What the Protecting Kids on Social Media Act (COPPA) Revisited Will Sensitivity The FTC to Data Privacy and Privacy Concerns
The Protecting Kids on Social Media Act, which was introduced earlier this year, is related to some of these proposed changes. But where Congress is deadlocked, regulatory action like agency rulemaking is a much more predictable process. The public will be given 60 days to give feedback on the proposal after the FTC posts notice in the Federal Register.
Data retention limits are included in the proposed rule changes. Data can only be kept for specific purposes and can’t be kept indefinitely. Data collection on children by education tech firms would be subject to school approval and couldn’t be used for commercial purposes.
Companies would be forbidden from using persistent identifiers in push notifications if they wanted to encourage kids to come back to theirAPPS when they aren’t actively using them.
The revised COPPA rulemaking is generally less Extreme than these bills, which is unsurprising since the regulations are made within limits of what Congress has already greenlit. The proposed rules of the FTC target the collection of data, specifically the data of users under the age of 13, instead of following users’ behavior and impacting personal privacy. In order for companies to opt kids in to targeted ads by default, they have to separate parental consent, if it is necessary for the service or website. If children don’t give consent to targeted advertising, the companies wouldn’t be allowed to give services.
The agency got more than 175,000 comments after it began reviewing its regulations under COPPA. Hundreds of millions of dollars in combined fines were issued to YouTube and TikTok, the vast majority of which were for handling data from users ages 13 and under.
When people sign up for the Buzz account, they are automatically created a friend network of people they email, which horrified some people as they discovered private email addresses and secret relationships. Washington regulators felt compelled to take action, but the United States did not have a national privacy law.
Congress does not look likely to act soon, leaving the privacy of hundreds of millions of people who entrust personal data to Google and Meta backstopped by the two consent decrees, static barriers of last resort serving into an ever-dynamic era of big tech dominance they were never designed to contain. The FTC is undertaking an ambitious effort to modernize its deal with Meta, but appeals by the company could drag the process out for years and kill the prospect of future decrees.
