Google is simply adhering to privacy law, but if the more stringent GDPR means that more companies will tighten the reins and exclude children from their services, then children’s right to certain freedoms and to development is impacted directly: the right to obtain information and to express themselves freely, the right to access media, the right to privacy and freedom of association, the right to engage in play, and the right to an education. Unilateral protection rules can therefore have negative consequences.
In addition, it is doubtful that parental consent will actually offer much protection. It’s an illusion to think that we as individuals control our personal data and that we can choose, or at least know, what happens to that data. We don’t have that control and it is entirely unclear how personal data is processed in the inner workings of the internet.
Choose ‘privacy by design’
But here too, there are solutions to hand. The principle of ‘privacy by design’ introduced in the GDPR makes it possible to use innovative means to build a child-friendly digital world. Creative app designers could turn their hand to making data practices in apps transparent in a manner that children of all ages can understand.
Even better would be to change the ‘standard’ and stop automatically observing and analysing children’s online behaviour (‘privacy by default’) – or to anonymise their personal data immediately. Parental consent would be unnecessary then, and we would be safeguarding the rights of children.
Whatever choices we make in our eagerness to protect children, let’s make sure that their rights and freedoms remain intact. Because that is ultimately in the best interest of every child.
By Simone van der Hof, Professor of Law and Information Society at eLaw, Centre for Law and Digital Technologies, Leiden University
Be sure to read the other articles in the Decent Digitisation series, and the related reports: