Privacy Abbreviated

COPPA, State Privacy, & Teens Online: How Companies Can Prepare for 2026

Children’s privacy and teen data protections are rapidly evolving, creating major challenges for businesses operating online. In this episode of Privacy Abbreviated, host Dona Fraser sits down with Sheila Millar, Partner of Keller & Heckman, to unpack what companies must understand about COPPA compliance, age verification laws, state privacy requirements, and emerging AI-driven risks as we head into 2026. As new state laws expand beyond COPPA and introduce conflicting standards, many businesses struggle to understand what applies to them, how to operationalize compliance, and what to do when their platforms may be accessed by children or teens—intentionally or not. Our experts break down the realities of today’s regulatory landscape, including the rise of data minimization, privacy by design, and growing expectations around vendor oversight and third-party data handling. Together, Dona and Sheila explore: The biggest misconceptions companies have around children’s data How AI, personalized content, and social media complicate compliance What to do if you’ve accidentally collected minors’ data Practical steps companies can take to build trust with families This episode offers clear, actionable guidance to help businesses navigate regulatory uncertainty, reduce compliance risk, and build safer digital experiences for children and teens. Related Resources: Children’s Advertising Review Unit (CARU) CARU Privacy Guidelines Revised COPPA Rule (in effect April 2026) Australia Ban on Social Media Executive Order on State AI Laws Show Notes: 00:00 – Welcome and guest introduction 02:04 – Why children’s and teen privacy is so confusing in the U.S. 08:36 – What SMBs misunderstand about collecting children’s or teens’ data 18:13 – AI, social media, and responsibly engaging young audiences 27:17 – Targeting kids and teens: product strategy and regulatory risk 35:10 – When you realize you collected minors’ data by accident 40:26 – Low-cost steps SMBs can take to build trust 44:25 – What’s coming next: state laws, AI, litigation, and liability 49:31 – A single principle for staying ahead 53:50 – Closing insights The post COPPA, State Privacy, & Teens Online: How Companies Can Prepare for 2026 appeared first on BBB National Programs.

Part II: The Laws Governing Online Moderation and Safety

How should platforms navigate the growing patchwork of online safety and moderation laws across the U.S., UK, EU, and beyond? In this episode, Dona Fraser and Izzy Neis of ModSquad explore the UK’s Online Safety Act (OSA), the EU’s Digital Services Act (DSA), and U.S. laws like Section 230 and COPPA. We tackle key questions like: What is the Online Safety Act and how does it affect platforms? How do OSA and DSA differ? What do Section 230 and COPPA mean for content moderation and child online safety? From free speech challenges to compliance reporting requirements, learn how platforms can strengthen moderation programs, prepare for global regulations, and build trust and safety by design. Related Resources: Listen to Part I: What does safety online really mean? UK Online Safety Act EU Digital Safety Act More about ModSquad Show Notes: 00:00 – Introduction: Overview of trust & safety in children’s online space. 02:00 – OSA & DSA: How UK and EU laws explicitly require moderation. 08:00 – Section 230 & COPPA: U.S. protections and child privacy laws. 14:00 – Global Patchwork: State-by-state challenges and geofencing issues. 20:00 – Age Verification Laws: Texas example and app developer liability. 30:00 – Moderation Costs & Compliance: Building sustainable frameworks. 37:00 – Tech & Human Moderation: Emerging tools and hybrid approaches. 44:00 – Final Takeaways: Best practices for platforms preparing for new laws. The post Part II: The Laws Governing Online Moderation and Safety appeared first on BBB National Programs.

Part I: What does safety online really mean?

Increasingly, regulators and platforms are moving from a “privacy-first” mindset (think data minimization, parental consent, etc.) to a broader “safety‑by‑design for all minors” mindset (think age assurance, risk assessments, content/algorithmic controls), with real tensions around areas like autonomy and use of AI. In part one of this two-part episode of Priv, Dona Fraser is joined by Izzy Neis of ModSquad to discuss this shift from privacy to safety, explore behind the curtain of how “safety online” takes shape in the real world, and break down how to operationalize ‘safety by design,’ including where things typically go wrong. Chapters 00:00 Introduction to Privacy in Digital Spaces 02:49 The Importance of Child Safety Online 13:18 Mod Squad’s Role in Content Moderation 17:58 Challenges in Moderating Content for Kids 29:04 Design Mistakes Increasing Risks for Young Users 37:15 Conclusion and Future Considerations The post Part I: What does safety online really mean? appeared first on BBB National Programs.

Operational Realities in Tween Privacy

This is not just a conversation for those operating in the child or teen space. This conversation is for companies operating online. Full stop.  Join host Dona Fraser and her returning guest, Morgan Reed, President of the App Association, as they focus this episode of Privacy Abbreviated on the constantly evolving ecosystem of protecting children and teens online. From verifiable parental consent, to age appropriate design, to language like “all platforms must provide..,” Dona and Morgan break down the state and federal laws and proposals that are impacting companies across the board.  Key Takeaways 00:00 Introduction to Privacy Challenges for Children and Teens 02:47 Legislative Landscape and Its Impact on Businesses 05:43 Understanding Age Verification Requirements 08:58 The Cost of Compliance and Operational Challenges 11:45 Navigating Parental Consent and Data Collection 14:41 The Complexity of Age Definitions in Legislation 17:33 Risk Analysis for Businesses in a Changing Legal Environment 20:56 First Amendment Challenges and Broader Implications 23:49 The Burden on Small Businesses and Compliance Costs 26:47 The Role of Platforms in Age Verification 29:37 Future of Privacy Legislation and Business Practices 32:29 Global Perspectives on Age Verification and Compliance 35:45 Conclusion and Call to Action for Businesses The post Operational Realities in Tween Privacy appeared first on BBB National Programs.

Please Don’t Copy and Paste: Getting Privacy Policies Right

Whether your company has 5 employees or 500, if you operate online, you’re collecting user data—and that means you must have a privacy policy. But having a privacy policy isn’t just a legal requirement; it’s a powerful statement of your company’s ethics and values. Done right, it reflects a genuine commitment to transparency, accountability, and user trust. Unfortunately, too many businesses treat it as just another box to check. In this episode of Priv, host Dona Fraser is joined by Wills Catling, Director at Myna Partners, for a candid and comprehensive conversation on what it really takes to get a privacy policy right. Together, they unpack the critical elements of a strong policy—from risk management and accountability to opt-in vs. opt-out frameworks, cookie strategies, and how to navigate the patchwork of state, federal, and international regulations.  Key Takeaways 00:00 Introduction to Privacy Policies 03:25 Understanding Internal Governance for Privacy 08:04 The Importance of Accountability in Privacy 11:32 The Role of Privacy Notices as Contracts 17:50 Distinguishing Accountability from Internal Controls 20:52 Training and Compliance in Data Privacy 27:27 Common Mistakes in Drafting Privacy Notices 32:10 Building Trust Through Transparency 36:03 Navigating Opt-In vs. Opt-Out Consent 40:31 The Future of Cookie Banners and User Consent 44:24 The Challenge of Obtaining Informed Consent 46:08 Creating Effective Privacy Policies Additional Resources: Myna Partners The post Please Don’t Copy and Paste: Getting Privacy Policies Right appeared first on BBB National Programs.