Category Archives: Privacy Abbreviated

COPPA, State Privacy, & Teens Online: How Companies Can Prepare for 2026

Privacy Abbreviated

Podcast (privacyabbreviated): Play in new window | Download (Duration: 52:16 — 72.0MB) | Embed

Subscribe: Apple Podcasts | Spotify | RSS

Children’s privacy and teen data protections are rapidly evolving, creating major challenges for businesses operating online. In this episode of Privacy Abbreviated, host Dona Fraser sits down with Sheila Millar, Partner of Keller & Heckman, to unpack what companies must understand about COPPA compliance, age verification laws, state privacy requirements, and emerging AI-driven risks as we head into 2026.

As new state laws expand beyond COPPA and introduce conflicting standards, many businesses struggle to understand what applies to them, how to operationalize compliance, and what to do when their platforms may be accessed by children or teens—intentionally or not. Our experts break down the realities of today’s regulatory landscape, including the rise of data minimization, privacy by design, and growing expectations around vendor oversight and third-party data handling.

Together, Dona and Sheila explore:

  • The biggest misconceptions companies have around children’s data
  • How AI, personalized content, and social media complicate compliance
  • What to do if you’ve accidentally collected minors’ data
  • Practical steps companies can take to build trust with families

This episode offers clear, actionable guidance to help businesses navigate regulatory uncertainty, reduce compliance risk, and build safer digital experiences for children and teens.

Related Resources:
Children’s Advertising Review Unit (CARU)
CARU Privacy Guidelines
Revised COPPA Rule (in effect April 2026)
Australia Ban on Social Media
Executive Order on State AI Laws

Show Notes:
00:00 – Welcome and guest introduction
02:04 – Why children’s and teen privacy is so confusing in the U.S.
08:36 – What SMBs misunderstand about collecting children’s or teens’ data
18:13 – AI, social media, and responsibly engaging young audiences
27:17 – Targeting kids and teens: product strategy and regulatory risk
35:10 – When you realize you collected minors’ data by accident
40:26 – Low-cost steps SMBs can take to build trust
44:25 – What’s coming next: state laws, AI, litigation, and liability
49:31 – A single principle for staying ahead
53:50 – Closing insights

Part II: The Laws Governing Online Moderation and Safety

Privacy Abbreviated, , ,

Podcast (privacyabbreviated): Play in new window | Download (Duration: 45:02 — 62.0MB) | Embed

Subscribe: Apple Podcasts | Spotify | RSS

How should platforms navigate the growing patchwork of online safety and moderation laws across the U.S., UK, EU, and beyond? In this episode, Dona Fraser and Izzy Neis of ModSquad explore the UK’s Online Safety Act (OSA), the EU’s Digital Services Act (DSA), and U.S. laws like Section 230 and COPPA.

We tackle key questions like: What is the Online Safety Act and how does it affect platforms? How do OSA and DSA differ? What do Section 230 and COPPA mean for content moderation and child online safety?

From free speech challenges to compliance reporting requirements, learn how platforms can strengthen moderation programs, prepare for global regulations, and build trust and safety by design.

Related Resources:

Show Notes:

  • 00:00 – Introduction: Overview of trust & safety in children’s online space.
  • 02:00 – OSA & DSA: How UK and EU laws explicitly require moderation.
  • 08:00 – Section 230 & COPPA: U.S. protections and child privacy laws.
  • 14:00 – Global Patchwork: State-by-state challenges and geofencing issues.
  • 20:00 – Age Verification Laws: Texas example and app developer liability.
  • 30:00 – Moderation Costs & Compliance: Building sustainable frameworks.
  • 37:00 – Tech & Human Moderation: Emerging tools and hybrid approaches.
  • 44:00 – Final Takeaways: Best practices for platforms preparing for new laws.

Part I: What does safety online really mean?

Privacy Abbreviated, , ,

Podcast (privacyabbreviated): Play in new window | Download (Duration: 38:57 — 53.7MB) | Embed

Subscribe: Apple Podcasts | Spotify | RSS

Increasingly, regulators and platforms are moving from a “privacy-first” mindset (think data minimization, parental consent, etc.) to a broader “safety‑by‑design for all minors” mindset (think age assurance, risk assessments, content/algorithmic controls), with real tensions around areas like autonomy and use of AI.

In part one of this two-part episode of Priv, Dona Fraser is joined by Izzy Neis of ModSquad to discuss this shift from privacy to safety, explore behind the curtain of how “safety online” takes shape in the real world, and break down how to operationalize ‘safety by design,’ including where things typically go wrong.

Chapters

00:00 Introduction to Privacy in Digital Spaces
02:49 The Importance of Child Safety Online
13:18 Mod Squad’s Role in Content Moderation
17:58 Challenges in Moderating Content for Kids
29:04 Design Mistakes Increasing Risks for Young Users
37:15 Conclusion and Future Considerations

Operational Realities in Tween Privacy

Privacy Abbreviated,

Podcast (privacyabbreviated): Play in new window | Download (Duration: 51:22 — 70.7MB) | Embed

Subscribe: Apple Podcasts | Spotify | RSS

This is not just a conversation for those operating in the child or teen space. This conversation is for companies operating online. Full stop. 

Join host Dona Fraser and her returning guest, Morgan Reed, President of the App Association, as they focus this episode of Privacy Abbreviated on the constantly evolving ecosystem of protecting children and teens online. From verifiable parental consent, to age appropriate design, to language like “all platforms must provide..,” Dona and Morgan break down the state and federal laws and proposals that are impacting companies across the board. 

Key Takeaways

00:00 Introduction to Privacy Challenges for Children and Teens
02:47 Legislative Landscape and Its Impact on Businesses
05:43 Understanding Age Verification Requirements
08:58 The Cost of Compliance and Operational Challenges
11:45 Navigating Parental Consent and Data Collection
14:41 The Complexity of Age Definitions in Legislation
17:33 Risk Analysis for Businesses in a Changing Legal Environment
20:56 First Amendment Challenges and Broader Implications
23:49 The Burden on Small Businesses and Compliance Costs
26:47 The Role of Platforms in Age Verification
29:37 Future of Privacy Legislation and Business Practices
32:29 Global Perspectives on Age Verification and Compliance
35:45 Conclusion and Call to Action for Businesses

Please Don’t Copy and Paste: Getting Privacy Policies Right

Privacy Abbreviated,

Podcast (privacyabbreviated): Play in new window | Download (Duration: 50:10 — 69.2MB) | Embed

Subscribe: Apple Podcasts | Spotify | RSS

 

Whether your company has 5 employees or 500, if you operate online, you’re collecting user data—and that means you must have a privacy policy. But having a privacy policy isn’t just a legal requirement; it’s a powerful statement of your company’s ethics and values. Done right, it reflects a genuine commitment to transparency, accountability, and user trust. Unfortunately, too many businesses treat it as just another box to check.

In this episode of Priv, host Dona Fraser is joined by Wills Catling, Director at Myna Partners, for a candid and comprehensive conversation on what it really takes to get a privacy policy right. Together, they unpack the critical elements of a strong policy—from risk management and accountability to opt-in vs. opt-out frameworks, cookie strategies, and how to navigate the patchwork of state, federal, and international regulations. 

Key Takeaways

00:00 Introduction to Privacy Policies
03:25 Understanding Internal Governance for Privacy
08:04 The Importance of Accountability in Privacy
11:32 The Role of Privacy Notices as Contracts
17:50 Distinguishing Accountability from Internal Controls
20:52 Training and Compliance in Data Privacy
27:27 Common Mistakes in Drafting Privacy Notices
32:10 Building Trust Through Transparency
36:03 Navigating Opt-In vs. Opt-Out Consent
40:31 The Future of Cookie Banners and User Consent
44:24 The Challenge of Obtaining Informed Consent
46:08 Creating Effective Privacy Policies

Additional Resources: