US State legislative and Industry Efforts to fill gaps in Privacy of Children Online

The California state legislature and an industry self-regulatory group Center for Industry Self-Regulation Roadmap  have each initiated steps to enhance the privacy protection of children online, especially those which are not covered by the Children’s Online Privacy Protection Act (“COPPA”).

The California State Assembly Privacy and Consumer Protection Committeehas has  approved a bill AB-2273, that mandates service providers who provide online services that are more likely to be accessed by minors to build stronger privacy and safety safeguards into their services;   include by default privacy and data security protections; limit the personal information collection of minors; restrict  profiling; and explain the online service’s privacy settings in a way child friendly manner. This  bill has now been referred to the Assembly’s Appropriations Committee for consideration and may be amended before reaching a potential floor vote.

The BBB National Programs’ of the Center for Industry Self-Regulation has released a Teenage Privacy Program roadmap that outlines how companies should consider privacy risks and harms to children between 13 to 17 years. Though the roadmap is non binding, it encourages companies to provide teens with information on the  types of personal information collected, the controls available to protect their privacy  online; shares best practices related to advertising, geolocation data, age-appropriate content, user-generated content, content moderation, data sharing and data retention.