Skip to main content

FTC Approves Another COPPA Safe Harbor Program

Written by Julia Siripurapu

The FTC has announced its unanimous approval for the kidSAFE Seal Program proposed by Samet Privacy, LLC under the “safe harbor” provision of the COPPA Rule (the “kidSAFE Seal Program”). The Commission’s decision comes after an extended public comment period due to the agency’s shutdown last year.  For more information regarding the kidSAFE Seal Program please see our prior blog post.

The safe harbor provision of the COPPA Rule enables interested entities to submit to the FTC for approval self-regulatory guidelines that implement the protections of the COPPA Rule. The FTC determined that the kidSAFE Seal Program meets the following key criteria for a COPPA safe harbor program:

  1. provides “the same or greater protections for children” as the standards set forth in Sections 312.2 – 312.10 of the COPPA Rule;
  2. includes effective mechanisms to assess members’ compliance with the program guidelines, including, at a minimum, a comprehensive annual review of each member’s information practices, and whether such mechanisms are effective;
  3. includes  effective disciplinary actions for member non-compliance with the program guidelines; and
  4. provides adequate means for resolving consumer complaints.

To date, five other organizations have received FTC approval for COPPA safe harbor programs: Aristotle, Inc., the Children’s Advertising Review Unit of the Council of Better Business Bureaus, the Entertainment Software Rating Board, TrustE, and PRIVO.

 If you are operating an online site or service required to comply with COPPA, participation in an approved COPPA safe harbor program will, in most circumstances, be subject to the review and disciplinary procedures provided in the safe harbor's guidelines in lieu of formal FTC investigation and law enforcement.

Subscribe To Viewpoints


Cynthia J. Larose

Member / Co-Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.