The Information Commissioner’s Office (ICO) has published a set of guidelines designed to protect children’s privacy online.

This set of 15 standards is aimed at those developing online services for children, such as apps, internet-connected toys, social media platforms, online games and streaming services.

According to research by Ofcom, a rising number of children younger than 11 have social media accounts, with 18% of under 11s having their own profile online. Furthermore, one in five UK internet users are children, according to the ICO.

The 2018 Data Protection Act included provisions for standards for safeguarding children online, but these standards are the first of their kind.

The code covers how data is being gathered when children use online services. Firstly, the code states that the “best interests of the child should be a primary consideration” whenever an online service is being developed, and that privacy information should be transparent, written in “clear language suited to the age of the child”.

In order to combat the coronavirus, would you be happy to use an app that:

View Results

Loading ... Loading ...

The code outlines how privacy settings on children’s online services should have the highest settings by default, with location and profiling settings switched off, and minimal data collection.

In addition, companies should not use “personal data in ways that have been shown to be detrimental to their wellbeing”.

ICO putting children’s privacy before profit

Information Commissioner Elizabeth Denham believes that children’s privacy should not be compromised in the interest of profit:

“Personal data often drives the content that our children are exposed to – what they like, what they search for, when they log on and off and even how they are feeling.

“In an age when children learn how to use an iPad before they ride a bike, it is right that organisations designing and developing online services do so with the best interests of children in mind. Children’s privacy must not be traded in the chase for profit.”

Denham said that future generations will “find it astonishing that online services weren’t always designed with children in mind”.

The ICO submitted the code to the Secretary of State in November 2019 and must complete a statutory process before it is presented to Parliament for approval. If approved, organisations will have 12 months to implement the standards.

3 Things That Will Change the World Today

Tom Chivers, Digital Privacy Advocate at ProPrivacy believes that although the code is a step in the right direction, it is also important to educate the next generation on data privacy:

“Ms Denham raises an excellent point when she says children in today’s society learn how to use an iPad before they ride a bike. To borrow from her example, ‘training wheels’ play a big part in how we learn to ride a bike, and I think this too applies to the internet.

“While these codes are a step in the right direction, these ‘training wheels’ should come in the form of education. We must teach children why it’s important to protect their data – much like we teach them to look both ways when crossing a road – as telling them something is dangerous is one thing, but explaining why and how to navigate this risk is much more effective.

“On the whole, these codes are a breath of fresh air, and we hope they will encourage a substantial change in the tech industry in regard to intrusive data collection. Arming the next generation with the knowledge of what goes on behind the surface of apps and websites is essential, next up, let’s see some effective legislation brought to the table for adults who are often less technically gifted than their younger counterparts.”


Read more: ICO calls for adtech industry reform due to “systematic” problems.