Support » Requests and Feedback » Not in compliance with COPPA (federal law)

  • Please modify your software so that it is in compliance with COPPA rules. We are not allowed to collect email addresses of minors without written permission of the parent.

    Right now the software is violating federal law.

    The system needs to prescreen subscribers and those under 13 can not have persional information stored in the database. Its ok to mail them a password but we can not store any persional information about them, including the email address.

    I have modified my signup screens in my copy to send minors to another screen telling them they can not subscribe but this is only a work arround.
    We need a special minor subscription level built in the software that way minors can make post but we will not have any persional info on them..

Viewing 15 replies - 16 through 30 (of 46 total)
  • Mark (podz)


    Support Maven

    If I create a hardcore bestiality site with WP, then why should I be asking WP coders to provide the access scripts ?

    WP is a tool. It is not the whole toolbox is it ?

    I really do not see this as having the slightest thing to do with WP.

    Mark (podz)


    Support Maven

    Oh – federal law ?
    I’m in the UK, and there is a LOT of non-US users too.

    Whoa. The question is still a WP issue.

    Is there a user level setting or way of setting up WP so that commentors do not have to have any of their email or IP information saved to the site (cookies or whatever method it is done by)?

    I think this whole thing is frankly a bit out there – what’s being suggested is that WP – a tool to and end include within it some procedure to ensure that a law in a certain state is adhered to.

    This is not WP problem, this is the creators problem. There might be a plugin for this, but if you read what brainwidth actually quote it only applies to specific areas. To request that this be a part of WP is nuts, because (contrary to popular belief) there is a world outside of the US where these laws are not applicable. This is a matter of the USER making the correct adjustments to LOCALISE a WP installation.

    Should we have inbuilt procedurs to stop stop a muslim from visiting a site because it may contain material that will offend (no offence to anyone who might be a muslim). Or should we take into account federal laws for every country that WP might possibly installed in?

    Why is this a WordPress problem?

    And if you will excuse me I am not going put myself under the jurisdiction of US law. Or do anything to accomodate it.

    Realistically, a software application *should* take into account all federal laws, regardless of origin. The only ones applicable are the ones that affect either the owner of the site or the location of the server (for example, I’m Canadian, but my main server is in Iowa, therefore I *should* have COPPA warnings on my sites, since their physical location is within US jurisdiction – but I can feel free to ignore China’s anti-government censorships).

    An argument could be made by someone regarding your site’s “primary audience” – so if most of your readers come from the US, you *should* have the COPPA warnings. It’s safer that way.

    In the end, something like this should either be part of the WP core or distributed as a plugin *included* with WP.

    Most US laws regarding the internet are stupid and short-sighted, but this isn’t one of them. It’s worth doing.

    RustIndy – forums have this sort of things because they take more info than a comment page: they require name, age, username, password, email, location, contact details blah blah.

    If someone wants to do this as a plugin then great, but I still cannot understand how anyone can make WP responsible for the content of other people’s sites. It is utterly ludicrous.

    Do I sue Al Gore for signing the agreement that kickstarted the Internet and for exposing me to the possibly of material that may offend me or my family? Do I sue sites which may possibly contain material that will offend me even if I don’t visit it? I can’t sue MS for not warning me that the Internet is full of “bad sites” which use “Best Viewed in IE” standards.

    Stop making WP responsible for content – it’s job is to display content, not to decide how people use it and what rules to follow. WP in no way breaks any federal law that I can see because it allows the USER to decide who can and cannot register. The onus is on the user.

    I don’t think it’s unreasonable to make this a plugin, and to make it available – but it should not be a core part of WP, nor should it be bundled, because it’s a plugin for the US only, what good are those extra kb of crap for a law that only applies to one continent that apply to no one else?

    Mark (podz)


    Support Maven

    If this gets into the core, I’ll dump WP.

    Ryan Boren


    WordPress Dev

    Yes, this is plugin territory. There are too many countries and too many laws. It’s up to you to be compliant with COPPA, the EU Directive on Data Protection, US/EU Safe Harbor, or whatever laws may apply to you. If someone writing such a plugin needs an extra plugin hook in WP core to make the plugin possible, we could add that.

    I’ll add that anyone who undertakes to write such a plugin is going to have to familiarize him/herself with laws in various countries, state which countries’ laws are being complied with in the software, and be prepared for people relying on the software to cover their legal bases. Even if I could, I wouldn’t write such a piece of software.

    This is almost akin to requiring Macromedia to have a plugin for updated world-wide privacy policies in its software.

    Somewhere along the line, website owners need to take responsibility for their websites regardless of who writes the software — and I say that with all due respect. Requiring software geeks to cover legal bases is asking too much, in my view. (I don’t ask my lawyer to write software, either. Ever.)

    Simple fix — don’t allow anyone who is 13 or under to post a reply on your site. Just state in the comment section that those who comment must be over the age of 13. Problem solved. 🙂

    WP is a tool. The developers are not responsible for anything. It is up to the user of the tool to do what he or she thinks is right. There is enough functionality in WP for each user to add whatever he or she thinks is necessary.

    You can put a blurb in the Comments php and the Registration php that will say something catchy about having to be older than 13 or 16 or whatever age to post a comment or register.


    Okay, folks. WAY WAY out of control. Yes, I understand that the poster started a fire, but can we please answer the technical question:

    Is there a user level setting or way of setting up WP so that commentors do not have to have any of their email or IP information saved to the site (cookies or whatever method it is done by)?

    The question is a technical one, not philosophical or political. It’s up to the poster to warn and do other things on their site, but let’s tackle the technical question. Is this possible? If not, then that’s a different issue the poster will have to figure out.

    Moderator James Huff


    Volunteer Moderator 🚀

    Okay, folks. WAY WAY out of control.

    I’ll have to agree with that one. IMO, a concerned US citizen and WordPress plugin developer should develop a plugin with this functionality so that concerned US citizens and WordPress users will have the option of installing and activating said plugin, end of story. No changes should be made to the WordPress core for this issue.

    Disclaimer: I am not a plugin developer.

    As many people have pointed out, this isn’t just a U.S. issue. However, it is a big enough issue overall that providing some basic level of core support to it should be considered in a next round (maybe as a hack/plugin in the interim). But it got me wondering: what do OTHER blog programs do for this same issue? I’ve seen the over-13 side of many a phpBB forum registration, but never the other side. Does it as for a parental email address and wait to unlock the account until the parental-response allows it?

    I disagree with how Podz last responded to this topic (“If this gets into the core, I’ll dump WP”), and think Lorelle’s questions back did a good job trying to get more information out of the poster. I’ll assume for the moment Podz was trying to say: the person hosting the site (“the website operator”), and not the maker of the software, is responsible for the data collection and how it applies to local laws. WP could >help<, but is in no way responsible. You can modify the software all you want to make it as compliant as you need for your site.

    Certainly, WP could try to make an easier jumping-off point for better compliance for those who want to or need to be in compliance with COPPA or other localities’ laws and regulations.

    At the least:

    – the registration page should have a checkbox/radio for stating over/under 13, and a redirect-page for handling under-13 processing… Which for the moment should be left up to the site developer to decide whether to say “You can’t sign up” or “A parent must sign up for you” or whatever. Then again, having a few ‘solutions’ ready to drop in wouldn’t be hard.

    – maybe we could work up a ‘universal privacy policy’ page for WP blogs, that at least outlines what WP core requests and stores. it’d have to be modified on a site by site basis in lots of cases, but better to start from something than nothing.

    – I’m not sure what can be done about Comments. Name & Email are used to firmly verify a person and not a bot. A disclaimer is one quick way to try and get around this.

    – Someone with better knowledge could say whether IP address tracking is an issue in the slightest. Without personally-identifiable data, like Name, Address, Phone, an IP address really isn’t personally-identifying.

    Disclaimer: I’m not a lawyer, and wouldn’t ever think of anything I say as being legal advice. If you need legal advice, PAY A LAWYER. 😉


Viewing 15 replies - 16 through 30 (of 46 total)
  • The topic ‘Not in compliance with COPPA (federal law)’ is closed to new replies.