Privacy & Information Security Law Blog

On October 23, 2017, the Federal Trade Commission issued a policy enforcement statement providing additional guidance on the applicability of the Children’s Online Privacy Protection Rule (“COPPA Rule”) to the collection of children’s audio voice recordings. The FTC previously updated the COPPA Rule in 2013, adding voice recordings to the definition of personal information, which led to questions about how the COPPA Rule would be enforced against organizations who collect a child’s voice recording for the sole purpose of issuing a command or request.

In the policy statement, the FTC reiterated the COPPA Rule’s requirement that websites and online services directed at children obtain verifiable parental consent before collecting an audio recording of the voice of a child under age 13. The policy statement clarifies that the FTC will not pursue enforcement action against a website operator for not obtaining this consent before collecting a voice recording when (1) the voice recording is collected solely to replace written words (e.g., to perform a search), and (2) the recording is held for a brief period of time and only for that purpose. The FTC clarified that (1) the policy does not apply where the website operator requests personal information (e.g., name) via voice recording; (2) the website operator must provide clear notice of its collection and use of voice recordings, and its deletion policy, in its privacy policy; and (3) the website operator may not use the audio file for any other purpose before its destruction. Website operators must continue to comply with COPPA’s requirements in all other respects.