Webmasters must guard kids' privacy

"How to Comply With The Children's Online Privacy Protection Rule"

Not only is privacy a major issue on the Web for federal agencies, but particular emphasis is being given to children's rights to privacy in a Web-enabled world.

The Federal Trade Commission has a Web page for the Children's Online Privacy Protection Act (COPPA) that provides a guide on COPPA and a summary of most of the key issues related to children's privacy.

The page explains that COPPA, which became effective April 21, 2000, applies to the online collection of personal information from children under 13. "The new rule spells out what a Web site operator must include in a privacy policy, when and how to seek verifiable consent from a parent and what responsibilities an operator has to protect children's privacy and safety online," the page explains.

Although COPPA is aimed primarily at commercial Web sites that collect information from children, the law states that any "general-audience Web site" must comply with COPPA.

The key threshold question is whether the Webmaster or program office knowingly collects personal information from children. Any Web site that collects information from, encourages visits from, or provides information of general interest to children should take a hard look at COPPA.

You will, of course, need to coordinate with your legal office on what is proper in view of COPPA. Particular attention should be paid to the use of cookies and to statistics gathered on Web pages that include children's participation.

The FTC has the overall responsibility for compliance with COPPA and can bring enforcement actions.

Your privacy policy and procedures need to be updated to address COPPA. Because of the sensitivity of any issue involving children, COPPA issues should move to the forefront of your Webmaster's priorities.

In addition, you should tailor a specific privacy policy that applies to your home page for children. Look carefully at the requirements for parental consent regarding the collection of any information involving children.

I highly recommend viewing the FTC's Kidz Privacy site for guidance on what is appropriate and inappropriate. Also, review the FTC privacy statement for what is appropriate for a privacy statement.

A search at the FTC site for "COPPA" or other keywords related to privacy statements for children brings up interesting text from many privacy associations.

—Kellett is founder of the Federal Web Business Council, co-chairman of the Federal WebMasters Forum and is director of GSA's Emerging IT Policies Division.


  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.