Attorneys Highlight FTC’s Focus on Third-Party Vendors After COPPA Cases
Companies should carefully analyze how third-party vendors are handling data to ensure compliance with the Children’s Online Privacy Protection Act (COPPA), privacy attorneys said in posts responding to the FTC’s recent action against Disney (see 2509020069) and Apitor (see 2509030057).
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
The FTC alleged Apitor violated COPPA by allowing third-party software to collect children’s personal data. As such, Mintz attorney Christopher Buontempo said in a post Friday that companies should “carefully scrutinize data collection of third-party vendors (and their data processing) to ensure compliance alignment.” Buontempo also recommended companies explore how COPPA might apply in the context of tech platforms like YouTube, an issue central to the settlement with Disney.
FoxRothschild’s Odia Kagan, in a separate post Monday, noted that if a service or product directed at children allows a third party to collect precise geolocation data, “you need verifiable consent from parents for this collection and sharing.”