UK introduces standards to protect children’s privacy on social media
The British privacy watchdog, the Information Commissioner’s Office, has drawn up sixteen different standards in the form of a code, which parties such as Facebook may have to adhere to. It is mainly about protecting the privacy of children.
The sixteen standards should lead to a design of information society services that are age-appropriate, only involving services that are expected to be used by children. In the case of children, for example, data may not just be shared, the default settings must be set to ‘high privacy’, the makers must take the interests of the child into account when designing.
Another standard that is specifically mentioned is a behavioral motivational technique called nudge. People are subtly stimulated to behave in a certain way. For example, the supervisor includes a case where it is asked to continue, where the answer ‘yes’ is much larger and clearer than a negative answer. Reward series or positive reinforcement techniques, which include likes, are also seen as a method to encourage users to continue to actively use the platform, enabling the service to collect more personal data. These may be inadmissible under certain circumstances.
The rules are part of a code of conduct that is available for consultation until May 31. ICO will submit a final version to the UK Parliament, where it is expected to be passed before the end of this year. Organizations must then follow the code and demonstrate that their services use children’s data fairly and in accordance with privacy laws. In the event of a violation, the supervisor can take enforcement action. For example, a fine can be imposed, but the service can also be prohibited from processing data any longer. ICO can impose fines of 20 million euros or 4 percent of annual worldwide turnover for serious violations; this is about how to arrive at the highest amount.