The Children’s Online Privacy Protection Rule (COPPA Rule) spells out what operators of websites and online services must do to protect children’s privacy and safety online. The FTC’s Children’s Online Privacy Protection Rule: A Six-Step Compliance Plan for Your Business helps you determine if your company is covered by COPPA and explains how to get parents’ verifiable consent before collecting, using or disclosing personal information from their kids.
The COPPA Rule does not mandate the method a company must use to get parental consent. Instead, it says that an operator must choose a method reasonably designed in light of available technology to ensure that the person giving the consent is the child’s parent. The Commission, however, has determined that a number of consent methods meet that standard.
In addition to the methods listed in the COPPA Rule, the Rule also outlines a process through which companies may submit new parental consent methods for the FTC’s review and approval. Companies do not need to get Commission approval to use a different method. However, some companies want to get Commission approval to ensure that their method meets the Rule’s standard.
Requests for approval of new parental consent methods should be sent to the Office of the Secretary, with a detailed description of the consent method and an analysis of how it meets the standard set forth in the Rule — in other words, how the method is reasonably designed in light of available technology to ensure that the person giving the consent is the child’s parent.
Below are requests submitted to the FTC and the Commission’s determinations.
AgeCheq (first request)
AgeCheq (second request)