Although COPPA is an American data protection regulation, we are frequently asked for details about it. Here is an essential guide to the Children’s Online Privacy Protection Act.

What is it?

The COPPA rule is the USA’s law to regulate the online privacy of children. It came into effect on 21 April 2000 and is specifically concerned with the personal information of children.

The rule seeks to protect children under the age of 13 by giving parents and guardians more control of their child’s online activity.

To be compliant with COPPA, operators must follow a series of regulations that include, but are not limited to, making their privacy policy explicit across their services, storing and sharing data responsibly, giving parents and guardians the option to approve the collection of their child’s data and the option to review it and have it deleted. 

Why was it created?

COPPA is designed to combat the increased susceptibility that under 13s have to online marketing and advertising, and their potential lack of understanding about the implications of sharing personal information online.

Where does it apply?

COPPA is only applicable to personal information collected in the USA. It does not apply to operators in other territories who are serving campaigns outside of America.

Who needs it?

If you are an online service that is directed at under 13s and either you or other parties collect personal information from children, you are subject to the COPPA rule.

You are also required to comply if you target more general audiences but are aware of collecting personal information from under 13s, and if you are a network or plugin provider who is aware of collecting this information.

More information about COPPA, including the full details of what data is considered personal information, can be found here.