What if your company had a buffer between it and the Federal Trade Commission, just as it’s enacted tough new rules in the Children’s Online Privacy Protection Act (COPPA)—someone who could pick up the phone and ask agency staff a question on your behalf, or provide you with warnings on non-compliance before a government investigator knocked on your door?
As sweeping, amended privacy regulations take effect on Monday, companies have long been taking advantage of such a shield: the FTC-approved safe harbor programs, a kind of shelter built into COPPA.
And more companies with child-directed websites and mobile apps may choose to join these safe harbor programs as they seek to comply with COPPA rules changes that expand the scope of what’s considered “personally identifiable information.” Under the rule, companies can’t collect images, audio, or persistent identifiers of children under 13 without obtaining parental consent—and companies are also liable if third parties operating on their sites collect that data without consent.
But in joining a safe harbor, “You can think of it as insurance against some very serious liability and costs for violating COPPA, even innocently,” says Blair Richardson, general counsel of Aristotle, whose safe harbor program was the most recent to be approved last year.
The commission is “more or less deputizing you to handle problems before they hit the FTC deck,” Richardson adds.
Read the full article here.