By Jenny Paul
The Federal Trade Commission has approved a new safe harbor program, called the iKeepSafe Safe Harbor Program, that websites and other online services may use to comply with its Children’s Online Privacy Protection Act rule.
COPPA regulates the collection and use by website operators and application developers of personal information from children under the age of 13. COPPA also requires website operators and application developers to obtain parental consent before collecting a child’s personal information. The COPPA rule allows industry groups or others to submit self-regulatory guidelines to the FTC for approval as a safe harbor program. Operators and developers who choose to be regulated under an approved safe harbor program will be deemed to be in compliance with COPPA if the operators and developers comply with the approved program’s guidelines.
A potential safe harbor program must demonstrate it can ensure that the website operators and app developers subject to its program provide similar or greater protections to children than the safeguards in the COPPA rule. The program must also demonstrate that it possesses an effective mandatory mechanism to assess the operators’ and developers’ compliance with its program guidelines and has disciplinary actions that will be taken if non-compliance occurs. The FTC determined that iKeepSafe met all of the above criteria. The FTC noted that iKeepSafe and its compliance partner, Playwell, have many years of experience in the children’s privacy sphere.
The Center for Digital Democracy opposed iKeepSafe’s application, saying the applicant wrongly used “permissive standards” instead of COPPA’s mandatory requirements. In approving iKeepSafe’s application, the FTC noted that the company modified its application and inserted mandatory language in its application in response to the concerns of commenters.