Online Tracking of Kids and Teens by Means of Invisible Images: COPPA vs. GDPR

Document Type


Publication Date



The recent news of a large-scale online tracking campaign involving Facebook users, which gave way to systematic misuse of the collected user-related data, have left millions of people deeply concerned about the state of their online privacy as well as the state of the overall information security in the cyber world. While most to-date revelations pertaining to user tracking are related to websites and social media generally intended for adult online users, relatively little is known about the prevalence of online tracking in websites geared towards children and teens. In this paper, we first provide a brief overview of two laws that seek to protect the privacy of kids and teens online ? the US Children's Online Privacy Act (COPPA) and the EU General Data Protection Regulation (GDPR). Subsequently, we present the results of our study which has looked for potential signs of user tracking in twenty select children-oriented websites in case of a user located in the USA (where COPPA is applicable) as well as a user located in the EU (where GDPR is applicable). The key findings of this study are alarming as they point to overwhelming evidence of widespread and highly covert user tracking in a range of different children-oriented websites. The majority of the discovered tracking is in direct conflict with both COPPA and GDPR, since it is performed without parental consent and by third-party advertising and tracking companies. The results also imply that, relative to their US counterparts, the children residing in the EU may be somewhat less subjected (but are still significantly exposed) to tracking by third-party companies.



Find in your library

Off-Campus WSU Users