Children’s Online Privacy Protection Act of 1998

Why Trust Techopedia

What Does Children’s Online Privacy Protection Act of 1998 Mean?

The Children’s Online Privacy Protection Act of 1998 (COPPA) is a federal law that prohibits websites from knowingly collecting and maintaining the online information and privacy of children under the age of 13. COPPA gives parents control of information collected from their children online. The law was enacted on October 21, 1998 and became effective April 21, 2000. COPPA violations are subject to civil penalties (up to $11,000 for each violation).


On December 19, 2012, the FTC introduced changes and updates to COPPA in the wake of the December 14 shootings at Sandy Hook Elementary School in Newtown, Connecticut.

Techopedia Explains Children’s Online Privacy Protection Act of 1998

Historically, COPPA defined the Internet of 1998, which did not include current information collection practices and technologies, such as Web advertising, mobile Web, geolocation and photos/images. The FTC’s revisions will affect the way that children use smartphones and applications (apps).

COPPA applies to any online collected data about children, including a child’s name, address, phone number and email address, and covers other types of data tied to a child’s personal information, like interests, hobbies or data derived from cookies or other tracking mechanisms.

The Federal Trade Commission (FTC) enforces oversight and compliance of the COPPA law and rule, which applies to the following:

  • Commercial websites or online services geared toward children under 13 that collect personal information from children. The FTC considers factors like audio/visual content, subject matter, advertising, site model age and language.
  • Websites or online services geared toward a general audience with knowledge of the collection of personal information from children. The FTC considers the website owner, who pays for data collection and maintenance, preexisting contractual relationships connected with the data and information and the role of a website in information collection.

Per COPPA, websites that fall under either category must do the following:

  • Post a website privacy policy describing its practices related to the collection of the personal information of children.
  • Allow parents to secure parental permission before data is collected. Parental control tools and antivirus software can assist with this.
  • Allow parents to choose to consent to the website’s collection and use of children’s information. However, this data may not be disclosed to third parties.
  • Allow parents to access their child’s personal data for review and/or information deletion.
  • Allow parents to prevent continued online collection or use of personal information.
  • Maintain the security, integrity and confidentiality of information collected from children.

Related Terms

Margaret Rouse

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…