Are you ready? The deadline for compliance with the updated COPPA amendments has come and gone. Will your products stand up to inspection? If not, are you in the process of getting things compliant, or are you overwhelmed, struggling with where to begin?
There’s no doubt that the new COPPA amendments have set the industry abuzz and have created challenges across the board. No matter where you are with your compliance efforts, you’ll want to examine existing processes and practices and create a pathway to get into alignment. This will not only help you with the current rule, but will also help to ensure that you’re not left scrambling in the future.
Here are some tools for getting started:
Step 1: Determine your target audience
Is your product directed to children? If so, are children the primary or secondary audience? Neither? Then are there any areas within your general audience product or service that would be considered directed to children? This is something you’ll need to consider in the short term, and in the future as you update your product or service across time. Little changes can add up to big shifts in the perceived target audience, and that can impact compliance.
Step 2: Assess your product
Take a look under the hood. How was your product built? Are there social networking plug-ins? Is your revenue model dependent on ad networks? What data are you collecting, both overtly and “silently,” without involvement from the user? Do you need it all? These are critical questions, and they’re just the start. Work with your compliance team to conduct a full assessment of your products. Determine what adjustments need to be made now to get into alignment with the law. The process of gathering all of the relevant information and truly understanding your data practices takes time and some digging. When you’re done, be sure to craft the policies and practices that will help guide your teams through the regulation in the future.
Step 3: Update your privacy policy
When was the last time you looked at that privacy policy? Is it up to date? Does it reflect your data handling practices accurately? Is it positioned properly in your product? Is it readable? Does it include all of the required provisions?
This is by no means a simple or a short process. However, if done correctly, it can help to position your business to be in alignment with regulation in the future, and will give your teams the resources they’ll need to develop new products and services that are compliant from the start. It is a necessary, and ultimately cost-saving process, with results that will serve as a roadmap for your future success.