UK Lays Out Tough Child Data Privacy Rules

The Associated Press
By The Associated Press
January 22, 2020UK
UK Lays Out Tough Child Data Privacy Rules
Women use cellphones on a platform at an Underground station in central London on Dec. 24, 2019. (Petros Karadjias/ AP Photo)

Social media sites, games, and other online services won’t be allowed to “nudge” British kids into revealing personal details or lowering their privacy settings, under tough new rules drawn up by the country’s privacy regulator.

The set of standards aimed at protecting children’s online privacy were released on Jan. 22 by the Information Commissioner’s Office for Parliament’s approval.

“There are laws to protect children in the real world—film ratings, car seats, age restrictions on drinking and smoking. We need our laws to protect children in the digital world too,” Information Commissioner Elizabeth Denham said. “In a generation from now, we will look back and find it astonishing that online services weren’t always designed with children in mind.”

Tech companies won’t be able to use “nudge techniques,” such as making one option appear easier than the alternative, to encourage kids to provide unnecessary personal data or weaken or turn off their privacy protections. They’ll also have to verify a user’s age or instead apply the code’s standards to all users.

smartphone apps
Smartphone apps are shown, in Miami, on Oct. 29, 2019. (Wilfredo Lee/AP Photo)

Sharing or broadcasting a child’s location should be off by default, so should profiling kids for so-called behavioral advertising, the new rules say. Other requirements include collecting and holding a “minimum amount” of personal data and making “high privacy” settings the default. Online services should take children’s best interests into account and shouldn’t use their data to auto-recommend harmful content like videos advocating suicide or anorexia.

The “age appropriate design code” has 15 standards in all that must be met by apps, connected toys, social media platforms, online games, educational websites, and streaming services. They apply to any online service likely to be used by a child and to any companies offering their services in the UK.

Violators face punishment including, in serious cases, fines worth 4 percent of a company’s global revenue, which for the Silicon Valley giants like Facebook would equal billions of dollars.

Once Parliament gives its approval, companies will get a 12-month transition period to adapt to the new rules. They’re expected to come into full effect by autumn 2021.

Tech companies are coming under increasing pressure to tighten up online protection for young people, with authorities in the United States, Ireland, and elsewhere also working on updating their rulebooks.

By Kelvin Chan

ntd newsletter icon
Sign up for NTD Daily
What you need to know, summarized in one email.
Stay informed with accurate news you can trust.
By registering for the newsletter, you agree to the Privacy Policy.