The Federal Trade Commission (FTC) issued a policy enforcement statement on October 23rd, 2017 that provides new direction on the application of the Children's Online Privacy Protection Rule ("COPPA"). Specifically, they've updated the collection of audio voice recordings online. COPPA compliance applies to operators of online services that are either directed to children under 13 years of age or know they are collecting personal information from children under the age of 13.
The FTC clarified in 2013 that files containing a child's image or voice is "personal information" within the meaning of COPPA. The collection of audio data from children online requires legal scrutiny to ensure COPPA compliance.
The new FTC policy enforcement statement addresses inquiries about whether COPPA is triggered by the collection of audio data that is immediately converted to text and used as a substitute for text when the audio data is deleted after conversion.
The FTC stated that there is little risk involved when an operator immediately deletes the audio after converting it to text. Thus, the FTC determined that it will not take enforcement action when an operator collects an audio file containing a child's voice as a replacement for written words and then immediately deletes the audio file.
To benefit from the new non-enforcement policy, operators must:
- Provide clear notice of their practices with respect to collection, use and deletion of audio files
- Refrain from making any other use of audio files prior to destruction.
- Please note that the non-enforcement policy does not otherwise affect COPPA compliance requirements in any other respect.
The FTC has been increasing its focus on regulating data collection, usage, and disclosure practices. Therefore, any company that is active on the internet should consider where they stand with COPPA and if they can efficiently manage its regulations. For more information on COPPA policy management, click the button below.