Privacy and Children's Data - An Overview of the Children's Online Privacy Protection Act and the Family Educational Rights and Privacy Act

Abstract

Privacy law in the United States is a complicated patchwork of state and federal caselaw and statutes. Harvard Law School’s Cyberlaw Clinic, based at the Berkman Center for Internet & Society, prepared this briefing document in advance of the Privacy Initiative's April 2013 workshop, Student Privacy in the Cloud Computing Ecosystem, to provide a high-level overview of two of the major federal legal regimes that govern privacy of children’s and students’ data in the United States: the Children’s Online Privacy Protection Act (COPPA) and the Family Educational Rights and Privacy Act (FERPA). This guide aims to offer schools, parents, and students alike a sense of some of the laws that may apply as schools begin to use cloud computing tools to help educate students. Both of the relevant statutes – and particularly FERPA – are complex and are the subjects of large bodies of caselaw and extensive third-party commentary, research, and scholarship. This document is not intended to provide a comprehensive summary of these statutes, nor privacy law in general, and it is not a substitute for specific legal advice. Rather, this guide highlights key provisions in these statutes and maps the legal and regulatory landscape.