COPPA 2.0 compliance is here. Whether your site is ready or not, you need to be asking, enquiring, and doing whatever you can to come up to par with the current regulations. There is a laundry list of provision’s the FTC has put in to place and it’s time to comply.
Inversoft has provided a shortened version of the ‘Business and Parents and Small Entity Compliance Guide’.
Please remember, this is merely a simplified reference. For more detailed information refer to the link at the bottom of this page.
1. I automatically collect geolocation information from users of my children’s app, but I do not use this information for anything. Am I responsible for notifying parents and getting their consent to such collection?
2. What if I give my users a choice to turn off geolocation information? Do I still have to notify parents and get prior parental consent?
If there is any collection of geolocation information (no matter the options given to users) the operator is responsible notifying and obtaining consent from parents.
3. The amended Rule covers “geolocation information sufficient to identify street name and name of city or town.” What if my children’s app only collects coarse geolocation information, tantamount to collecting a ZIP code but nothing more specific?
As long as the information collected “is more general than that sufficient to identify street name and name of city or town” COPPA does not require an operator to notify parents and obtain consent.
4. The geolocation information I collect through my app provides coordinate numbers. It does not specifically identify a street name and name of city or town. Do I have to notify parents and get their consent in this instance?
If at any point the app provides geographical data sufficient to identify street name, city or town (longitude/latitude) COPPA will be triggered.
For more information on Geolocation Data click here.