide a parent, on request, with the MEANS TO REVIEW personal information collected from his/her child.

WHAT DOES COPPA REQUIRE SUCH OPERATORS TO DO? Provide a parent with the OPPORTUNITY TO PREVENT further use of personal information collected from their child (or further collection) Limit collection of personal information for child’s online participation in games, prize offers, or other activities to information that is REASONABLY NECESSARY for such activity. Establish and maintain REASONABLE PROCEDURES to protect the confidentiality, security, and integrity of the personal information collected.

PARENTAL CONSENT FTC tried to devise a method that would satisfy 2 goals: (1) ensure child’s parent actually agrees to let a website collect personal info from his/her child (2) do so without undue burden Reasonable efforts must be made to obtain verifiable parental consent, taking into consideration available technology, including: consent form to be signed by parent and returned by mail or fax, toll-free phone number for parent to call, digital certificate using public key encryption technology, accompanied by PIN, password

SLIDING SCALE For internal use of information, parental consent can be obtained through combined with additional step following receipt (confirmatory , letter or phone call) Sliding scale in force until April, 2005

DOES COPPA WORK? FTC Survey April 2002 of 144 sites at: Earlier study: Joseph Turow study on COPPA compliance in privacy policies on children’s websites for the Annenberg Public Policy Center (March, 2001)

ENFORCEMENT OF COPPA How is COPPA enforces, who enforces it, and what are the penalties for violating COPPA?

FTC ENFORCEMENT ACTIONS In April, 2001 FTC announced first civil penalty cases brought under COPPA against: Monarch Services and Girl’s Life (operators of Bigmailbox.com, Inc./Nolan Quan (operator of Looksmart Ltd. (operator of Under settlement, 3 companies agreed to pay $100,000 in civil penalties and delete personally identifiable information collected by children

FTC ENFORCEMENT ACTIONS 6 COPPA enforcement actions to date April 2001 Ohio Art Company (operators of the Etch A Sketch Website at: sketch.com/) – under settlement agreed to pay $35,000 penalty and not further violate COPPAhttp:// sketch.com/ Feb. 2002: American Pop Corn Company “Jolly Time” web site at: (had a Kid’s Club)– under settlement agreed to pay $10,000 and not to further violate COPPA Oct. 2001: Lisa Frank, Inc. (makes toys, school supplies; website at: – under settlement agreed to pay $30,000 and not to further violate COPPAhttp://

IS COPPA TOO ONEROUS? Companies – is it to expensive to comply? For example, Surf Monkey (see apparently spent between $50,000 and $100,000 to comply with COPPA Parents – is it too onerous to read privacy policies? For an example, see: Also, is opt- in too onerous?

DOES COPPA WRONGLY IGNORE TEENS? Websites’ information practices are still subject to Section 5 of the FTC Act, which prohibits unfair or deceptive trade practices. October 2002: FTC settles with 2 companies (National Research Center for College and University Admissions (NRCCUA) and American Student List (ASL)) that collected extensive personal information from millions of high school students claiming they would only share this with educational institutions, and then sold it to commercial marketers.

IS COPPA A GOOD LAW AS A FAMILY LAW? What does Anita Allen-Castellito think? Do you agree? Is COPPA a good law as privacy law? Should children be able to waive privacy rights in online personal information?

DO THE FOLLOWING SITES COMPLY WITH COPPA?