What is CIPA? Children’s Internet Protection Act (CIPA)
The Children’s Internet Protection Act (CIPA) was enacted by Congress in 2000 to address concerns about children’s access to obscene or harmful content over the Internet. In early 2001, the FCC issued rules implementing CIPA and provided updates to those rules in 2011. Schools and libraries subject to CIPA are required to adopt and implement an Internet safety policy addressing:
a) Access by minors to inappropriate matter on the Internet;
b) The safety and security of minors when using electronic mail, chat rooms and other forms of direct electronic communications;
c) Unauthorized access, including so-called “hacking,” and other unlawful activities by minors online;
d) Unauthorized disclosure, use, and dissemination of personal information regarding minors; and
e) Measures restricting minors’ access to materials harmful to them.
What is COPPA? Children’s Online Privacy Protection Act (COPPA)
Congress enacted the Children’s Online Privacy Protection Act, 15 U.S.C. §6501, et seq. (COPPA) in 1998. COPPA required the Federal Trade Commission to issue and enforce regulations concerning children’s on- line privacy. The Commission issued an amended Rule on December 19, 2012 that became effective on July 1, 2013.
The primary goal of COPPA is to place parents in control over information collected from their young children online. The Rule was designed to protect children under age 13 while accounting for the dynamic nature of the Internet. The Rule applies to operators of commercial websites and online services (including mobile apps) directed to children under 13 that collect, use, or disclose personal information from children, and operators of general audience websites or online services with actual knowledge that they are collecting, using, or disclosing personal information from children under 13.
Can an educational institution consent to a website or app’s collection, use or disclosure of personal information from students?
Yes. Many school districts contract with third-party website operators to offer online programs solely for the benefit of their students and for the school system – for example, homework help lines, individualized education modules, online research and organizational tools, or web-based testing services. In these cases, the schools may act as the parent’s agent and can consent to the collection of kids’ information on the parent’s behalf. However, the school’s ability to consent on behalf of the parent is limited to the educational context – where an operator collects personal information from students for the use and benefit of the school, and for no other commercial purpose.
Under what circumstances can an operator of a website or online service rely upon an educational institution to provide consent?
Where a school has contracted with an operator to collect personal information from students for the use and benefit of the school, and for no other commercial purpose, the operator is not required to obtain consent directly from parents, and can presume that the school’s authorization for the collection of students’ personal information is based upon the school having obtained the parents’ consent.
Do Google products meet compliance requirements for use by students and children?
More than 40 million students rely on G Suite for Education. G Suite for Education complies with the U.S. Family Educational Rights and Privacy Act (FERPA), and our commitment to do so is included in our agreements. We contractually require G Suite for Education schools to obtain parental consent regarding the use of our service in conformity with the U.S. Child Online Privacy Protection Act (COPPA), which facilitates compliance with COPPA requirements.
Google for Education Privacy and Security Information - https://www.google.com/edu/trust/
Does Google use the Salem School District’s data in G Suite for Education for advertising purposes?
G Suite for Education services do not collect or use student data for advertising purposes or create advertising profiles.
Gmail for consumers and G Suite for Education users runs on the same infrastructure, which helps us deliver high performance, reliability, and security to all of our users. However, G Suite is a separate offering that provides additional security, administrative, and archiving controls for education, business, and government customers.
Like many email providers, we perform scanning in Gmail to keep our customers secure and to improve their product experience. In Gmail for G Suite for Education, this includes virus and spam protection, spell check, relevant search results and features, such as Priority Inbox and auto-detection of calendar events. Scanning to provide product features is done on all incoming emails and is 100% automated. We do not scan G Suite for Education emails for advertising purposes.
Additionally, we do not collect or use any information stored in Apps for Education users’ Google Drive or Docs (or Sheets, Slides, Drawings, Forms) for any advertising purposes.
Users who have chosen to show Adsense ads on their Google Sites will still have the ability to display those existing ads on their websites. However, it will no longer be possible to edit or add new AdSense ads to existing sites or to new pages.