The U.K. government has asked companies to make their internet privacy language more child-friendly, in order to help protect children from inappropriate content online.
Websites and applications must follow a new set of privacy warnings for minors, as part of the United Kingdom’s attempt to make the internet a safer and better place for users under the age of 18.
Companies that target children must follow the Age Appropriate Design Code, commonly known as the Children’s Code, which has 15 requirements, including turning off geolocation tracking by default, or risk fines for confusing or convoluted data sharing messages. The measures are part of the data-protection laws of the United Kingdom.
For example, the code’s transparency requirement suggests that businesses use clear and simple language in privacy agreements and offer child-friendly, “bite-sized” explanations about how they handle personal data at the point of activation. Rather to depending only on textual communications, it promotes the use of infographics, cartoons, images, video and audio material, as well as games and interactive content, to clarify the implications of privacy and data rules.
The guideline also advises that websites and applications for children who are unable to read or understand the idea of privacy offer voice and visual alerts instructing children not to touch or alter privacy settings, or to seek assistance from an adult if they do so. Another regulation prohibits the use of pop-up nudges that, via smart design, may urge a kid to give up additional data while in the moment—for example, a big “yes” button that draws the attention away from the matching “no.”
Subscribe to our newsletter
The Report on Experience
Get weekly updates on how businesses use data, technology, and design to help their customers and workers succeed.
The legislation is being adopted to safeguard British youngsters, but it is likely to have far-reaching consequences. The rules, which were written to ensure that companies follow the laws outlined in the 2018 Data Protection Act, apply to both domestic and foreign companies that process personal data of children in the country, as well as websites and apps that aren’t specifically designed for those under the age of 18 but are still used by them, according to the commissioning body.
Companies found in violation of the code may face the same penalties as those found in violation of the European General Data Protection Regulation, or GDPR, which can entail fines of up to 4% of worldwide turnover.
Several major social media firms, including Alphabet Inc.’s Google and ByteDance Ltd.’s TikTok, have made modifications to their worldwide privacy agreements and interfaces in the last month with younger users in mind, without mentioning the Children’s Code explicitly.
The Children’s Code suggests breaking down data usage agreements into “bite-sized” explanations written in simple, kid-friendly language.
Photo courtesy of the Office of the Information Commissioner
Last month, Google said that it will be providing simple reading materials for young kids and their parents to help them better grasp the search giant’s data policies. These contain privacy guidelines for three age groups: 6-8, 9-12, and 13-17 years old. Its YouTube platform said that it will change the default upload setting for users aged 13 to 17 to the most private option and turn off autoplay by default for those users.
After introducing new features that discourage minors from interacting with adults they don’t know, Facebook, which owns the apps Instagram and Messenger, said it is working with experts in the fields of online safety, child development, child safety, and mental health to develop new products and features for young people. TikTok unveiled a new feature this week that would encourage parents and guardians of teenagers to learn more about the platform’s privacy and safety settings and to assist their children understand them.
“Anything that encourages children and adolescents to better understand the cycle of use of our personal data is important,” said Caitriona Fitzgerald, deputy director of the Electronic Privacy Information Center, a Washington, D.C.-based organization focusing on privacy concerns.
The hefty penalty and the costs associated with product redesigns to accommodate the code may deter some small businesses based outside of the U.K. from launching in the market, at least until it is clear how adherence to the code will be policed, said Tyler Newby, a privacy and cybersecurity lawyer at Fenwick & West LLP.
According to him, the code’s wide applicability may prompt businesses to reconsider the usage of cumbersome policy agreements for adults. It could inspire a new kind of focus group: kids reading privacy agreements and marking what they understand and don’t.
Mr. Newby said, “Otherwise, it’s a bunch of adult attorneys sitting around wondering what a child understands.”
Rep. Kathy Castor (D-Fla.) introduced a bill in Congress in July that includes elements of the Children’s Code in an effort to strengthen the United States’ Children’s Online Privacy Protection Act, or Coppa, which was enacted in 2000 to give parents control over what information is collected about their children online. Senators Ed Markey (D-Massachusetts) and Bill Cassidy (R-Louisiana) proposed the Children and Teens’ Online Privacy Protection Act in May.
Katie Deighton can be reached at [email protected]
Copyright ©2021 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8