Oregon AG Rosenblum, 43-state coalition urge FTC to update, strengthen children’s online privacy, safety protections
In a letter Monday to the Federal Trade Commission, Oregon Attorney General Ellen Rosenblum co-led a bipartisan coalition of 43 state attorneys general urging the federal government to update and strengthen the rules technology companies must follow under the federal Children’s Online Privacy Protection Act (COPPA).
The rules governing online privacy protections for children up to age 13 have not been updated in over a decade. At the same time, the digital world has evolved rapidly — with smartphones, social networks, and connected devices becoming an even greater part of our lives.
Congress enacted COPPA in 1998 for the purpose of giving parents more control over their children’s information collected online. The legislation directed the FTC to establish regulations for operators of websites and online services regarding how they collect, use, and share personal information of children under 13 years of age.
“The technology-fueled harms that our nation’s youth face are real and growing,” said Oregon’s Attorney General Rosenblum and President of the National Association of Attorneys General (NAAG).
Support for these COPPA Rule comments reached the number of attorneys general required to constitute NAAG policy.
“I am pleased our bipartisan association of attorneys general agrees the COPPA rule must be updated — to give parents and regulators the tools they need to protect our kids in the rapidly evolving digital landscape, ” added AG Rosenblum.
The FTC is proposing changes to the COPPA Rule that would place new restrictions on the use and disclosure of children’s personal information and further limit the ability of companies to condition access to services on monetizing children’s data. The proposal aims to shift the burden from parents to providers to ensure that digital services are safe and secure for children. The attorneys general coalition wants the FTC to strengthen the amendments it’s proposing to the COPPA rules.
Among other things, the attorneys general are urging the FTC to expand the definition of “personal information” to include biometric identifiers such as fingerprints, retina and iris patterns, a DNA sequence, and data derived from voice data, gait data, and facial data, as well as avatars generated from a child’s image and likeness.
The attorneys general also ask the FTC to adopt a comprehensive framework for determining whether services qualify for a proposed parental consent exception, and to prohibit operators from abusing the multiple-contact exception in COPPA with engagement-maximizing push notifications. (To read all the recommended updates, read the letter in full.
By statute, both the FTC and state attorneys general are empowered to enforce COPPA. Since the COPPA Rule became effective, state attorneys general, on their own and in partnership with the FTC, have pursued multiple actions for violations of the COPPA Rule.
For example, in 2019, the FTC and the New York Attorney General sued Google and its subsidiary YouTube, alleging they violated the COPPA Rule by collecting personal information—in the form of persistent identifiers that are used to track users across the Internet—from viewers of child-directed channels, without first notifying parents and getting their consent. The case settled — with Google and YouTube agreeing to pay $136 million to the FTC and $34 million to New York for COPPA violations.
And late last year, state attorneys general, including Oregon’s, sued Meta, the parent company of Facebook and Instagram, for violations of state consumer protection laws and COPPA. The complaint alleges Meta knowingly designed and deployed harmful features on Instagram and its other social media platforms that purposefully addict children and teens. All the while, Meta falsely assured the public that these features are safe and suitable for young users. The case is ongoing.
As 2024-2025 President of NAAG, AG Rosenblum’s Presidential Initiative is entitled: America’s Youth: AGs Looking Out for the Next Generation. “These comments to the FTC in support of strengthening protections for children’s information online are an important part of our initiative that is focused exclusively on keeping our precious kids as safe as possible,” she said.
Led by AG Rosenblum and the attorneys general of Illinois, Mississippi and Tennessee, with assistance from Colorado, Connecticut, Massachusetts, New Jersey, and North Carolina, the comment letter to the FTC regarding amendments to COPPA was joined by the attorneys general of Alabama, Alaska, Arizona, Arkansas, California, Delaware, District of Columbia, Florida, Georgia, Hawaii, Indiana, Kentucky, Maine, Maryland, Michigan, Minnesota, Nebraska, Nevada, New Hampshire, New Mexico, New York, Ohio, Oklahoma, Pennsylvania, Puerto Rico, Rhode Island, South Carolina, South Dakota, Utah, Vermont, U.S. Virgin Islands, Virginia, Washington, and Wisconsin.