FTC Solicits Comments on Proposed COPPA Rule Safe Harbor Program

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

Sept. 16 --The Federal Trade Commission Sept. 18 asked for public input on a new, proposed safe harbor program under the Children's Online Privacy Protection Rule, the “kidSAFE Seal Program” (78 Fed. Reg. 57319, 9/18/13).

The commission's final amendments to its rule implementing the Children's Online Privacy Protection Act, or COPPA Rule, took effect July 1 (12 PVLR 1184, 7/8/13). The COPPA Rule imposes parental notice and consent requirements on websites and online services collecting information from children younger than 13.

“The Rule includes a 'safe harbor' provision designed to encourage increased industry self-regulation in this area,” the FTC said in a Sept. 16 statement. “Under this provision, industry groups and others may ask the Commission to approve self-regulatory guidelines that implement the protections of the Rule. Companies that comply with the FTC-approved guidelines receive safe harbor from agency enforcement action under the Rule.”

Los Angeles-based Samet Privacy LLC has applied for approval of its kidSAFE Seal Program, which it describes on its website as a “'seal of approval program that independently reviews and certifies the safety practices of children-friendly websites and technologies, including kid-targeted game sites, educational sites, virtual worlds, social networks, mobile apps, tablet devices, and other similar online and interactive products.”

Services that comply with its standards are allowed to display a “kidSAFE Certified” seal.

Samet Privacy said it is seeking safe harbor status only for the “kidSAFE+” aspect of its program. It offers two levels of certification: kidSAFE, which requires a child-directed website or service to demonstrate compliance with the program's basic safety guidelines; and kidSAFE+, which also requires a site or service to demonstrate compliance with privacy guidelines based on the revised COPPA Rule.

The FTC said that it is specifically interested in seeking the public's feedback on:

• the impact, benefits and costs of each provision in the proposed guidelines, as well as any alternatives;

• whether the provisions in the proposed guidelines that govern website operators' information practices offer “the same or greater protections for children” as the protections contained in the COPPA Rule;

• whether the mechanisms that are used to assess the compliance of website operators with the guidelines are effective;

• whether the incentives for compliance are effective;

• whether the proposed guidelines provide a sufficient means to resolve complaints from consumers; and

• whether Samet Privacy has “the capability to run an effective safe harbor program.”


Comments on the kidSAFE Seal Program proposal are due Oct. 18.

Five other groups have received the FTC's stamp of approval for their safe harbor programs: the Children's Advertising Review Unit of the Council of Better Business Bureaus, the Entertainment Software Rating Board (4 PVLR 1455, 12/5/05), TrustE, Privo Inc. (3 PVLR 919, 8/9/04) and Aristotle International Inc. (11 PVLR 367, 2/27/12).

The FTC's Federal Register notice is available at http://www.gpo.gov/fdsys/pkg/FR-2013-09-18/pdf/2013-22638.pdf.

The kidSAFE Seal Program application, which includes the proposed kidSAFE+ certification rules, is available at http://www.ftc.gov/os/2013/09/130916kidsafeapplication.pdf.

Request Bloomberg Law: Privacy & Data Security