COPPA Catastrophe: How Tech Companies Harvest Children's Data While the FTC Sleeps

TL;DR COPPA (Children's Online Privacy Protection Act) is supposed to protect kids under 13 from data harvesting. EdTech companies are violating it at scale: collecting without parental consent, selling behavioral profiles to advertisers, profiling kids for ad targeting. The FTC has filed 4 major enforcement actions in 2 years — all against companies that collected data from 10M+ children. Zero companies paid significant fines. None went out of business. The law is broken. What You Need To Know COPPA covers : Online services targeting children under 13 (schools, gaming, social, EdTech) COPPA prohibits : Collecting personal info without verifiable parental consent What's actually happening : EdTech companies collect names, ages, locations, device IDs, behavioral data — then sell to ad networks FTC enforcement : 4 major suits filed (2024-2026). TikTok, YouTube Kids, Amazon Alexa, and Meta all violated COPPA Fines issued : $5.7B total across 4 cases — but paid by parent companies with $10