New Amendments to Children’s Online Privacy Protection Act Rule
Stronger Parental Consent Requirements, Limits on Data Sharing, Enhanced Security and Retention, Transparency for Safe Harbor Programs
A live 90-minute CLE video webinar with interactive Q&A
This CLE webinar will discuss the significant new changes to the Children's Online Privacy Protection Act (COPPA) Rule and its impact on businesses and certain website operators and online services. The panel will highlight the key requirements of the new rule and provide steps companies must take to minimize risks and ensure compliance with the evolving legal landscape.
Outline
- Background: COPPA's evolving legal framework
- 2025 amendments to the COPPA Rule
- Updated definitions
- Enhanced parental consent notices and requirements
- Heightened data security and retention requirements
- Increased transparency for FTC-approved COPPA Safe Harbor Programs
- Third-party due diligence standards
- Requirements not included in the final rule that were originally part of the 2023 notice of proposed rulemaking
- How the new rule compares with state children's privacy laws: California, Texas, Utah, others
- Action items for businesses and online operators to maintain compliance with the new rule's requirements
- Potential future rulemaking and agenda items for the FTC relating to children's online privacy
- Practitioner pointers and key takeaways
Benefits
The panel will discuss these and other key considerations:
- What are the significant amendments to the COPAA Rule?
- How do the new COPPA Rule amendments impact businesses and online operators?
- What steps should businesses take to comply with the new rule's requirements?
- What proposed provisions are missing from the FTC's final rule and what lies ahead for children's online privacy on both the state and federal level?
Faculty
Amber C. Thomson
Partner
Mayer Brown
Ms. Thomson counsels a wide range of clients, including private equity firms, financial institutions, and retailers, on... | Read More
Ms. Thomson counsels a wide range of clients, including private equity firms, financial institutions, and retailers, on complex and cutting-edge issues related to cybersecurity and privacy. She also helps clients assess and implement compliance and remediation efforts to comply with international and domestic regulations, including U.S. state comprehensive privacy laws, CPRA, COPPA, HIPAA, TCPA, PCI DSS, CAN SPAM, and GDPR. Ms. Thomson’s cybersecurity incident experiences range from deepfakes to double- and triple-extortion ransomware attacks. Carrying out these efforts, she advises clients through the incident response life cycle, including remediation, investigation, and notification. Ms. Thomson also represents clients in class-action data breach litigation cases and helps clients respond to federal and state regulatory inquiries that result from these incidents. Further, Ms. Thomson regularly collaborates on privacy and data security due diligence and facilitates executive and board training on incident response, privacy legal compliance, and the U.S. cybersecurity and privacy law landscape. She is recognized as a Certified AI Governance Professional (AIGP) by the International Association of Privacy Professionals (IAPP).
Close
Laura Riposo VanDruff
Partner
Kelley Drye & Warren
Ms. VanDruff counsels and defends companies on consumer privacy, data security, and consumer protection matters. Her... | Read More
Ms. VanDruff counsels and defends companies on consumer privacy, data security, and consumer protection matters. Her government and in-house background and her immersive understanding of consumer protection and privacy issues help Ms. VanDruff quickly identify and address areas of potential concern and facilitate efficient and favorable resolutions of FTC and State AG investigations and enforcement actions. During her near decade of service at the FTC Bureau of Consumer Protection, including as assistant director, Ms. VanDruff handled matters related to legal violations involving the privacy and security of consumer information. Her enforcement and policy portfolio at the FTC included the security of consumer information, IoT privacy and security, and health privacy. She enforced the Federal Trade Commission Act, Children’s Online Privacy Protection Act, Gramm-Leach-Bliley Act, and Fair Credit Reporting Act. Ms. VanDruff leverages her FTC experience to create targeted strategies that address regulatory concerns while protecting her clients’ interests. Clients value her strategic guidance on consumer data practices, particularly in high-stakes matters involving the use and disclosure of personal information. She advises financial institutions, fintechs, and data brokers on navigating regulatory risks, designing compliance programs, and responding to enforcement actions. Ms. VanDruff is a former assistant VP and senior legal counsel for AT&T, is Office Manager Partner of the firm’s Washington, D.C. office, and former Chair of the firm’s Advertising and Marketing practice group. She is a past lecturer at the University of Virginia School of Law.
Close