The Children’s Online Privacy Protection Act (COPPA) Rule is designed to protect children's privacy and safety online.
The Federal Trade Commission (FTC), our nation’s consumer protection agency, enforces the Children’s Online Privacy Protection Act (COPPA) Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. Effective July 1, 2013, the FTC updated the COPPA Rule to reflect changes in technology. CenturyLink enables its customers to comply with COPPA’s requirements, particularly customers whose websites are designed for children, or have websites geared to a general audience but may collect information from someone known to be under 13.
As a leading Hybrid Cloud Service provider, CenturyLink enables its customers to adhere to and meet the requirements for the COPPA Rule. COPPA gives parents control over what information websites can collect from their kids. The COPPA Rule—with new provisions in effect on July 1, 2013—puts additional protections in place and streamlines other procedures that companies covered by the rule need to follow. If a company or organization’s website is designed for kids or has a website geared to a general audience but collects information from someone under 13, they must comply with COPPA’s requirements.
The FTC has developed a Six-Step Compliance Plan for Your Business. CenturyLink can help address the final step of COPPA’s six-step plan: Implement Reasonable Procedures to Protect the Security of Kids’ Personal Information.
COPPA requires you to establish and maintain reasonable procedures to protect the confidentiality, security and integrity of personal information collected from children. The following are some suggested guidelines:
Downloadable PDF: The COPPA Rule: A Six-Step Compliance Plan for Your Business.
The COPPA Rule regulates the online collection of personal information from children under 13 years of age. The primary goal of the COPPA Rule is to give parents control over what information is collected from their children online and how such information may be used. The Rule applies to operators of websites and online services directed to children under 13, and to general audience websites that knowingly collect personal information from children under 13. The Rule has been in place since 2000 and the FTC revised it, effective July 1, 2013.
The COPPA Rule applies to operators of commercial websites and online services directed to children under the age of 13 that collect personal information. In addition, it applies to operators of sites and online services geared toward general audiences that have “actual knowledge” that they are collecting information from children under 13. Under the 2013 revisions, COPPA also applies to operators when they have “actual knowledge” they are collecting personal information from users of another site or online service directed to kids under 13. That means that in certain circumstances, COPPA applies to advertising networks, plug-ins and other third parties.
The Rule doesn’t require operators of sites or services directed to general audiences to investigate the ages of its users. However, asking for or otherwise collecting information that establishes that a visitor is under 13 triggers COPPA compliance.
So here’s the answer in a nutshell. You’re covered by COPPA if:
COPPA applies to personal information collected online by operators of both websites and online services. The term “online service” broadly covers any service available over the Internet, or that connects to the Internet or a wide-area network. Examples of online services include services that allow users to play network-connected games, engage in social networking activities, purchase goods or services online, receive online advertisements or interact with other online content or services. Mobile applications that connect to the Internet, Internet-enabled gaming platforms, voice-over-Internet protocol services, and Internet-enabled location-based services also are online services covered by COPPA.
Although the Rule doesn’t define the term, the FTC has said that an operator has actual knowledge of a user’s age if the site or service asks for - and receives - information from the user that allows it to determine the person’s age. For example, an operator who asks for a date of birth on a site’s registration page has actual knowledge, as defined by COPPA, if the user responds with a year that suggests they’re under 13. An operator also may have actual knowledge based on answers to “age identifying” questions like “What grade are you in?” or “What type of school do you go to? a) elementary; b) middle; c) high school; d) college.”
Third-party sites or services may have actual knowledge under COPPA, too. For example, if the operator of a child-directed site directly communicates to an ad network or plug-in about the nature of its site, the ad network or plug-in will have actual knowledge under COPPA. The same holds true if a representative of the ad network or plug-in recognizes the child-directed nature of the site’s content.
There’s another way an ad network or plug-in may have actual knowledge is if a concerned parent or someone else informs a representative of the ad network or plug-in that it’s collecting information from children or users of a child-directed site or service.
No, CenturyLink’s website isn’t directed to children under the age of 13, and the Company does not knowingly collect Personal Information from children under 13 years of age. If you are under 13 years of age you should not use this Website, and under no circumstance should you send information about yourself to CenturyLink. If CenturyLink discovers that a child under the age of 13 has provided us with Personal Information, we will immediately delete that child’s information from the Website. Go to our Privacy page for more information.
Hybrid-ready public cloud provides the agility, scalability and security expected from an enterprise-class cloud, backed by an industry leading global network.
Experts at the ready to maintain and administer your cloud deployments. Rapid provisioning, hourly billing, and highly automated.
A full complement of threat prevention, threat management, incident response and analysis services to support your hosted or on-premise enterprise security environments.
Maintain complex IT infrastructure and applications with our comprehensive portfolio of managed hosting services including, fully manage networks, servers, storage, operating systems, and security.
Gives a range of storage options including data replication and back up/archiving. CenturyLink solutions are secure, affordable and can provide data resilience with up to 5 nines.