Reflections on Two Decades of COPPA

Last month, the Children’s Online Protection Privacy Act, or COPPA, turned 20! Twenty years ago, the online landscape for children was far less defined than it currently is. When COPPA first came into effect, its greatest aim was to ensure children didn’t become the object of constant data-mining and directed advertising. In the latter part of that decade, COPPA 2.0 was introduced to bring clarity to a landscape that had become far more vast and diverse in terms of what technologies were covered.

I started in the industry 5 years — nearly to the day — after COPPA launched. It would be several months before the legislation would mean anything significant to me, and another several months until it was at the centre of nearly everything I was doing. At the time, I was leading the community support team at Club Penguin. From the beginning, we collected very little data, and we intuitively sought parental consent to this collection because it felt like the right thing to do.

As we learned about COPPA, it all felt so natural! This piece of legislation required companies to consider that, if they wanted to collect and store personal information about a child, they would need a responsible parent’s consent to do so. Just imagine what the social media landscape would now look like without forerunning child privacy laws like COPPA!

In 2007, after Club Penguin was purchased by The Walt Disney Group, I was given the opportunity to provide feedback on the COPPA 2.0 revisions. I poured through the document, often lost in the language but enamoured by the weight of responsibility companies like the company I worked for would have to protect children’s privacy. Whereas some companies saw COPPA as a burden, to me it felt like a solemn contract between ourselves and the parents of the children we would serve through our products.

As years went on, I would sit in countless large and small rooms with experts and strongly-opinionated people talking about COPPA; sometimes praising it, other times complaining about it. It was either too strict or not strict enough, depending on who you asked. All the while, the conversation about collecting data from people, children included, was becoming more relevant and inescapable.

The debate still rages on about the role of self-regulation, and there are some great points to be made on the value of self-regulation and how it has progressed. At kidSAFE, we believe it’s the synthesis of self-regulation and thoughtful legislation that makes the most sense. Our network of members represent industry leaders who are committed to best practices when it comes to online safety, security, and privacy. In addition to certifying our members for compliance with COPPA, our certification guidelines go beyond what’s required of us and seeks to define what a healthy and safe Internet and digital-ecosystem look like for children, with or without legislation telling us to do so.

With this in mind, we celebrate the important role COPPA has had on our industry and look forward to seeing how we can continue to work together to harmonize legislation and self-regulation.

Happy 20th Birthday COPPA!

— -

kidSAFE’s mission is to improve the Internet and digital ecosystem for children and families around the world. We do this by partnering with companies of all sizes to help ensure their child-focused apps and technologies are safely designed and privacy compliant.

Visit our website.