Social media websites, online games and streaming services which are used by children will now have to conform to a new Code of Practice published by the Information Commissioner’s Office.
The code, which is formed of a set of 15 standards that online services should meet to protect children’s privacy, covers services which are likely to be accessed by children and in turn process their data. It also makes the providing of a baseline of data protection for children a requirement, whenever they download a new app, game or visit a website.
Subsequently, this will mean that privacy settings should be set to high by default, along with the discontinuation of nudge techniques, which encourage children to weaken their settings. Additionally, location settings should also be switched off by default, to prevent the world seeing where a child is.
Elizabeth Denham, Information Commissioner, said: “Personal data often drives the content that our children are exposed to – what they like, what they search for, when they log on and off and even how they are feeling."
“In an age when children learn how to use an iPad before they ride a bike, it is right that organisations designing and developing online services do so with the best interests of children in mind. Children’s privacy must not be traded in the chase for profit.”
The code’s standards are rooted in the General Data Protection Regulation (GDPR), with the code being introduced by the Data Protection Act 2018. Following the submission of the code by the ICO to the Secretary of State in November, it must now complete a statutory process ahead of it being laid in Parliament for approval. After this, organisations will then have 12 months to update their practices prior to the code coming into full effect. The ICO has said it expects this to be by autumn 2021.
Read more about the new Code of Practice - https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2020/01/ico-publishes-code-of-practice-to-protect-children-s-privacy-online/