UK lays out tough child data privacy rules

The set of standards aimed at protecting children’s online privacy were released Wednesday by the Information Commissioner’s Office for Parliament’s approval.

22 January 2020 | 13:37

Source: Associated Press

  • Source: Associated Press
  • Last update: 22 January 2020 | 13:37

In this Nov. 14, 2019, file photo, a woman checks her phone in Orem, Utah, USA. (AP Photo)

LONDON: Social media sites, games and other online services won’t be allowed to “nudge” British kids into revealing personal details or lowering their privacy settings, under tough new rules drawn up by the country’s privacy regulator.

The set of standards aimed at protecting children’s online privacy were released Wednesday by the Information Commissioner’s Office for Parliament’s approval.

“There are laws to protect children in the real world - film ratings, car seats, age restrictions on drinking and smoking. We need our laws to protect children in the digital world too,” Information Commissioner Elizabeth Denham said. “In a generation from now, we will look back and find it astonishing that online services weren’t always designed with children in mind.”

Tech companies won’t be able to use “nudge techniques,” such as making one option appear easier than the alternative, to encourage kids to provide unnecessary personal data or weaken or turn off their privacy protections. They’ll also have to verify a user’s age or instead apply the code’s standards to all users.

Sharing or broadcasting a child’s location should be off by default, so should profiling kids for so-called behavioral advertising, the new rules say. Other requirements include collecting and holding a “minimum amount” of personal data and making “high privacy” settings the default. Online services should take children’s best interests into account and shouldn’t use their data to auto-recommend harmful content like videos advocating suicide or anorexia.

The “age appropriate design code” has 15 standards in all that must be met by apps, connected toys, social media platforms, online games, educational websites and streaming services. They apply to any online service likely to be used by a child and to any companies offering their services in the U.K.

Violators face punishment including, in serious cases, fines worth 4% of a company’s global revenue, which for the Silicon Valley giants like Facebook would equal billions of dollars.

Once Parliament gives its approval, companies will get a 12-month transition period to adapt to the new rules. They’re expected to come into full effect by autumn 2021.

Tech companies are coming under increasing pressure to tighten up online protection for young people, with authorities in the U.S., Ireland and elsewhere also working on updating their rulebooks.

Show Comments

An-Nahar is not responsible for the comments that users post below. We kindly ask you to keep this space a clean and respectful forum for discussion.