Advertising Directed to Children Strictly Regulated
Under DOPPA, website and app operators that direct their services to children must ensure that they do not advertise or market certain enumerated content that are considered by the law to be inappropriate for children’s viewing, such as alcohol, tobacco, firearms, pornography, and a host of other categories delineated by the law. In seeking to regulate sites that are directed to children, the Delaware law compliments the federal Children’s Online Privacy Protection Act (“COPPA”). However, DOPPA has a wider reach, as it defines children as anyone under the age of 18, while the federal law regulates online content directed to those under 13.
Additionally, to ensure that children are not exposed to inappropriate advertising content, even websites (and apps) that are not directed to children but which have “actual knowledge” that children access the site must refrain from engaging in targeted advertising of adult content by using their personally identifiable information.
Privacy Policies Must be Conspicuously Posted
While in most ways, the Delaware law is the same as the California law from which is was apparently modeled, while the California law only applies to websites that collect personally identifiable information about “consumers”, the Delaware law applies more broadly to online properties that collect personal information from “users”, and thus appears to cast a wider net.
Restrictions on Disclosure of E-Book information
Acknowledging that third parties do not have a right to know the viewing habits of e-book users without their informed consent absent special compelling circumstances, DOPPA prohibits e-book services from disclosing the personally identifiable information of readers to third parties unless certain exceptions apply. One exception is a disclosure to a law enforcement entity “pursuant to any lawful method or process by which a law enforcement entity is permitted to obtain information.” Further, a law enforcement agency can also obtain e-book reader information under the law when an imminent danger of death or serious injury is present.
Another exception is disclosure to a government entity other than a law enforcement entity, which may be obtained via a court order and timely notice to the user so that the user has the opportunity to quash the order and object to the proposed disclosure.
Third parties other than government agencies can obtain a user’s book service information only through a court order where the court issuing the order has found that the person seeking the disclosure has a “compelling interest” in obtaining the book information sought, which cannot be obtained by less intrusive means and again, where the user has the opportunity to contest the court order.
However, e-book providers are required to preserve the personally identifiable information of readers that they collect if asked to do so by a law enforcement agency. Of particular note, e-book providers are required to annually post a summary of, among other things, the requests for e-book users’ personally identifiable information by law enforcement and the nature of the disclosure, if any.
Given the DOPPA’s wide reach and regulation of a broad array of commercial internet activities, companies would be well advised to promptly examine their advertising and marketing practices, as well as the content of their online privacy policies, to ensure compliance with the new law by January 1, 2016.