Information Commissioner's Office
Blog: As the Children’s code comes in – what’s next?
A blog by Stephen Bonner, ICO’s Executive Director of Regulatory Futures and Innovation.
The transition year is up and the Children’s code comes fully into force on 2 September. It’s a ground breaking code that creates a better internet for children by ensuring online services likely to be accessed by children, respect a child’s rights and freedoms when using their personal data.
As you’d expect it’s already having an impact on these services. Facebook, Google, Instagram, TikTok and others have all made significant changes to their child privacy and safety measures recently.
As the first-of-its kind, it’s also having an influence globally. Members of the US Senate and Congress have called on major US tech and gaming companies to voluntarily adopt the standards in the ICO’s code for children in America. The Data Protection Commission in Ireland is preparing to introduce the Children’s Fundamentals to protect children online, which links closely to the code and follows similar core principles.
Post 2 September the risks to children are not removed overnight, and the work doesn’t stop.
We have identified that currently, some of the biggest risks come from social media platforms, video and music streaming sites and video gaming platforms. In these sectors, children’s personal data is being used and shared, to bombard them with content and personalised service features. This may include inappropriate adverts; unsolicited messages and friend requests; and privacy-eroding nudges urging children to stay online. We’re concerned with a number of harms that could be created as a consequence of this data use, which are physical, emotional and psychological, and financial.
Children’s rights must be respected and we expect organisations to prove that children’s best interests are a primary concern. The code gives clarity on how organisations can use children’s data in line with the law, and we want to see organisations committed to protecting children through the development of designs and services in accordance with the code.
We will be proactive in requiring social media platforms, video and music streaming sites and the gaming industry to tell us how their services are designed in line with the code. We will identify areas where we may need to provide support, or should the circumstances require, we have powers to investigate or audit organisations.
Separately, we are considering how organisations in scope of the Children’s code can tackle age assurance, whether that’s verifying ages or age estimation. The ICO will be formally setting out its position on age assurance in the autumn.
Our commitment to working with other regulators through the Digital Regulation Cooperation Forum (DRCF) will help ensure consistency between the code and the incoming online safety laws that will jointly protect children online.
Ultimately the Children’s code will help industry innovate to ensure that the best interests of the child are a primary concern online and built into the design from the beginning. This will grow the trust between online services, children, parents and society.
Latest News from
Information Commissioner's Office
Blog: Providing practical data protection guidance to the media sector13/10/2021 14:25:00
A blog by Elizabeth Denham, Information Commissioner
ICO response to DCMS consultation “Data: a new direction”07/10/2021 12:20:00
Foreword from Elizabeth Denham CBE, UK Information Commissioner.
Statement on mandatory vaccination and COVID status check schemes ahead of their introduction in Scotland and Wales29/09/2021 14:10:00
The UK Information Commissioner, Elizabeth Denham, commented ahead of the introduction of mandatory vaccination and COVID status checks in Scotland and Wales
Statement in response to use of ICO corporate charge card28/09/2021 15:20:00
An ICO spokesperson released a statement in response to use of ICO corporate charge card
Statement in response to use of ICO corporate charge card27/09/2021 16:43:00
Statement given in response to use of ICO corporate charge card.
International progress for domestic benefit: why the ICO convened a G7 meeting on data flows20/09/2021 16:15:00
A blog by Elizabeth Denham, UK Information Commissioner
We Buy Any Car, Sports Direct and Saga fined £495,000 after sending millions of ‘frustrating and intrusive’ nuisance messages.15/09/2021 13:20:00
The ICO has today announced fines totalling £495,000 to well-known companies that between them sent more than 354 million nuisance messages.
Blog: Sharing personal data in an emergency – a guide for universities and colleges15/09/2021 09:15:00
A blog by Viv Adams, Principal Policy Adviser in the ICO Parliament and Government Affairs team
G7 data protection and privacy authorities’ meeting: communiqué13/09/2021 09:10:00
The UK Information Commissioner’s Office (ICO) brought together data protection and privacy authorities from G7 countries, as well as guests from the Organisation for Economic Cooperation and Development (OECD) and the World Economic Forum (WEF), for a discussion this week on shared emerging challenges that need closer international collaboration.