The COPPA vs. COPA Confusion

Ignorance of the law is no excuse. And yet site operators are often surprised to learn that child protection statutes even exist, and that sites are required to adhere to them. Particularly, there remains a widespread (but mistaken) belief that COPPA was shot down by the courts in June 2000, and thus has never been enforced.

This confusion stems from that fact that not just one, but two laws aimed at shielding children from certain types of online content received media attention in the year 2000. And to make matters worse, they bore almost identical titles.

One of these laws was the Children's Online Privacy Protection Act (COPPA), discussed at length in this issue. The other bill, called the Child Online Protection Act (COPA), was intended to prevent children from viewing harmful material online. COPPA is an active statute, and is being enforced by the FTC today. COPA, on the other hand, hasn't enjoyed such good fortune.

COPA's provisions required site operators to verify the age of their users before allowing them access to any potentially inappropriate content. As written, however, the law would have left it up to individual communities to determine just what constituted "inappropriate material." It was this distinction that had site operators and business advocacy groups crying foul.

Because every Web site can potentially attract a far-reaching audience, COPA would in effect have required site operators to restrict their content to the standards of the most puritanical communities. If any site failed to do so, the law's detractors argued, a single visit from even the most far-flung community might have been enough to leave that site vulnerable to lawsuits.

The courts agreed, and in June of 2000, the Third U.S. Circuit Court of Appeals issued a decision barring enforcement of COPA, on the grounds that it was too broad and prohibitive. So far, that injunction has stuck. But in May of this year, the US Supreme Court agreed to review the case. If it decides to overturn the Third Circuit Court's opinion, COPA compliance may yet loom on the horizon for site operators in the United States.

Still, none of this has any bearing on COPPA. Remember, the double P stands for Privacy Protection, and protecting privacy is something every site needs to concern itself with today. In this case, compliance is not just a good idea; it's the law. —Neil McAllister