Bevy of state AGs want FTC to reign in social media companies’ services for children

12 March 2024- Maryland Attorney General Anthony G. Brown, as part of a bipartisan coalition of 43 attorneys general, joined a letter to the Federal Trade Commission (FTC) urging the federal government to update and strengthen the rules technology companies must follow under the federal Children’s Online Privacy Protection Act (COPPA). 

Congress enacted COPPA in 1998 to give parents more control over information collected online from their children. The law directed the FTC to establish rules (the “COPPA Rule”) for operators of websites or online services regarding how they collect, use, and share personal information of children under 13 years of age. The COPPA Rule was last changed in 2013. Today’s letter supports updates to the COPPA Rule that will strengthen its protections for children, specifically with respect to current technology and the evolving marketplace.   

In the letter, the coalition supported and proposed several changes to the COPPA Rule, including: 

  • Expanding the definition of personal information to include biometric data such as fingerprints, retina and iris patterns, DNA sequences, and data derived from voice data, gait data, and facial data, as well as avatars generated from a child’s image and likeness;
  • Limiting personalization of content to user-driven actions; 
  • Limiting the “internal operations” exception that companies use to justify collecting and using personal information; 
  • Clarifying the use of children’s personal information by schools; 
  • Requiring separate opt-in for targeted advertising; and  
  • Streamlining the parental consent processes and requiring separate parental consents for collection and for disclosure of children’s personal information.  

“We must protect our youth from internet risks that compromise their privacy,” said Attorney General Brown. “I’m calling on the FTC to prioritize updating regulations that safeguard youth from online dangers, including companies that try to collect personal information.”

The proposals made by the coalition aim to shift some of the burden from parents to providers to ensure that digital services are safe and secure for children.   

Both the FTC and attorneys general are empowered to enforce COPPA. Since the COPPA Rule became effective, attorneys general, on their own and in partnership with the FTC, have pursued multiple actions for violations of the COPPA Rule. For example, in October 2023, Maryland Attorney General Brown and other attorneys general sued Meta, the parent company of Facebook and Instagram, for violations of state consumer protection laws and COPPA. The complaint alleges Meta knowingly designed and deployed harmful features on Instagram and its other social media platforms that purposefully addict children and teens. All the while, Meta falsely assured the public that these features are safe and suitable for young users. The case is ongoing.  

In submitting the letter to the FTC, Attorney General Brown joins the attorneys general of Alabama, Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, the District of Columbia, Florida, Georgia, Hawaii, Illinois, Indiana, Kentucky, Maine, Massachusetts, Michigan, Minnesota, Mississippi Nebraska, Nevada, New Jersey, New Hampshire, New Mexico, New York, North Carolina, Ohio, Oklahoma, Oregon, Pennsylvania, Puerto Rico, Rhode Island, South Carolina, South Dakota, Tennessee, Utah, Vermont, U.S. Virgin Islands, Virginia, Washington, and Wisconsin.