As most website operators know, the updated COPPA Rule goes into effect on July 1, 2013. Included in the update comes an obligation to clearly list all third-party operators who collect personal information along with their name and contact information.
With this in mind, earlier this month, I used TrustArc’s Website Monitoring Service to find aggregate data for the top 25 Alexa-ranked kids’ gaming websites. My findings indicate that these sites utilize many third parties, including service providers that may be collecting personal information, such as persistent identifiers, directly from children under the age of 13.
These third parties may need to be listed in the gaming website’s privacy policy as collecting data directly from children to comply with the updated COPPA Rule. The FTC addresses this requirement in its updated COPPA FAQS in question C.5.
Summary of findings:
On average there are over 47 third parties per website. Over 62% of third parties found are advertising related companies, while the next largest category of social/sharing tools is at just over 7%. 77% of third party cookies found are persistent.
TrustArc gives companies the tools needed to identify all third party operators on their website in order to comply with the notice requirements of the updated COPPA Rule. In addition, TrustArc’s Children’s Privacy Program will ensure complete compliance with the updated Rule.
With just over 2 weeks to come into compliance, companies should assess their third-party operators with urgency to ensure the parties are properly listed in the privacy statement.
To get started with your COPPA compliance assessment today, contact TrustArc at 1-888-878-7830, or request a website scan to identify the third parties integrated into and collecting data through your website.