Following a public comment period and review of iVeriFly’s proposed Children’s Online Privacy Protection (COPPA) Rule verifiable parental consent method application, the Federal Trade Commission determined it was unnecessary to approve the company’s specific method. In a letter to iVeriFly, the FTC stated that the company’s proposed method is a variation on existing methods already recognized in the Rule, or recently approved by the Commission.
In its application, iVeriFly states the initial step used to verify identity is Social Security number verification, which is already approved under the Rule. Another step involves the use of knowledge-based authentication questions. TheCommission approved knowledge-based authentication as a new verifiable parental consent method shortly after iVeriFly’s application in December 2013.
Under the COPPA Rule, online sites and services directed at children must obtain permission from a child’s parents before collecting personal information from that child. The rule lays out a number of acceptable methods for gaining parental consent, but also includes a provision allowing interested parties to submit new verifiable parental consent methods to the Commission for approval. Approved methods may be used by any company, not just the particular applicant requesting approval of the method.