Privacy: FTC Finalizes Children’s Online Privacy (COPPA) Amendments
Amendment to increase restrictions on the collection, use, and disclosure of children’s personal information

KPMG Regulatory and Advisory Insights
- Privacy Expands: After over a decade, privacy protection rules for children see amendments to reflect changes in the marketplace.
- Collection of Personal Information: Significant changes in the collection of children’s personal information, including biometric identifiers.
- Data Security and Retention: Heightened standards to show ‘reasonable need’ for use/retention and security based on data sensitivity.
- Burden on Providers: The FTC states that the amendments aim to “shift the burden from parents to providers to ensure that digital services are safe and secure for children”.
__________________________________________________________________________________________________________________________________________________
The FTC finalized amendments to its rule implementing COPPA generally as proposed (see KPMG Regulatory Alert, here) with some “minor modifications” for clarity and to enhance readability. In a change from the proposal, the FTC did not adopt proposed provisions related to ed tech and the role of schools based on an anticipated student privacy rulemaking from the Department of Education.
As finalized, the rule becomes effective 60 days after publication in the Federal Register with compliance required 365 days following publication, except for certain Safe Harbor provisions that have earlier compliance dates.
For an overview of the proposed amendments, see this KPMG Regulatory Alert: FTC NPR to Children’s Online Privacy (COPPA).
Explore more



Regulatory Alerts
Quick hitting summaries of specific regulatory developments and their impact.
Get the latest from KPMG Regulatory Insights
KPMG Regulatory Insights is the thought leader hub for timely insight on risk and regulatory developments.
Meet our team
