Introduction to Children's Online Privacy Protection Act


An Educational Service of the American Library Association

Office for Information Technology Policy


Prepared by Leslie Harris & Associates

in conjunction with OITP staff



Because libraries provide services to children, there are special issues that arise with respect to children's privacy.  The Children's Online Privacy Protection Act (COPPA) is the primary federal statute that safeguards the privacy of children on the Internet.  Although COPPA does not impose any specific requirements on libraries, in order to provide the best possible service to families, librarians must be aware of the rules governing children's privacy on the Internet if their libraries provide Internet access. 


COPPA requires commercial online content providers who either have actual knowledge that they are dealing with a child under 13 or who aim their content at children to obtain verifiable parental consent before they can collect, archive, use, or resell any personal information pertaining to that child.  Under the statute, personally identifiable information is any information that would allow someone to identify or contact the child.


Examples of personally identifiable information include full name, address, e-mail address, telephone number, or Social Security number, and, when combined with an identifier, information collected through cookie such as hobbies, interests, or other data concerning the child and/or the parents. COPPA requires commercial web sites targeting children to place their information collection, use and disclosure practices prominently on their web site, and mandates that site operators allow parents to review and delete information about their children collected by the site.


  There are numerous exemptions from the COPPA parental consent requirements, including for web sites that collect information that is not personally identifiable (e.g. demographic information), for web sites that collect information for one-time use only, if they do not archive the information, and for commercial sites that collect information for "more than one time use," such as a newsletter, provided that these sites notify parents and give them the right to review the information collected and to remove the child from

the service if they so choose.


The Federal Trade Commission has issued detailed rules implementing COPPA, which address:  1) how an operator of a web site must provide online notice of its privacy practices with respect to the treatment of information collected from children under 13 years of age; 2) what information an operator must include in its online notice; 3) how an operator must notify parents of children under 13 of its privacy practices; and 4) what information an operator must include in the parental notice.  It is important for librarians to understand these rules so that they can assist children who are asked for parental consent before engaging in certain online activities, and, if necessary, guide them to other sites that do not collect personal information.


Further information:


Federal Trade Commission:


Children's Online Privacy Protection Act:


Children's Online Privacy Protection Rule:


COPPA: The First Year--A Survey of Sites. A Report on Web Site

Compliance, Center for Media Education:



Copyright 2002, American Library Association, Office for

Information Technology Policy




This Online Privacy Tutorial is a service of the American Library Association. The content of this tutorial is primarily the work of Leslie Harris & Associates in Washington, DC. The views expressed in these messages are not necessarily the views of ALA or Leslie Harris & Associates. This tutorial is for information only and will not necessarily provide answers to concerns that arise in any particular situation. This service is not legal advice and does not include many of the technical details arising under certain laws. If you are seeking legal advice to address specific privacy issues, you should consult an attorney licensed to practice in your state.