A Children’s Privacy Certification Program for Protecting Kids’ Privacy
As a father of 3 boys, kids’ online privacy is important to me, as it is incredible where kids can wander and what mischief they can get into online.
TrustArc has been focused on kids’ privacy since we launched our Children’s Privacy Certification program in 2001, shortly after the Children’s Online Privacy Protection Act (“COPPA”) regulations became effective.
We updated the program in 2013 after the COPPA regulations were revised.
As part of that update to the program, we introduced new processes to help companies understand the tracking taking place on their websites so they can manage and comply with COPPA.
Why TrustArc is Committed to Protecting Kids’ Privacy
While our Children’s Privacy Certification program is not a major part of our business, TrustArc regards it as an important part of our privacy solutions set – due to the complexity and sophistication of the legislation it addresses and our ongoing commitment to protecting kids’ privacy.
We currently have approximately 20 COPPA certification customers out of 1,000+ certification customers overall.
Today, I’d like to provide some details of our settlement agreement with the Office of the Attorney General of the State of New York (“NYAG”) and our submission to the U.S. Federal Trade Commission (“FTC”) of revisions to enhance the TRUSTe Children’s Privacy Certification Program.
The settlement announced today relates solely to the operational practices of our Children’s Privacy Certification program.
Not to be confused with the vast majority of our business such as TrustArc’s many other TRUSTe certifications, consulting, and technology solutions.
TrustArc FTC Settlement to Enhance Children’s Privacy Certification Program
In August 2015, the NYAG began looking into two former participants in our Children’s Privacy Certification Program.
As part of this inquiry, the NYAG expressed concerns with how we implemented some operational and technical processes related to how companies monitored tracking on their websites.
We have agreed to several COPPA-specific actions – which do not affect our much-broader non-COPPA certification business.
This NYAG inquiry focused on a period prior to the FTC Order and Decision that went into effect March 2015.
While the FTC Order did not find issues with TRUSTe’s privacy practices, it does relate to our certification operations, including our obligations under COPPA.
New TRUSTe Certification Processes Already Implemented
Prior to the FTC Order, we had already begun instituting new certification processes and since that time we have continued to improve our policies, processes and governance practices to address evolving regulatory expectations and customer needs.
As part of the NYAG settlement we will continue some of our established operational and technical processes such as ongoing use of a dedicated technical scan review team to analyze trackers which we implemented in early 2016.
We will clarify:
- Some of our specific Children’s Certification program policies
- Operating procedures related to third party tracking technologies, such as an enhanced review and customer commitment regarding third party tracker uses
As part of our ongoing engagement with the FTC, we have been working with them to update our Children’s Privacy Certification program and look forward to their review of our proposed enhancements that have been submitted.
Whether it’s helping a Fortune 10 company manage their global privacy program with our technology or a small US gaming company protect kids’ privacy in their mobile app with a certification, TrustArc will continually strive to improve our services and technologies.
The changes announced today will help us continue this improvement and further assist our clients in achieving their privacy compliance goals.
Chris Babel, TrustArc CEO
Additional Details on the FTC Order
Our customers, regulators and TRUSTe all operate in an incredibly complex environment – and for two decades, TrustArc has been committed to promoting trust in how privacy and personal information are protected online.
As our business has grown within this environment, so has the complexity of related legislation.
In the case of COPPA, the 2013 revisions to the regulations are effective in improving children’s privacy partly because they address the increasing complexity of cross-site tracking and profiling online.
We take our regulatory relationships and scrutiny incredibly seriously.
And the fact is that our work with the FTC and the NYAG helps strengthen our business and the solutions we offer, because such interactions push us to help customers tighten compliance with much-needed legal protections in a fast-moving online world.
Most of what we have now formally agreed to with the NYAG relates to already well-established business processes that TrustArc implemented in support of our FTC Order.
And as part of our ongoing commitment to continually improving our certification and verification programs in response to changing customer needs.
Our business and the solutions we offer have changed, and will continue to change in response to evolving privacy requirements and expectations.
Much has evolved since the years-ago timeframe that was the basis of both regulators’ concerns.
Keeping pace with regulatory and other shifts, and delivering regular updates to the solutions we provide, will remain normal course of business for TrustArc.
For consumers, if you have an inquiry regarding the privacy practices of a TrustArc TRUSTe COPPA client or other certification client, please visit truste.com/consumer-resources.
TRUSTe provides privacy dispute resolution services to all of our certification clients so that you may raise privacy questions regarding a TRUSTe certified website, mobile application or business practice.