Embedded Files
This page contains information on US federal and state laws regarding privacy, including education records, children's safety, and health privacy. Also included are the privacy policies and terms of service (TOS) agreements for eight of the most popular social media sites. At the end, you'll find additional resources.
US Federal and State Laws and Regulations
US Federal and State Laws and Regulations
COPPA
COPPA
The Children’s Online Privacy Protection Act (COPPA) regulates how data websites and online services may collect data from children under 13 years old. Regulations include: verifiable consent must be obtained from the parents before gathering any information on young users; they must have a clear, understandable privacy policy that goes over how and why data is collected, and; any collected data must be kept secure and confidential. Schools are able to provide the required consent for students' use of educational websites that comply with COPPA.
The 2025 update to COPPA clarified the obligations of websites and other services that collect kids' data. Some of the updated provisions include enhanced retention requirements, increased transparency, and stronger limits on data sharing.
CIPA
CIPA
The Children’s Internet Protection Act (CIPA) mandates that schools and libraries that receive E-Rate discounts must implement specific protections on technology that accesses the internet. This includes web filters and to block and/or restrict access to content that would be deemed harmful and inappropriate for children, as well as monitoring of online activity. The policies that dictate how these filters and monitoring systems work must be publicly available.
The 2012 (passed 2008, enforced 2012) update to CIPA mandated that the FTC "provide a nationwide program that promotes children’s safe use of the internet." Practically, this translates to requiring schools to design and implement programs to meet this goal.
FERPA
FERPA
The Family Educational Rights and Privacy Act (FERPA) protects the privacy of your educational records. It rules that parents have access to their child's education records before they turn 18, and once the student turns 18 the access right transfers to them as an 'eligible student'.
HIPAA
HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) protects your right to your health information and sets regulations and limits on who can view and receive your protected health information. Generally, this is your immediate care team (doctor, pharmacy, insurance provider), and only for your care needs.
Student safety and privacy laws in the US
Student safety and privacy laws in the US
Plain language introduction to COPPA and CIPA
Plain language introduction to COPPA, CIPA, and FERPA
US State level safety and privacy regulations
US State level safety and privacy regulations
US laws on digital protection and safety online beyond these acts are regulated largely on the state level. Visit the resources below to see which states have protections and regulations and what they cover.
"Data Privacy Laws by State: A Complete US Guide"
Terms of Service Agreements and Privacy Policies
Terms of Service Agreements and Privacy Policies
Additional Resources
Additional Resources
Overview of privacy laws in the US
Part one and part two of in-depth guide to securing your digital life
Non-profit organization for social media safety and consumer protections
Non-profit organization that educates people about online safety, privacy and digital wellness
Page updated
Google Sites
Report abuse