What Is COPPA & How Can I Keep Student Data Safe?
by Rose de Fremery, Moondrop Entertainment
Privacy is a serious concern for everyone, from school administrators to parents. Simply clicking “I Agree” or signing up for a new service can mean that you are consenting to provide a company with a wide range of your personal information without a clear understanding of what they will do with it. Where children are concerned, privacy protection is even more important. Fortunately, there are legal safeguards in place to help protect the privacy of our young ones.
You may have heard of the Children’s Online Privacy Protection Act of 1998 (COPPA). But do you know what it is and how it protects children’s privacy?
What Is COPPA?
COPPA is a 1998 law that prohibits website operators from collecting the personal information of children under 13 years old without verifiable parental consent. Although COPPA originally concerned websites, reflecting the landscape of Internet at the time, the law has since been expanded to include apps, online services and advertising networks.
Transparency surrounding data collection is a key component of COPPA. Site operators and app developers are required to prominently post a privacy policy that clearly states what information is collected, how it will be used, and whether it will be shared with third parties. Such personal information includes a child’s name, home address, e-mail address, or phone number. Parents have the right to review and delete any information that has been collected. They may also revoke consent that they previously granted. In such instances, the operator must delete the child’s personal information upon the parents’ request. Operators are also barred from forcing children to provide personal information in exchange for access to online games or contests.
COPPA was expanded in July 2013 to include new types of companies whose collection of minors’ personal data would be regulated, as well as new categories of personal information that had not yet been collected at the time the original law was written. Location information, voice recognition information, photos, videos and audio are now covered under COPPA. Marketers, advertising networks and social networks must now also obtain verifiable parental consent if they knowingly collect the private data of children under 13 years old. We can expect that COPPA will be revised and expanded in the future to reflect advances in technology so that privacy protections keep pace with our digital lives.
The Federal Trade Commission is charged with enforcing COPPA. It performs that role by monitoring Internet activity and soliciting reports of potential violations from parents via its website. Site operators found in violation of COPPA face significant fines, and state attorneys general may pursue legal action in federal district court to force compliance or obtain damages in connection with an alleged violation.
Why Should Schools Look for COPPA Compliance?
Schools need to ensure that the apps and services they use in the course of daily instruction and administration respect and protect the privacy of their students. It can be challenging to individually assess the privacy standards of each app or service, of course. That is why COPPA compliance is a helpful benchmark to use when evaluating the privacy safeguards of the technology tools you either already use or are contemplating adopting at your school or district.
What Schools & Teachers Should Look For
Many apps and sites claim that they are COPPA compliant. How can you verify if this is true or not? Here’s a checklist of things to look for:
- Has the app or site been certified as COPPA compliant by a trusted third party such as TrustE?
- Does the app or site require verifiable parental consent to create an account if the child is 13 years old or younger?
- Does the developer or site operator have a clear and easy to find privacy policy outlining what personal data it collects, how that data is used, and whether or not it is shared with third parties?
- In that privacy policy, does the developer or site operator transparently explain how users may access, review and delete their personal information?
With these criteria in mind, you should be able to determine whether or not the app or service in question takes its requirements under the COPPA law seriously. If you choose to contact the developer or site operator directly with questions, they should be prepared to give you clear and forthright responses about their data collection practices and COPPA compliance.
By performing this due diligence, you can ensure that your students’ privacy rights are honored and protected.
Rose de Fremery works with “Drawp,” a fully COPPA-compliant app that makes collaborating in schools elegant and fun.
She is also a writer, social media consultant, technologist, teacher and public speaker. She writes about technology trends, virtual communities, social media, women in technology, and business IT topics. Rose is the founder of lowercase d, a social media consultancy based in New York. Prior to that, she was Managing Editor of The Social Media Monthly, the world’s first print magazine devoted to the social media revolution. Rose is also a former nonprofit IT Director and sits on the board of Idealware, an organization whose mission is to help nonprofits make smart software choices. She works with Moondrop Entertainment on social media strategy and market research.
What Is COPPA & How Can I Keep Student Data Safe?