Children's Advertising on Facebook (COPPA)

Pix-Vu Team||3 min read
Children's Advertising on Facebook (COPPA)

Quick Answer

The Children's Online Privacy Protection Act (COPPA) and the FTC's 2025 amendments to the COPPA Rule prohibit collecting personal information from children under 13 without verifiable parental consent. On Facebook, this means no targeted advertising to under-13s, no Custom Audiences containing under-13s, and no data collection via the Pixel from sites or sections directed to children. Meta layers its own under-18 protections, including limited targeting and disclosure-only ads.

What the rule actually says

COPPA (15 USC Section 6501) and the COPPA Rule (16 CFR Part 312) apply to operators of websites or online services directed to children under 13, or with actual knowledge that they collect personal information from children under 13.

Key 2025 amendments by the FTC:

  • Restrict the use of children's data for targeted advertising even with parental consent.
  • Require separate, opt-in consent for disclosure to third parties for advertising.
  • Strengthen the data security standard.
  • Limit the use of persistent identifiers for behavioural targeting.
  • Update verifiable parental consent methods to reflect new technologies.

Meta's policies layer on top:

  • Users under 13 are not permitted on Facebook or Instagram.
  • Users 13-17 cannot be targeted by interest, behaviour or look-alike audiences (only by age, gender and location).
  • Restricted categories (alcohol, gambling, weight loss, dating) are excluded for under-18 audiences.
  • Meta processes minors under data minimisation principles.

What is allowed and what is banned

Allowed: ads from family-friendly brands targeting parents, advertising to 18+ users about products for children, and ads with neutral interest targeting that may reach 13-17 users by age and location only.

Banned: Custom Audiences containing under-13s, behavioural targeting of 13-17 users, retargeting from child-directed websites, collecting personal information from under-13s without verifiable parental consent, ads in restricted categories targeting under-18s, and Pixel firing on child-directed pages.

Step-by-step compliance setup

  1. Audit your site for child-directed content and disable the Pixel on those pages.
  2. If you operate a child-directed service, implement verifiable parental consent (signed form, government ID match, payment card verification, etc.).
  3. Update your privacy policy with COPPA-specific disclosures.
  4. Configure Meta age targeting to 18+ for any non-family-friendly product.
  5. Exclude minors from behavioural targeting and lookalike audiences.
  6. Apply Meta's restricted category exclusions for any sensitive product.
  7. Document data deletion procedures for any under-13 data inadvertently collected.
  8. Train marketing staff on the COPPA Rule and the 2025 amendments.
  9. Maintain records of every parental consent and opt-out request.
  10. Document a breach response plan with the FTC notification process.

Frequently asked questions

What is the maximum COPPA fine?
Up to USD 51,744 per violation as of 2024. The FTC has imposed multi-million-dollar settlements.

Can I run ads to parents about kids' products?
Yes, targeting parents who are 18+ is allowed and is the standard approach for kids' products.

Does Meta enforce COPPA itself?
Yes. Meta's Youth Portal and youth ad policies enforce many COPPA-aligned restrictions.

What is a verifiable parental consent method?
Signed forms, knowledge-based authentication, government ID, video conference, payment card verification, or other FTC-approved methods.

Are educational platforms exempt?
The FTC has issued limited 'school authorisation' guidance allowing schools to consent on behalf of parents for educational tools, but not for advertising.

Real fine examples

  • TikTok (Musical.ly) — USD 5.7 million (FTC, 2019) for COPPA violations.
  • YouTube/Google — USD 170 million (FTC and NY AG, 2019) for unlawful collection of children's data.
  • Epic Games (Fortnite) — USD 275 million (FTC, 2022) for COPPA violations.
  • Microsoft (Xbox) — USD 20 million (FTC, 2023) for COPPA violations.
  • Amazon Alexa — USD 25 million (FTC, 2023) for retaining children's voice data.

How Pix-Vu helps

Family-friendly brand teams use Pix-Vu to mock and pre-clear Facebook creative for COPPA, kidSAFE and Meta youth policy review — without firing the Pixel on any page that might be child-directed. https://pix-vu.com.

Ready to automate your Facebook ads?

Let AI handle your ad creative, targeting, and optimization. Launch profitable campaigns on autopilot.

Get Started Free
Back to all posts