Search

The Children's Online Privacy Protection Act (COPPA)

Learn more about the Children's Online Privacy Protection Act (COPPA).
Ssweater
COPPA_gray_logo

What is COPPA?

The Children's Online Privacy Protection Act, known as COPPA, was enacted by the United States Congress in 1998, and became effective on April 21, 2000. COPPA required the Federal Trade Commission to issue and enforce regulations concerning children’s online privacy. In addition, COPPA gives states and certain federal agencies authority to enforce compliance with respect to entities over which they have jurisdiction.

About COPPA

COPPA places certain requirements on operators of websites or online services (apps, games online, connected toys, learning platforms, etc.) that are directed to children under 13 years of age or that have actual knowledge that they are collecting personal information online from a child under 13 years of age.

COPPA requires operators to notify parents of their information practices; obtain verifiable parental consent; collect the least amount of data possible; and maintain reasonable procedures to protect the confidentiality, security, and integrity of children’s personal information.

The primary goal of COPPA is to place parents in control over what information is collected from their young children under the age of 13 online and to protect them while accounting for the dynamic nature of the Internet.

COPPA provides the FTC with civil penalty authority to encourage compliance with the COPPA Rule. The FTC has taken law enforcement actions against companies that failed to comply with the provisions of the law. A court can hold operators who violate the Rule liable for civil penalties of up to $53,088 per violation. 


Want to learn more about COPPA? Read the full Rule from the FTC.

 

How do I determine if my online property triggers COPPA?

Do you...

  • Collect personal info from children under 13 (first name, last name, email, phone, username, password, age, gender, city, state, hobbies, etc.)?
  • Facilitate the ability to upload pictures, video or audio?
  • Provide wish list, sharing and/or “tell a friend” features?
  • Use behavioral or contextual marketing?
  • Share information with third parties or ad networks?
  • Enable connected smart toy or device 
  • Provide Facebook login or other open ID authentication services?
  • Chat and/or messaging board functions?
  • Newsletter and/or push notifications?
  • Attract children even though they are not your target audience?

 

If you can say YES to any of the above, then reach out to one of our experts.

Contact Us

How to Comply with COPPA

The Children’s Online Privacy Protection Act (COPPA) sets strict requirements for online services that collect, use, or disclose personal information from children under 13. To stay compliant, follow these key steps:

1: Know Your Audience

  • Determine whether your platform is child-directed, mixed-audience, or general audience under COPPA.
  • Understand how to apply the right privacy safeguards based on your audience.

2: Maintain a Clear & Up-to-Date Privacy Policy

  • Your privacy policy must be easily accessibleclearly written, and regularly updated to reflect COPPA requirements.

3: Identify & Protect Personal Information (PI)

  • Recognize what qualifies as personal information, including names, emails, geolocation, persistent identifiers, and more.
  • Limit data collection to only what is necessary.

4: Work with Trusted, Compliant Partners

  • Ensure that third-party services and vendors handling children’s data meet COPPA security and privacy standards.
  • Join a COPPA Safe Harbor to ensure compliance.

5: Obtain Verifiable Parental Consent (VPC)

  • Before collecting, using, or sharing a child’s personal information, you must:
  • Notify parents in a clear and direct way.
  • Obtain verifiable parental consent unless an exception applies.
  • Use an appropriate consent method based on the level of data collection.

6: Give Parents Control

  • Parents must have the ability to:
  • Review their child’s information.
  • Request deletion of personal data.
  • Withdraw consent at any time.

7: Limit Data Retention & Securely Delete Information

  • Do not retain personal data longer than necessary.
  • Implement secure deletion practices to prevent unauthorized access.

Need Help with COPPA Compliance?

Navigating COPPA requirements can be complex, but PRIVO makes it simple. Our trusted solutions help businesses manage parental consent, age verification, and privacy compliance with ease.

 Learn More About PRIVO’s Compliance Solutions

COPPA

COPPA Safe Harbors

What is a COPPA Safe Harbor?

The FTC’s COPPA Rule includes a “safe harbor” provision that allows industry groups and others to seek Commission approval of self-regulatory guidelines that implement “the same or greater protections for children” as those contained in the COPPA Rule.

Companies and organizations that participate in an FTC-approved safe harbor program will, in most circumstances, be subject to the review and disciplinary procedures provided in the safe harbor’s guidelines in lieu of formal FTC investigation and law enforcement.

Safe harbor programs must demonstrate that they meet certain performance standards, as outlined in Section 312.11 of the Rule.

PRIVO’s COPPA Safe Harbor Certification Program

PRIVO is approved by the FTC as an authorized Safe Harbor under the COPPA. Program members agree to submit to PRIVO’s oversight and consumer dispute resolution process. Members must meet definitive standards to assure that they are fully compliant with COPPA, offering a comprehensive service that includes auditing a digital property as it relates to children's privacy, parental notice and consent, and best practices for safer online communities. In addition to yearly audits and quarterly reviews, PRIVO conducts monitoring and consulting on a regular basis. Such standards must be strictly adhered to in order to ensure safe and responsible online interaction between online properties and children under the age of 13.

Learn more about our COPPA Safe Harbor program.

 

Learn more about our COPPA Safe Harbor Program

Here’s a few of our

Certified Members

Spinmaster_carousel
TOCABOCA_carousel
kidoz-1
MOOSE_carousel
redgames_carousel
Bob-Books-Logo_carousel
cricket media carousel
BEANO_carousel
XSOLLA_carousel
EOTS_carousel
ChuckEcheese_carousel
singular_carousel
wooz-world
BeyBladeBurst
SBL carousel
APPSflyer_carousel
pixowl
PTC_carousel
CFA_carousel
codemonkey

Sign up to receive the PRIVO newsletter

Contact Us

Let's connect!
Inspired-Internet-Pledge_Trustmark_Signatory

Contact us

703.569.0504 Phone
bsi
student-privacy-pledge-signatory.png
PRIVO_Shield_Mobile1

Terms of use   |   PRIVACY POLICY  Kids' Privacy Notice  Cookie Policy
Legal Stuff
© 2025 PRIVO®. All Rights Reserved

Manage Cookies