The Federal Trade Commission announced that Iconix Brand Group, Inc. will pay a $250,000 civil penalty to settle charges “that it violated the Children’s Online Privacy Protection Act (COPPA) and the FTC’s COPPA Rule by knowingly collecting, using, or disclosing personal information from children online without first obtaining their parents’ permission.” The FTC said:
Since 2006, Iconix knowingly collected and stored personal information from approximately 1,000 children without first notifying their parents or obtaining parental consent, according to the FTC’s complaint. On one Web site, MyMuddWorld.com, Iconix also enabled girls to publicly share personal stories and photos online, according to the complaint. […]
The federal Children’s Online Privacy Protection Act (COPPA) seeks to protect children from online marketing techniques that are invasive and that their parents do not know of nor consent to. COPPA sets out regulations on the collection, access to and use of personal data by Web sites that are targeted to children (under age 13).
COPPA does not apply to Web sites that are not targeted specifically toward children. However, such general-audience sites must follow the COPPA regulations if they have specific sections for children or actual knowledge of children using their site (and therefore that they are collecting data from children). The Act also applies to international Web sites that are directed at children in the United States. Privacy Rights Clearinghouse has a good page on children’s online privacy.