Webmasters must guard kids' privacy

"How to Comply With The Children's Online Privacy Protection Rule"

Not only is privacy a major issue on the Web for federal agencies, but particular emphasis is being given to children's rights to privacy in a Web-enabled world.

The Federal Trade Commission has a Web page for the Children's Online Privacy Protection Act (COPPA) that provides a guide on COPPA and a summary of most of the key issues related to children's privacy.

The page explains that COPPA, which became effective April 21, 2000, applies to the online collection of personal information from children under 13. "The new rule spells out what a Web site operator must include in a privacy policy, when and how to seek verifiable consent from a parent and what responsibilities an operator has to protect children's privacy and safety online," the page explains.

Although COPPA is aimed primarily at commercial Web sites that collect information from children, the law states that any "general-audience Web site" must comply with COPPA.

The key threshold question is whether the Webmaster or program office knowingly collects personal information from children. Any Web site that collects information from, encourages visits from, or provides information of general interest to children should take a hard look at COPPA.

You will, of course, need to coordinate with your legal office on what is proper in view of COPPA. Particular attention should be paid to the use of cookies and to statistics gathered on Web pages that include children's participation.

The FTC has the overall responsibility for compliance with COPPA and can bring enforcement actions.

Your privacy policy and procedures need to be updated to address COPPA. Because of the sensitivity of any issue involving children, COPPA issues should move to the forefront of your Webmaster's priorities.

In addition, you should tailor a specific privacy policy that applies to your home page for children. Look carefully at the requirements for parental consent regarding the collection of any information involving children.

I highly recommend viewing the FTC's Kidz Privacy site for guidance on what is appropriate and inappropriate. Also, review the FTC privacy statement for what is appropriate for a privacy statement.

A search at the FTC site for "COPPA" or other keywords related to privacy statements for children brings up interesting text from many privacy associations.

—Kellett is founder of the Federal Web Business Council, co-chairman of the Federal WebMasters Forum and is director of GSA's Emerging IT Policies Division.