COPPA: Children’s Online Privacy Protection

The University of New Hampshire complies with the requirements of the Children's Online Privacy Protection Act (COPPA).  This Federal law defines users' rights and information management requirements applicable to the online collection and use of information from children under the age of 13.    Certain University sponsored events including summer youth programs, camps, tours and similar activities may include participants under the age of 13 and the responsible events managers must understand and comply with the law's requirements.  The information and documents provided here are intended to assist events managers when compliance to the law is necessary. 

Events or other activities which specifically exclude the participation of children under the age of 13 or, those where the participants' information collection is not done online, are not required to comply with COPPA.  In all cases, however, the events managers and website operators should be familiar with the law's requirements.

For further information or questions, please contact the UNH VPFA Office (603-862-2232 or online at http://www.unh.edu/vpfa/contactvpfa.html) or UNH ISS (603 862-2757 or online at https://td.unh.edu/TDClient/Requests/ServiceDet?ID=172 ).  You may also visit the webpage provided by the Federal Trade Commission, http://www.coppa.org/comply.htm for additional detailed information. 

The key COPPA requirements for UNH are:

  • The institution must post an online privacy policy describing its information practices for personal information collected online from persons under age 13.  The USNH Privacy Policy (http://www.usnh.edu/legal/privacy.shtml) fulfills this requirement for all USNH institutions. 
  • Events Managers and other website operators must provide direct notice to parents of the operator’s practices with regard to the collection, use, or disclosure of personal information from persons under 13, including notice of any material change to such practices to which the parents has previously consented.
  • Events Managers and other website operators must obtain verifiable parental consent to any collection, use, and/or disclosure of personal information from persons under age 13.
  • Events Managers and other website operators must provide means for a parent to review the personal information collected from their child and to refuse to permit its further use or maintenance.
  • Events Managers and other website operators must have procedures to protect the confidentiality, security, and integrity of the personal information collected from children under age 13, including by taking reasonable steps to disclose/release such personal information only to parties capable of maintaining its confidentiality and security.
  • Events Managers and other website operators must retain personal information collected online from a child for only as long as is necessary to fulfill the purpose for which it was collected and delete the information using reasonable measures to protect against its unauthorized access or use.
  • Events Managers and other website operators operators may not condition a child’s participation in an activity on the child providing more information than is reasonably necessary to participate in that activity.

Documents to assist UNH Events Managers and website operators with COPPA Compliance:

Custom Fields
  • Department: Information Security Services
Attached Files (2)
Related Articles RSS Feed
Ransomware arrives on the Mac: OSX/KeRanger-A
Viewed 724 times since Thu, Mar 10, 2016
Phishing and Spam
Viewed 2576 times since Wed, Apr 29, 2015
How to Determine if Your Computer is Vulnerable to WannaCry or Petya Ransomware
Viewed 436 times since Tue, Jun 27, 2017
Tips to Avoid Malware
Viewed 665 times since Thu, May 7, 2015
Should you send or receive UNH personally identifiable information by email?
Viewed 608 times since Thu, Jun 9, 2016
Back-up your files today!
Viewed 634 times since Mon, Nov 16, 2015
The Fake Speeding Ticket Scam - What Will Hackers Think of Next?
Viewed 688 times since Mon, Apr 4, 2016
SEED: Accepted Equipment List & Disposal Guide
Viewed 2042 times since Tue, Apr 28, 2015
System Center 2012 Endpoint Protection Windows Usage Instructions
Viewed 2073 times since Wed, Aug 12, 2015
How to Spot a “Phishing” Email
Viewed 963 times since Tue, Feb 2, 2016
MENU