The FTC Reminds Us That Data Deletion is Required by COPPA

Amidst the chaos of GDPR, the Federal Trade Commission (FTC) took a moment today to address data deletion requirements. The FTC reminded us that when it comes to the Children's Online Privacy Protection Act (COPPA) that it's not just about obtaining verifiable parental consent before collecting children's information. The FTC reminds companies that there are certain instances where COPPA requires companies to delete children's information, even when parents haven't requested that the company do so. The FTC gave the example of a subscription based service where the parent does not renew. In this case, the child's information must be deleted and the company must use reasonable security measures to ensure it has been disposed of. To read more about what the FTC had to say, visit the blog here.

CARU Speaks at Community Board in Manhattan

CARU staff attorney Andra Dallas gave a presentation to Community Board 1, serving lower Manhattan on Monday, December 7 th . Andra spoke to the Board’s Youth Committee about the importance of teaching children about understanding advertising and safe online practices. District Manager Noah Pfefferblit remarked, “thank you for your informative presentation to our Youth Committee members,” and offered the Board’s assistance if they “can be helpful to the important efforts at the Children's Advertising Review Unit.” Are you interested in having a CARU staff member visit your community board? Contact adallas@caru.bbb.org.

i-Dressup Shuts Down in Wake of Privacy Breach and COPPA Violation

I-Dressup, a fashion-themed social website for teens, has completely shut down as part of a settlement with the New Jersey Department of Consumer Affairs, following a massive privacy breach and violations of the federal Children's Online Privacy Protection Act (COPPA) and New Jersey state law. In September 2016, a hacker sent 2.2 million i-Dressup account credentials to technology blog Arstechnica as well as to haveibeenpwned.com, a searchable online database of data breaches. Responding to the news, New Jersey investigators discovered that 2,519 of the compromised accounts belonged to New Jersey children below age 13. I-Dressup, allegedly aware that it had child users, had violated COPPA by failing to obtain verifiable parental consent prior to collecting and processing personal information from the children, including first and last names and email addresses. In a consent decree with the New Jersey Attorney General Gurbir Gerwal, parent company Unixiz has closed i-Dressup,

Kids Internet Design and Safety Act Seeks to Protect Children from Harmful Online Content

United States Senators, Mr. Richard Blumenthal from Connecticut and Mr. Edward Markey from Massachusetts, introduced a new bill referred to as the Kids Internet Design and Safety Act (the “KIDS Act”). One of the Senator’s introducing the KIDS Act, Mr. Edward Markey, was the co-author of the Children’s Online Privacy Protection Act (“COPPA”). The KIDS Act seeks to include noteworthy advertising rules and create new protections for children online, specifically for online users under the age of 16. The proposed advertising rules within the KIDS Act are to ban websites from: (1) exposing young online users to advertisements “with embedded interactive elements”; (2) recommending any content involving alcohol, nicotine, or tobacco to young online users; and (3) recommending content that includes influencer marketing, like unboxing videos, or host-selling to young online users. Additionally, the KIDS Act seeks to prohibit certain online features to protect children, like prohibiting

Search This Blog