INTRODUCTION
The virtual world has evolved into a platform for people to communicate with one another, express their thoughts and opinions, establish their public personas, and engage in cultural, social, and/or political endeavours.[1]This virtual platform is now accessible to children at a very early age, and they frequently interact with online companies through the use of mobile phones, connected toys, and other technology.[2] Once it begins, the collection and use of each child’s data will likely continue for the duration of their life as they make use of online social media, communication, entertainment, information, shopping, banking, and a variety of other services to go about their daily lives.[3]
UNDERSTANDING THE LANDSCAPE OF CHILDREN’S DATA PRIVACY
“Today’s children are the first generation to be born into a digital age, while their parents are the first to rear ‘digital children’.”[4] Globally, one in every three children is an internet user, and one in every three internet users is a kid under the age of 18.[5] What information children make publicly available has received considerable research attention, with studies indicating that a significant amount of ‘private’ information (current city and school, graduation year, inferred year of birth and list of school friends, favourite activities, music, films, and relationship information) can be directly available on social media, including profiles of minors registered as adults.[6] Technology-related privacy risks are associated with features such as GPS-enabled tracking, which may pose threats to anonymity due to coarse-grained location data or undesirable tracking, or ecology-based features such as the ease of obtaining fake social media accounts, which can result in the spread of malware, the theft of personal information, the spying on users’ activity, or the inundation of the digital environment with fake content.[7] The threats stem from brokers selling the data to other agents (advertisers, further education recruiters, and job agencies), fuelling large-scale and highly tailored spear-phishing attacks, and exposure to child sexual abuse and violence offenders.
RISKS ASSOCIATED WITH COLLECTING AND PROCESSING CHILDREN’S DATA.
Children’s data collection and processing can expose them to a variety of threats, including privacy violations, identity theft, and online manipulation. As personal information like names, addresses, and academic records are highly sensitive, children are especially at risk of privacy violations.[8]Cybercriminals tend to target children’s data due to its potential for financial fraud or identity theft and inadequate data security measures Advertisers can profit from kids’ gullibility and lack of judgement, by delivering customised advertisements that may harm children’s attitudes, preferences, and behaviour. Children may not fully understand the consequences of data sharing and cannot provide informed consent, this limited comprehension might lead to unintended disclosures of personal information without realizing its implications.[9] Childhood data collection can have long-term effects since it leaves a digital legacy that may influence a child’s future possibilities in areas like school and employment, their capacity to manage the use of their personal information may be compromised by improper data consumption.[10]
The dangers involved in gathering and using children’s data underline the importance of strong legislative frameworks, parental participation, and the moral obligations of technology corporations. A comprehensive strategy that takes into account children’s rights, digital literacy, and data protection safeguards is required to address these concerns. Children’s safety and privacy must be put first as we navigate the digital world, ensuring that their online experiences are secure and empowering.
LEGAL AND REGULATORY FRAMEWORK FOR THE PROTECTION OF CHILDREN’S DATA.
The Supreme Court while establishing the right to privacy as a basic right, in 2017 highlighted that “children around the world create perpetual digital footprints on social network websites on a 24/7 basis as they learn their ‘ABCs’: Apple, Bluetooth, and Chat followed by Download, E-Mail, Facebook, Google, Hotmail, and Instagram. They should not be subjected to the consequences of their childish mistakes and naivety, their entire life. Privacy of children will require special protection not just in the context of the virtual world, but also the real world.”[11] To protect children’s privacy and rights in the digital sphere, several legislative and regulatory frameworks have been put in place like the Children’s Online Privacy Protection Act (COPPA) [12]of the US and the General Data Protection Regulation (GDPR)[13] of the EU. One such bill is India’s Digital Personal Data Protection Bill 2023[14] which has recently been passed in the Rajya Sabha.
The DPDP 2023 bill[15] defines a child as someone below 18 years of age, whereas the USA and UK laws allow kids above the age of 13 to give consent for processing their data. The Srikrishna Committee (2018) has suggested that several variables be taken into account when assessing the age of consent for minors, These include (i) a 13-year-old minimum age and an 18-year-old maximum age; and (ii) a single threshold to ensure practical application.[16] Additionally, it was also noted that 18 years may be too old from the standpoint of a child’s complete autonomous development, but to stay consistent with Indian legislation like the Indian Contracts Act, of 1872[17] the minimum age of consent should be 18 years. The bill also outlaws tracking or behavioural monitoring of children, as well as targeted advertising to children and the processing of children’s data that might harm a child’s well-being,[18]but there is no mention of what constitutes detrimental or negative effects, therefore, anything from physical pain to bullying and discrimination would be included within the definition of a negative consequence, and parents and guardians would be able to hold internet platforms responsible for any harm a child may experience as a result of those platforms’ data-collecting operations. Thus, the 5th iteration of the data protection law in India, DPDP 2023, still carries some inadequacies with it, that need to be dealt with in terms of children’s data protection.
EDUCATING CHILDREN AND PARENTS
Education is essential for equipping parents and kids with the skills they need to use the internet responsibly. To provide kids with the knowledge and skills they need to comprehend the repercussions of disclosing personal information online, schools must implement digital literacy programmes. These programmes are designed to help kids recognise and steer clear of possible problems related to internet interactions.[19] Equally crucial is educating parents about internet privacy and data security. Giving parents knowledge about the many dangers kids may encounter online enables them to supervise and establish limits for their children’s digital activities.[20] Fostering an atmosphere where kids feel comfortable sharing their online experiences and worries helps parents offer guidance and support because it encourages open and continuous talks regarding online privacy within families.[21] Instructing kids about internet privacy and data protection may be made easier by creating toolkits for parents and teachers that include advice, instructions, and learning activities.[22] A child’s internet privacy and data protection are fundamentally dependent on education. Society can enable the younger generation to make educated decisions online by including children and parents through digital literacy programmes, workshops, and open dialogues. These instructional initiatives, backed by knowledge and research, help create a more secure and safe online environment for kids.
CONCLUSION
It is morally, legally, and socially necessary to protect children’s privacy and personal information. It is crucial to provide a setting where kids may explore the digital world without jeopardising their safety and well-being at a time when digital connections are a crucial part of growing up. We can provide the groundwork for the protection of children’s personal information and privacy, by passing strict rules, promoting education, and embracing privacy-by-design principles, ensuring a better and safer digital future for the subsequent generations. Ensuring a secure digital future for the next generation requires a steadfast dedication to ethical conduct, innovation, and a collective goal of establishing a safe and supportive online realm. Through proactive steps taken now, we can lay the foundation for a future wherein children can freely explore, learn, and engage online without compromising their privacy or overall welfare. Let us unite in our efforts to guarantee that upcoming digital citizens flourish within an online environment that upholds and safeguards their rights.
Author(s) Name: Bhoomi Jain (ILS Law College, Pune)
References:
[1] G Sartor and M Viola de Azevedo Cunha, ‘The Italian Google-Case: Privacy, Freedom of Speech and Responsibility of Providers for User-Generated Contents’ (2010) 18(4) International Journal of Law and Information Technology 356,<http://dx.doi.org/10.1093/ijlit/eaq010> accessed 10th August 2023.
[2] Marina Everri and Kirsty Park, Children’s online behaviours in Irish primary and secondary schools (Zeeko 2018) <https://zeeko.ie/wp-content/uploads/2018/06/ZEEKO-TREND-REPORT-.pdf> accessed 10 August 2023.
[3] Ibid
[4] ‘Children’s right to privacy in the digital age must be improved’ (OHCHR, 15 July 2021) <www.ohchr.org/en/stories/2021/07/childrens-right-privacy-digital-age-must-be-improved> accessed 9 August 2023.
[5] ‘Growing Up in a Connected World: Understanding Children’s Risks and Opportunities in a Digital Age’ (UNICEF Office of Research – Innocenti) <www.unicef-irc.org/growing-up-connected> accessed 9 August 2023.
[6] Ana Almansa-Martínez, Oscar Fonseca and Antonio Castillo-Esparcia, ‘Social Networks and Young People. Comparative Study of Facebook between Colombia and Spain’ (2013) 20(40) Comunicar 127, <http://dx.doi.org/10.3916/c40-2013-03-03> accessed 9 August 2023.
[7] Maria Murumaa-Mengel, ‘Drawing the Threat’ (2015) 23(1) YOUNG 1, <http://dx.doi.org/10.1177/1103308814557395> accessed 9 August 2023.
[8] Farrow k, ‘Privacy, Consent, and the Vulnerable Child Citizen’ [2019] International Journal of Law, Policy and the Family.
[9] Berson, I. R., & Berson, M. J., ‘Ethical considerations in using technology to collect, analyse, and share data about children’ [2019] Handbook of Child Research.
[10] Sonia Livingstone and Amanda Third, ‘Children and young people’s rights in the digital age: An emerging agenda’ (2017) 19(5) New Media & Society 657, <http://dx.doi.org/10.1177/1461444816686318> accessed 11 August 2023.
[11] Puttaswamy v. Union of India, (2017) 10 SCC 641
[12] Children’s Online Privacy Protection Act, 1998
[13] General Data Protection Regulation, 2018
[14] Digital Personal Data Protection Bill, 2023
[15] ibid
[16] A Free and Fair Digital Economy Protecting Privacy, Empowering Indians,[July 2018] Committee of Experts under the Chairmanship of Justice B.N. Srikrishna
[17] Indian Contracts Act, 1872
[18] ‘Digital Personal Data Protection Bill, 2023 – Key Highlights – azb’ (azb parters, August 2023) <www.azbpartners.com/bank/digital-personal-data-protection-bill-2023-key-highlights/?utm_source=mondaq&utm_medium=syndication&utm_term=Privacy&utm_content=articleoriginal&utm_campaign=article> accessed 9 August 2023.
[19] Livingstone, S., & Haddon, L.).”Risks and safety on the Internet: The perspective of European children.” (2012). Full findings. LSE, London: EU Kids Online
[20] Holloway, D., Green, L., & Livingstone, S. “Zero to eight: Young children and their internet use.” (2013). EU Kids Online
[21] Livingstone, S., Haddon, L., Görzig, A., & Ólafsson, K. “Risks and safety for children on the internet: The UK report. Full findings from the EU Kids Online survey of UK 9-16-year-olds and their parents.” (2011)
[22] UNICEF “Child Online Protection Guidelines: A Framework for Industry.” (2019) United Nations Children’s Fund
