Do you have kids?
If you do, you’re probably at least a little worried what they’re doing online when you’re not around. Especially now that everyone has the Internet right in their pockets, children’s data privacy has become a hot topic in conversation and legislation alike.
Children are particularly vulnerable to data privacy violations, because they are often unaware of the risks associated with sharing their personal data online and less aware about the common ways that threat actors target their victims. Thankfully, your local and/or federal government probably have some laws to protect your kids!
What Lurks on the Word Wide Web
You already know what threats are applicable to yourself…and there’s no reason that those same threat actors won’t go after your children’s info, too! It’s all up for grabs if it can fetch a price on the Dark Web.
There’s always the “stranger danger” element of the Internet, too. Forget whether you know who they’re talking to online — do they know who’s behind the screen? They may think that they do, but catfishing and spear-phishing can happen to anyone, regardless of age! These bad actors may be wishing do harm your child, or just using them as a gullible entryway into your network and systems.
As rapidly as the Internet speeds ahead, it can take time for the law to catch up! Thankfully, there are many
Is There Legislation Protecting Kids Online?
One of the most well-known laws protecting children’s data privacy is the U.S. Children’s Online Privacy Protection Act (COPPA), which requires companies to obtain parental consent before collecting or using the personal data of children under the age of 13. COPPA also requires companies to provide parents with access to their children’s personal data and to allow parents to delete their children’s personal data.
In Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) has a provision which requires companies to obtain parental consent before collecting or using the personal data of children under the age of 13. This is very similar to the Australian Privacy Act 1988, which protects the collection, use, or disclosure of sensitive information from children under 18.
In the European Union, the General Data Protection Regulation (GDPR) requires companies to obtain parental consent before collecting or using the personal data of children under the age of 16. The United Kingdom incorporated some of these principles into their own law, the Data Protection Act (2018). It requires companies to consider the best interests of the child when processing their data and to implement age-appropriate safeguards.
The Australian Privacy Act 1988 also includes specific protections for children’s data. It requires companies to take reasonable steps to protect children’s personal information and to obtain parental consent for the collection, use, or disclosure of sensitive information from children under 18.
Many other countries have specific laws governing children’s data privacy. The specific requirements and age limits may vary, but the overall goal is to protect children’s personal information and ensure that their data is handled responsibly. Clearly, this is a value shared around the world!
Although you can’t stop kids going online these days, you CAN make sure that they are safe when they surf.
Talk to other parents about their concerns about children’s data privacy. Read news articles and blog posts about children’s data privacy, so you can stay up to date on what’s going on in the cyber-threat landscape and your local legislature!