In light of the recent COPPA (Children's Online Privacy Protection Act) violations and some hefty fines being doled out by the FTC (see our resources at the end of this post for links to the violations), we put together a list of 7 ways to be more COPPA compliant.
1. Collect as Little Information as Possible
The simplest way to be more COPPA compliant is not to collect personally identifiable information (PII) from your users. If you are collecting this type of information, ask yourself why. If the answer to that question isn't vital to your business, stop collecting the information. It’s easy to fall into the trap of collecting information for no other reason than having it.
One place you might have overlooked where you could be collecting PII is blog comments. Some blog software requires users to give their name and email addresses to post a comment. If you want to allow users to comment on blogs, make sure they can do so without sharing their information.
Another place to look is online features. If you require that users register in order to provide online features like saved games, settings and preferences, ask yourself if a simple username and password is sufficient. If you don't need additional information from the user, don't collect it.
2. Ask for the Age First
If users must register for your website, game, or community, you must determine their age first. Asking "are you under 13" with a yes or no answer isn't sufficient. You must ask for the user’s age in such a manner that they are more inclined to answer truthfully.