August 7, 2020

Volume X, Number 220

August 07, 2020

Subscribe to Latest Legal News and Analysis

August 06, 2020

Subscribe to Latest Legal News and Analysis

August 05, 2020

Subscribe to Latest Legal News and Analysis

The Impact of Data Protection on Children

Many readers may be reading this blog when a notification from their fitness tracker pops up instructing them to stand up. Children are now beginning to wear trackable devices too. These devices are connected to the internet and may process a child’s personal data. Many children have and use social media accounts and there is the additional digitization of health and school records, which increases the online data trail of a child.

The collection of children’s personal data is an area of concern for both the Children’s Commissioner and the ICO. The GDPR and the UK Data Protection Act 2018, therefore, require extra measures to be taken when children’s data is collected. In the UK, a child must be at least 13 years old in order to consent to the processing of their personal data. If the personal data of a child (below 13) is collected, a parent or guardian must provide consent or authorize the processing of such data. Additionally, organizations are to make “reasonable efforts” to verify such authorization, including any cookie consents.

Recently, there have been calls for organizations like toy manufacturers to be even more transparent about how they handle children’s data, for example, by specifying how a child’s data may be processed on the packaging of the product.

The ICO has commissioned a consultation into how the requirements relating to the protection of children’s data under the GDPR and the DPA are best implemented in practice with the aim of producing an Age Appropriate Design Code. This code will set design standards expected of producers/suppliers of web services and apps aimed at children.

The Information Commissioner may take these design standards into account when enforcing its regulatory powers. The consultation has now closed, but we will keep you updated of any developments in this area.

© Copyright 2020 Squire Patton Boggs (US) LLPNational Law Review, Volume VIII, Number 351


About this Author

Emaa Yaltaghian Squire PB Data Privacy Lawyer

Emma Yaltaghian is a member of our Data Privacy & Cybersecurity team. Emma advises clients on all aspects of compliance with the EU GDPR and UK Data Protection Act 2018, as well as the EU ePrivacy rules.

Emma also assists the EMEA Communications Practice by providing regulatory advice.

Emma has successfully project managed numerous data protection compliance projects, including conducting detailed gap analysis and remediation.

Emma has advised clients in data breach scenarios, including cross-border data breaches. She has also advised on whether or not notification...

+44 20 7655 1515