COPPA
Children's Online Privacy Protection Act
COPPA (15 U.S.C. §§6501-6506; 16 CFR Part 312) regulates online services directed to children under 13 or that knowingly collect personal information from children under 13. The January 2025 FTC amendments (effective April 22, 2026) expand the definition of personal information to include biometric identifiers, require a written data retention policy, mandate a written information security program, and restrict disclosure of children's data to third parties without separate verifiable parental consent.
Regulatory Citation
Example in Practice
An ed-tech provider serving K-12 students that collects persistent device identifiers and uses them for behavioral advertising falls within COPPA and must comply with the amended rule's data-minimization and consent requirements.
Key Research Citations
- ·FTC COPPA Rule Amendments (January 2025)
- ·van der Hof & Lievens (2018, International J of Law and IT) — Children's privacy by design
Full bibliography available on the Research page.
Related Terms
This glossary entry is educational. It is not legal or clinical advice. Consult a qualified attorney or licensed clinician before making decisions that rely on this summary.