Children's Online Privacy Protection Act

Summary.  These companion bills would require that any website or online service that is directed to children obtain parental consent before collecting information from children under the age of 13. Enforcement authority would be given to the Federal Trade Commission.  It would also allow states to bring prosecutions under the Act.  The key clause of the S 2326 RS (reported by Senate Commerce Committee on 10/1/98) provides:

"Not later than 1 year after the date of enactment of this Act, the Commission shall promulgate ... regulations that ...  require that the operator of any website or online service that collects personal information from children or the operator of a website or online service that has actual knowledge that it is collecting personal information from a child --- (i) provide notice on the website of what information is collected from children by the operator, how the operator uses such information, and the operator's disclosure practice for such information; and (ii) to obtain verifiable parental consent for the collection, use, or disclosure of personal information from children;"

The bill is also heavily loaded with definitions, exceptions, and exemptions.

Status.  While Congressional committees have devoted considerable time to studying the issue of privacy in cyberspace the proposals to regulate the online privacy of children were not filed until very late in this session.  Sen. Bryan introduced the bill on September 17, 1998.  The Senate Communications Committee held a hearing on September 23, 1998.  The full Senate Commerce Committee passed an amended version of the bill by a unanimous voice vote on October 1.  It may be passed in the Senate as an amendment to the Internet Tax Freedom Act.

Legislative History, with Links to Related Materials.

Tech Law Journal Stories.

Related Resources.

Other Online Privacy Bills.

HR 1367.  "Federal Internet Privacy Protection Act of 1997."   Sponsored by Rep. Barrett (WI).  This bill was introduced on April 17, 1997, and referred to the Committee on Government Reform and Oversight.  It would prohibit federal agencies from making available through the Internet certain confidential records with respect to individuals, and to provide for remedies in cases in which such records are made available through the Internet.  The records affected are those "maintained by an agency with respect to the education, financial transactions, medical history, or employment history of the individual" and which "contains the name or the identifying number, symbol, or other identifying particular assigned to the individual."

HR 2368.  "Data Privacy Act of 1997."  Sponsored by Rep. Billy Tauzin (R-LA).  This bill was introduced on July 31, 1997, and referred to the House Commerce Committee, and the Communications Subcommittee.  It provides for the establishment of a computer interactive services industry working group which shall establish voluntary guidelines: (1) limiting the collection and use, for commercial marketing, of personal information obtained from individuals through any interactive computer service; (2) relating to the distribution of unsolicited commercial electronic mail; and (3) providing incentives for following such guidelines. Prohibits: (1) the commercial marketing use of certain Government information regarding an individual that is obtained through the use of any interactive computer service without the individual's prior consent; and (2) the display of any individual's social security number through the use of any interactive computer service, with specified exceptions.  It also prohibits the commercial marketing use of any personal health and medical information obtained through an interactive computer service unless: (1) the person has obtained prior consent of the individual to whom such information relates for such use; or (2) such use is otherwise authorized by law.