E-safety expert John Carr explains what the General Data Protection Regulation (GDPR) means for you and your child and their safety online.
The General Data Protection Regulation (GDPR) is an EU measure which becomes law in May 2018. Any country that wants to be able to send or receive data across EU boundaries is going to have to comply with its key terms so the UK Government announced it will be bringing a Data Protection Bill to Parliament to incorporate the GDPR into UK domestic law. Brexit? What Brexit?
There are still huge uncertainties surrounding the way the GDPR will work but one thing is definite. It is going to be hugely important for children and young people. Among other things it will change our law about the age of consent for data purposes. Up to now the UK Information Commissioner told us there was no fixed age at which a young person can decide for themselves whether or not to give their personal data to an online business without that business having to obtain the consent of the child’s carer or a parent. Their view was everything depends on the nature of the transaction and the individual capacity of each child to understand it, but broadly speaking around 12 most children will be able to manage> this on their own.
No longer. The Government are proposing the age will be fixed at 13. This will cause no great upheaval or change because 13 is already the age Facebook, Snapchat, Instagram specify as their minimum age. What is unclear is whether or to what extent companies might be required to verify the ages of new or even existing members. And for services aimed at under 13s there will be new rules about how online businesses confirm that they have received proper parental authorisation. Under 18s will also have an absolute right to request online businesses to delete all information they may hold on them and businesses generally are going to have to do risk assessments in respect the services they are providing.