We reached out to developers and asked for opinions on the rule so that we could structure our comments accordingly.
Developers Alliance filed comments on December 9th, 2019 in response to a Federal Trade Commission (FTC) request on whether additional changes are needed to the 2013 revisions to the Children’s Online Privacy Protection Rule (COPPA Rule).
COPPA is a US law passed by Congress in 1998 and effective April 2000. It was intended to give parents and guardians more control and visibility over who was interacting with their children online, and what information was being shared. COPPA imposes specific requirements on operators of websites or online services directed to children under 13 years of age. Additionally, it imposes requirements on operators of any websites or online services that know that they are collecting personal information online from a child under age 13 — whether they intended to or not.
You can check out our full comments once they have been reviewed and posted by the FTC, however, the main points made in our submission are as follows:
Developers believe that kids and their data deserve to be protected at a heightened standard given their vulnerabilities. We continue to support the general mission that COPPA is trying to accomplish, however, the process of enforcement has room for improvement given its impact on the developer community.
There must be a national consensus as to how children’s data should be classified and treated. GDPR, CCPA, and the myriad of other jurisdictional data privacy laws in the pipeline are creating too much work for devs. A patchwork system causes obstacles and duplicative legislation, thus having clear and concise rules for all developers to follow is key to the successful implementation of COPPA.
Being over-prescriptive in the implementation of COPPA makes compliance unrealistic for developers, leading to persistent under-compliance. Too many regulations for developers to follow can lead to either a shortage of quality content or a variety of apps that are not compliant with COPPA. The existing system creates too much of a hassle for parents, and benefits developers who are not compliant with COPPA practices. The rule should be designed to incentivize parents to participate in COPPA’s benefits.
The FTC should retain a robust Safe Harbors provision. Developers benefit greatly from having Safe Harbor programs as they assist smaller companies in being COPPA compliant. Further, they provide necessary protections from FTC enforcement for developer run companies who are in good faith working to be compliant.
It is vital for developers to maintain consistency in implementing COPPA provisions. Changes in regulations create excess work for developers and wastes resources that can be allotted elsewhere, especially given how many developer-run companies are small businesses. COPPA’s initial regulations should encompass all new technologies, thus there is not a reason to alter the compliance standards and open many apps up to being noncompliant.
The FTC is currently reviewing comments from all those impacted by the Rule. We will continue to keep the developer community informed on any potential changes to the COPPA Rule that may impact their business practices.
If you or your company is impacted by COPPA or any of its rule revisions or would like to offer insight on your experiences with this rule or the issues covered in it, please do not hesitate to reach out to our Policy & Developer Relations Manager Sarah Richard using the form here.