Oath fined $4.95 Million for violating Children’s Online Privacy Protection Act (“COPPA”) In December, 2018, the New York State Attorney General announced a $4.95 million settlement with Oath Inc., the result of an investigation into Oath's violations of the Children’s Online Privacy Protection Act (“COPPA”). The NYAG found that Oath’s ad exchanges transferred persistent identifiers and geolocation from website users to DSP bidders in its automated auction process.  While that may be fine for websites directed to grown-up audiences, COPPA includes persistent identifiers and geolocation in its definition of “personal information.”  And under the law, companies must obtain verifiable parental consent before collecting or using children’s personal information.   But instead of seeking verifiable parental consent, Oath treated all websites (and therefore all user information) the same, despite knowledge that some ... Read More