The Federal Trade Commission held a workshop earlier this week in Washington, D.C., to discuss possible updates to the COPPA Rule, which implements the Children’s Online Privacy Protection Act (“COPPA”). COPPA was originally enacted in 1998 and regulates the way entities collect data and personal information online from children under the age of 13. The Rule hasn’t been updated since 2013, and the intervening years have produced seismic technological advances and changes in business practices, including changes to platforms and apps hosting third-party content and marketing targeting kids, the growth of smart technology and the “Internet of Things,” educational technology, and more.
For the most part, FTC staff moderators didn’t tip their hand as to what we can expect to see in a proposed Rule revision. (One staff member was the exception, whose rapid-fire questions offered numerous counterpoints to industry positions, so much so that the audience would be forgiven for thinking they were momentarily watching oral argument at the Supreme Court.) Brief remarks from Commissioners Wilson and Phillips staked out their positions more clearly, but their individual views were so different that they too offered little assistance in predicting what a revised Rule may look like. Commissioner Wilson opened the workshop by sharing her own experience as a parent trying to navigate and supervise the games, apps and toys played by her children, and emphasized the need for regulation to keep up with the pace of technology to continue protecting children online. Commissioner Phillips also referred to his children at one point, but his remarks warned against regulation for regulation’s sake, flagged the chilling effect on content creation and diversity when businesses are saddled with greater compliance costs, and advocated a risk-based approach.