What rights does my child have online?
Data protection is a fundamental pillar underlining everyone’s use of the internet.
Whether you’re sending a tweet, shopping for clothes or gaming online, you’re entitled to have your personal data protected in a robust manner.
The most familiar form of data protection to many of us is the General Data Protection Regulation (GDPR) which is an EU law that came into force on May 25th 2018.
This law provided a new set of rules that gave people more control over how their personal data is collected and how it will be used.
A good example of this is the cookie notice that pops up when you go onto a website that you haven’t been to before.
One of the most important things that GDPR did was enhance the protection of children’s personal data online.
Under GDPR guidelines, a person (including a child) has:
- The right to be informed about who holds your personal data and why it is being processed (transparency).
- The right to access and be given a copy of your personal data (access)
- The right to rectify inaccurate or incomplete personal data (rectification).
- The right to have your data erased (erasure).
The Age of Digital Consent
GDPR regulations also required EU member states to establish an Age of Digital Consent.
The digital age of consent is the minimum age a user must be before a social media or internet company can collect, process and store their data.
In Ireland, the Age of Digital Consent is sixteen.
It is an offence for any company or corporate body to process the personal data of a child “for the purposes of direct marketing, profiling or micro-targeting”.
As you might have noticed, the digital age of consent is higher than the age you need to be to create a Facebook, Snapchat or TikTok account.
These companies must get parental consent before they can start to collect and use the personal data of anyone under the age of thirteen.
This is why those companies stipulate that you must be 13 years old or older to start an account.
However, it is quite easy for children to bypass those age restrictions as all they have to do is say that they are older than they are when setting up an account.
As a result of the Digital Age of Consent being set at sixteen, to be compliant, these companies now require parental consent to collect the personal data of anyone under that age.
Points to Consider
- Under GDPR, a person (including a child) has the right to transparency, access, rectification and erasure.
- The Digital Age of Consent is the minimum age a user must be before a social media or internet company can collect, process and store their data.
- In Ireland, it is 16 years of age.
- Social media and internet companies require parental consent to collect the personal data of anyone under the age of 16.