On June 18, 2024, the California Attorney General and the Los Angeles City Attorney (collectively, “the People”) announced a settlement with Tilting Point Media LLC (Tilting Point). The settlement resolves allegations that Tilting Point violated the Children’s Online Privacy Protection Act (COPPA), the California Consumer Privacy Act (CCPA), and the Privacy Rights for California Minors in the Digital World Act (Digital Privacy for Minors Act).Continue Reading Video Game App Developer Agrees to Pay $500,000 for Children’s and Minors’ CCPA, COPPA, and Ads Violations
COPPA
FTC Proposes Significant Changes to COPPA Rule
On December 20, 2023, the Federal Trade Commission (FTC) announced proposed changes to the Children’s Online Privacy Protection Rule (COPPA Rule) that would place significant new restrictions on companies that collect personal information from children under 13.Continue Reading FTC Proposes Significant Changes to COPPA Rule
Coalition of States Sues Meta for Alleged Harms to Children and Teens, and Alleged COPPA Violations
On October 24, 2023, a bipartisan coalition of 33 states’ attorneys general filed suit against Meta Platforms, Inc., alleging in a lengthy complaint that Meta’s social media platform features are unsafe and designed to induce young users’ compulsive and extended use.[1] According to the complaint, which is currently heavily redacted, Meta engaged in a four-part “scheme” to exploit young users for profit. The alleged scheme involved the following:Continue Reading Coalition of States Sues Meta for Alleged Harms to Children and Teens, and Alleged COPPA Violations
California Legislature Passes Far-Reaching Online Privacy and Content Regulation Bill for Minors
On August 30, 2022, the California legislature passed the California Age-Appropriate Design Code Act (the Act). Modeled after the UK’s Age-Appropriate Design Code, California’s act drastically changes the landscape of online privacy and content availability for minors in California. The Act goes beyond the current federal protections of the Children’s Online Privacy Protection Act (COPPA) and could impose onerous new requirements on companies that were and were not previously covered by COPPA. These requirements include, among other things, estimating the ages of minors using the company’s online services; conducting detailed Data Protection Impact Assessments (DPIAs) for new and existing products; significantly restricting the collection, use, and sharing of minors’ personal information; and configuring default privacy settings to a “high level of privacy.” If the bill is signed into law by Governor Newsom, the Act would come into effect July 1, 2024.
Continue Reading California Legislature Passes Far-Reaching Online Privacy and Content Regulation Bill for Minors
FTC Votes Unanimously to Release New COPPA Policy Statement and Proposed Amendments to the Endorsement Guides
On May 19, 2022, at an open commission meeting, the Federal Trade Commission (FTC) voted unanimously to: 1) release a new policy statement on the Children’s Online Privacy Protection Act (COPPA) indicating that the FTC will prioritize enforcement of COPPA’s substantive provisions and closely scrutinize EdTech providers; and 2) publish a request for public comment on proposed amendments to the Endorsement Guides (the guides) that are intended to bring them in line with current advertising practices. This was the first open commission meeting for Commissioner Alvaro Bedoya, whose confirmation on May 11 broke the FTC’s months-long 2-2 split along party lines.
Continue Reading FTC Votes Unanimously to Release New COPPA Policy Statement and Proposed Amendments to the Endorsement Guides
BBB National Programs’ Center for Industry Self-Regulation Launches Roadmap for Teen Privacy
On April 19, 2022, the BBB National Programs’ Center (BBB NP) for Industry Self-Regulation launched the TeenAge Privacy Program (TAPP) Roadmap, a new operational framework to help companies develop digital products and services attuned to privacy risks facing teenage consumers. In the United States, children 12 and under are protected by the Children’s Online Privacy Protection Act (COPPA). Once these children become teenagers, they age out of COPPA’s protections and, with limited exceptions, are treated as adults online. Yet a growing body of research indicates that these teenage consumers are uniquely affected by privacy risks resulting in harms ranging from cyberbullying, to platform addiction, to amplified insecurities.1 Regulators are increasingly interested in investigating these harms. For instance, in a widely publicized incident, a coalition of state Attorneys General recently opened an investigation into Instagram following news reports of a whistleblower’s allegations that Facebook’s privacy practices harmed teenage users. Despite increased public and regulatory scrutiny, no federal law has been enacted to provide companies with guidance on these issues. While it is not legally binding, the TAPP Roadmap aims to help fill this guidance gap by providing organizations with concrete operational considerations and best practices to address teen privacy risks.
Continue Reading BBB National Programs’ Center for Industry Self-Regulation Launches Roadmap for Teen Privacy
FTC Settles with Weight Watchers in First Children’s Privacy Case Requiring Deletion of Algorithms
On February 16, 2022, the Federal Trade Commission (FTC) filed a proposed settlement order in federal court in its case against WW International, Inc (formerly known as Weight Watchers International, Inc.) and its subsidiary Kurbo, Inc. (Kurbo) to resolve allegations that the defendants violated the Children’s Online Privacy Protection Act and its implementing rules (COPPA).1 The FTC alleged that the defendants violated COPPA by failing to provide required notices and obtain verifiable parental consent prior to collecting, using, and disclosing personal information from children using their weight loss app. As part of the proposed settlement, the defendants are required to, among other things: 1) update their procedures to ensure that they obtain verifiable parental consent before collecting personal information from children, 2) destroy all of the personal information they obtained in violation of COPPA as well as any models or algorithms based on that information, and 3) pay a civil penalty of $1.5 million.
Continue Reading FTC Settles with Weight Watchers in First Children’s Privacy Case Requiring Deletion of Algorithms