Parental Consent

Parental consent is the permission that must be obtained from a parent or legal guardian before collecting, using, or disclosing personal information from children. This requirement recognizes that children may not fully understand the implications of sharing their data online and need adult protection. Under COPPA, operators of websites or online services directed to children under 13, or those with actual knowledge they're collecting data from children, must obtain verifiable parental consent before collecting personal information. The method of obtaining consent must be reasonably designed to ensure the person providing consent is actually the child's parent. Acceptable methods vary by risk level and include signed consent forms, credit card verification, video conferencing, or government ID verification. For low-risk uses like internal communications or one-time activities, email-plus method (sending notice to parent and getting email consent) may suffice. The GDPR requires parental consent for information society services offered to children, with the age threshold ranging from 13-16 depending on member state. Parental consent must be as easy to withdraw as it was to give, and parents have the right to review and delete their child's information.