The Children’s Online Privacy Protection Act is a federal law in the United States. The Federal Trade Commission has warned business enterprises located outside of the borders of the United States that they must comply with the law if the companies wish to tap the U.S. market. Many of the target companies are ignoring the warning, which is a significant mistake.
The purpose of the Children’s Online Privacy Protection Act [“COPPA”] is to give parents control over information collected from their children online. Passed in 1998, the Act is a federal law enforced by the “FTC” throughout the United States. The law is not binding in other jurisdictions, which leads to a misunderstanding on the part of many companies located outside of the United States.
The World Wide Web is living up to its name these days. Country borders grow less important by the day as companies seamlessly do business with customers half way across the planet in the blink of an eye. From a legal perspective, this raises a question regarding what laws apply to what situations? Should a company based in Rome, Tokyo, Shanghai or Sao Paulo give any thought to legislation in the United States? The answer is yes…if businesses in these locations wish to tap the consumer markets in the United States.
In simpler terms, the regulatory focus of companies should be on the markets they are seeking to access, not the location of their operations. COPPA becomes a larger concern for many international commercial enterprises using this interpretation.
In December 2014, the FTC issued a very public warning letter to BabyBus regarding potential violations of COPPA. BabyBus is a Chinese app developer. In the letter, the FTC details its view that the app developer needs to comply with COPPA because its sells apps through the iTunes and Android app stores targeting consumers in the United States.
In reality, the intention of the FTC with this letter is to warn all international operators that the laws of the United States will apply if consumers in the country are the target of marketing campaigns. International entities targeting the U.S. market would be wise to comply with this directive, particularly app developers.
A shrewd company executive might react to the FTC position by querying exactly how the Agency will enforce its position. Does the Agency really think it can enforce a judgment rendered in the United States against a company in, for example, China? Such a result is doubtful, but beyond the point in many ways. Let’s return to the BabyBus example to investigate the reason.
The letter sent to BabyBus by the FTC was merely a warning. The agency did not file a formal legal claim against the company. Despite this, all BabyBus apps were pulled by Google from the Android store. Within this action, we find the answer to our question. The Agency will seek judicial injunctions barring offending companies from accessing consumer markets in the United States. The FTC will also likely seek a “till tap” order requiring all companies based in the United States that are handling any part of the monetary transaction to transfer the revenues to the FTC instead of the international entity in question. Both are devastating results for the corporate entity.
The FTC position is clear when COPPA compliance by entities located outside of the United States is an issue. If a company wishes to tap consumer markets in the country, it must comply with COPPA. Contact me today to learn more.
Richard A. Chapo, Esq.