Senators Josh Hawley (R-Mo.), Edward J. Markey (D-Mass.), Richard Blumenthal (D-Conn.), Bill Cassidy (R-La.), Dick Durbin (D-Ill.), and Marsha Blackburn (R-Tenn.) today wrote to the Federal Trade Commission (FTC) urging it to use its authority under the FTC Act to launch an investigation into children’s data practices in the educational technology and digital advertising sectors. The Senators make their request following the Commission’s announcement that it will begin an ahead-of-schedule review of the Children’s Online Privacy Protection Act (COPPA) Rule and as kids’ technology use and media consumption has skyrocketed during the coronavirus pandemic.

"Children are a uniquely vulnerable population that deserve heighten privacy protections. The FTC should take extreme caution not to weaken – either purposefully or inadvertently – privacy protections under COPPA. In order to ensure that the COPPA Rule review benefits young users, the FTC should use its statutory power to uncover critical information about evolving and widespread threats to children’s privacy that warrant further protections."

A copy of the Senators’ letter can be found here.

In their letter, the Senators highlight the lack of public information regarding the ways companies collect and process children’s personal information and urge the FTC to use its authority under Section 6(b) of the FTC Act to develop a clear understanding of current industry practices as “an essential step in the COPPA Rule review.” Questions that should be covered in the FTC’s investigation include:

  • What personal data educational technology services and providers collect from children and teens;
  • How they obtain consent for this collection;
  • How long they retain students’ data and what their process is for deleting student data;
  • Whether they offer incentives for schools to integrate their products and services into their systems, and whether they offer incentives, such as financial discounts, for adults to consent to children’s data collection; 
  • What third parties they work with to collect and process children’s information;
  • Whether they sell or share children’s data, including to affiliated companies and data brokers;
  • Whether they use geolocation information for marketing to children, and if so, how they do so; and
  • How they collect and process children’s biometric information, including facial recognition data.