The United States' federal law, Children’s Online Privacy Protection Act of 1998 (COPPA), details the important things that must be included by website operators in its privacy policy and the responsibilities of the operators in protecting the privacy and safety of children online. It also mentions how and when to seek verifiable consent from a guardian or parent. The act is applicable to the online sites that collect personal or important information from children under 13 years old by entities or persons under U.S. jurisdiction.

The independent agency of the U.S. government, the Federal Trade Commission (FTC), has the authority to enforce COPPA and to issue regulations. The FTC created a ‘safe harbour’ provision, which is intended to encourage increased industry self-regulation. The provision allows industry groups and others to ask commission approval of self-regulatory procedures to guide the compliance of the participants. In the commission-approved programs, the operators of websites will first be subjected to disciplinary guidelines of the safe harbour program in place of FTC enforcement.

COPPA covers those online and website services that are operated for commercial purposes and are directed to children who are under 13 years old in the United States. Non-profit organisations are exempt from COPPA’s requirements. However, if a non-profit organisation operates for commercial purposes, they are subjected to COPPA. For those organisations which have failed to comply with COPPA, the FTC has taken action against them.

COPPA has been adopted as a response to the industry’s lack of compliance with the law. It has been created to protect the integrity, security, and confidentiality of personal information taken from children.