Laws in various jurisdictions regulate the collection and use of data from or about children, including based on activity on Child Sites. By Child Site we mean a site or app that is directed to or intended for children under (i) the age of 13 if the user is located in the US, (ii) the age required for parental consent, as determined by the laws of the Member State in which the child resides, if the child is located if the EEA, or (iii) the age defined by the laws or regulations of the given jurisdiction if the child is located outside the US and EEA.
In the US, the Children’s Online Privacy Protection Act of 1998 (COPPA) regulates the online collection and use of personal information from or about children. Under US Federal Trade Commission (FTC) rules implementing COPPA, it is prohibited (i) to create or update a user profile based on an activity (such as a click or a visit) on a child-directed site or app and/or (ii) to deliver an ad based on prior online activity to a user on a Child Site.
In the EEA, the General Data Protection Regulation (EU) 2016/679 (GDPR) regulates the processing of personal data from or about children. Under the GDPR, the processing of the personal information of a child is prohibited where the child is younger than 16 (or the age required for parental consent as determined by the laws of the Member State in which the child resides) unless consent is given or authorized by the holder of parental responsibility of the child.
For COPPA or other applicable laws, rules, and regulations, including GDPR, Xandr regulates the collection and use of data on Child Sites:
- Ads served on sites identified as child-directed on the Xandr platform may not be targeted based on prior online activity, i.e. behaviorally targeted or retargeted. Contextual ads may continue to be served on Child Sites. Targeting an ad based on prior online activity to a Child Site is prohibited.
- In connection with your use of the Pontiac Intelligence platform, you may not:
- Associate any behavioral or interest-based information about an impression from a Child Site with a user or unique identifier.
- Target an ad based on prior online activity to a user on a Child Site.
- Create segments specifically targeting children under the age of 13 without parental consent.
- Collect or use personal identifiers or other personal information, e.g. cookie IDs, IP addresses, device IDs, or precise geolocation information, related to impressions on Child Sites.
Identifying Child Sites
- Pontiac Intelligence, in the course of its standard inventory auditing process (i.e., for sites submitted for Pontiac Intelligence audit), will use reasonable procedures designed to identify and categorize Child Sites.
- Pontiac Intelligence provides configuration parameters for sellers to self-identify Child Sites.