COPPA Flashcards
What does COPPA stand for?
Children’s Online Privacy Protection Act
What is the purpose of COPPA?
To give parents control over what personal information websites may collect from children under 13.
When does COPPA apply?
To websites that collect and retain personal information (including cookies).
If a website does collect and retain personal information about children, what requirements must be met?
- Parental notice
- Parental consent mechanisms (right to opt out and destroy information at any time)
- Maintain policies and procedures on the confidentiality and security of children’s personal information.
ABC Bank does NOT operate a Web site or online service and has no presence on the Internet. What are ABC Bank’s obligations under the Children’s Online Privacy Protection Act?
a. It has no compliance obligations under the Children’s Online Privacy Protection Act
b. It must fulfill the parental notice requirements for live transactions with a child
c. It must provide children’s privacy disclosures when opening an account for a child
d. It must provide lobby disclosures to the public, generally regarding privacy when dealing with children
a. It has no compliance obligations under the Children’s Online Privacy Protection Act
If the bank is not an operator under the act, the law does not apply.
State National Bank operates an informational Web site. The site has descriptions of all the bank’s accounts, including its children’s savings account. The account is simply listed along with all other accounts; the bank makes no attempt to market the account to children on the Web site itself. The bank does not open accounts online, but the Web site does have an online reply form that consumers can use to request account-opening documents. State National’s procedures require minors to open accounts in person. The bank does not intend for children to send in any information via its Web site. However, it is possible for a child to request account-opening documents through the reply form. What is State National required to do to comply with COPPA?
a. Post the children’s privacy disclosures and fulfill the parental notice requirements
b. Nothing, because there is no intent on the bank’s part to obtain children’s information
c. Post a notice on the reply form that the bank will not accept requests from persons under 18 years of age
d. Delete the children’s savings account information from the Web site
c. Post a notice on the reply form that the bank will not accept requests from persons under 18 years of age
The bank is not targeting its site to children, so it does not have a responsibility to notify parents and post the disclosures. The bank should, however, make sure it is not collecting information from children through its reply form.
DEF Bank operates a general audience Web site with many pages describing its products and services. As a part of this Web site, it has a Kid’s Bank on one of the pages for the purpose of opening accounts for children. Where must the link to the bank’s disclosure of information-sharing practices with regard to children be displayed?
a. Only the bank’s home page
b. Only on the Kid’s Bank home page
c. On the bank’s home page and the Kid’s Bank home page
d. On every pageon of the Web site
b. Only on the Kid’s Bank home page