ICO Children’s Data Rules Meet With Divided Response

Proposed regulations aimed at protecting children’s data online have been met with a mixed response, with some concerned it could disrupt online services or increase the monopoly power of large tech firms.

The Information Commissioner’s Office’s (ICO) last week introduced the Age Appropriate Design Code, a set of 15 standards intended to protect the way children’s data is collected and used online.

It is intended to provide children with an increased level of data protection by default, with privacy settings automatically set to a high level, and restrictions on features such as location services and tailored advertising.

“Personal data often drives the content that our children are exposed to – what they like, what they search for, when they log on and off, and even how they are feeling,” said information commissioner Elizabeth Denham.


Privacy

“In an age when children learn how to use an iPad before they ride a bike, it is right that organisations designing and developing online services do so with the best interests of children in mind. Children’s privacy must not be traded in the chase for profit.”

The ICO is to be given enforcement powers under the GDPR to back up the rules, including fines of up to £17 million or 4 percent of global turnover.

The rules are said to be the first of their kind in the world, although similar schemes are under consideration in Europe and the US.

The standards were introduced in the Data Protection Act of 2018 and the code was submitted to the government in November.

It is now set to move through a statutory process, first being submitted to the European Commission for review under the UK’s ongoing obligations as a member of the EU.

After a three-month standstill period, it is to be laid before Parliament and, if approved, organisations are to be given a 12-month transition period to update their practice and services, with the code’s provisions expected to come into force late next year.

Age-gating

While privacy advocates have welcomed the changes, some are concerned they could be overly broad, forcing large sections of the internet to impose “age-gating” mechanisms.

Industry group TechUK, which represents Google, Amazon, Facebook and others, commented that the rules could lead to unnecessary age-gating.

Some start-ups, meanwhile, are concerned the changes could favour large tech firms, which would be more easily able to absorbe the costs of compliance.

The regulation takes an overly “broad-brush” approach that could harm smaller firms, an unnamed person close to the start-up industry told the Financial Times.

But the ICO said new rules are necessary to adapt to the digital age.

“One in five internet users in the UK is a child, but they are using an internet that was not designed for them,” said information commissioner Denham.

“There are laws to protect children in the real world – film ratings, car seats, age restrictions on drinking and smoking. We need our laws to protect children in the digital world too.”

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago