The Children’s Online Privacy Protection Act (COPPA) is a law that governs the way children under 13 engage with online platforms and services; it laid the compliant groundwork for the collection, use, and disclosure of children’s data, making it a challenge for many organizations over the years. COPPA and other such regulations require companies to build extra layers of software, processes and audit trails documenting verifiable parental consent, disclosure notices, and the like, which is often a lot of extra effort that companies do not have expertise and time for. This is where PRIVO comes in. Being an FTC-approved COPPA-Safe Harbor, PRIVO provides businesses with the knowledge, resources, and tools to initiate and enable online engagement and transactions with children through parental consent. Businesses can then give parents a way to trust a common process—in essence; a privacy-enhanced single sign-on for parents that can be used across the digital ecosystem.
“Our solution gets you faster to market, whether clients use our APIs, SDKs and/or widgets. We bring the desired expertise and try to fit it into the client’s workflow to help them achieve their goal in a legally compliant way,” explains Denise. PRIVO is also the first solution in Europe to offer a General Data Protection Regulation (GDPR) compliance program as it relates to minors, called GDPRkids™. The program helps clients mitigate risk when legally engaging with children.
The company’s interoperable child and family-focused single sign-on and consent dashboard are a differentiator that no other organization offers.
The solution’s configuration and implementation are driven by roles, features and attribute requirements of the client, as well as tailoring the identity verification and consent process to meet jurisdictional needs. If clients opt for PRIVO’s standard configuration, it takes less than a week to get up and running. However, the more control the clients require on the front-end, the longer the implementation process turns out to be.
PRIVO’s SaaS solution protects and enables children’s data and parent consent by delivering privacy assured microservices and compliance expertise
PRIVO’s single sign-on solution was exactly what NASA’s Goddard Space Flight Center needed in order to obtain parental consent so that it could involve children with learning about NASA Spinoff technologies and collaborate with them. The aim was to collectively create a multi-media response to an annual challenge set by NASA, which could be viewed on the web and judged. PRIVO provides the accounts for the children, manages the communication with parents about the implications of the program, obtains their consent, and gives the children a login credential that could be used on partner sites. A parent associated login ID could be used to access a parent portal for any further consent or revocation requirements.
In the future, PRIVO plans to deliver an ‘Age Appropriate Device Registry’, aimed at helping companies that should not be engaging with children online, such as ad networks and age-restricted content and products. PRIVO plans to implement methods to inform organizations that a device registered to a minor is entering the space and it should be denied access if under the age limit.