The age at which children can legally consent to having their personal data processed by tech companies should be raised from 13 to 16, MPs have urged.
The cross-party committee said it was “completely inappropriate” to use consent when it comes to processing children’s data, when many adults struggle to understand complex consent agreements.
It also called on the government to ensure “safe passage” on the internet by strengthening regulations as well as establishing an online database which would allow UK citizens to easily see which companies hold data on them.
These recommendations are contained in a report published on Sunday (3 November) by the Joint Committee on Human Rights, seeking to address the “broken” system in which people currently consent which it says is prone to privacy breaches and discrimination.
Harriet Harman MP, the committee’s chair, said: “Individuals cannot be expected to know whether their data is being used appropriately and what risks this poses to their right to privacy.
“Instead there should be adequate regulation in place to ensure that everyone’s privacy is protected online.”
The report argues that too much responsibility is placed on individuals to educate themselves about how tech companies work.
Users “often have no choice” but to agree to complex, lengthy terms and conditions or privacy notices as a condition of accessing social media – “raising questions about whether consent really has been given”.
The committee heard deeply troubling evidence about some companies using personal data to ensure that only people of a certain age or race are able to see a particular job opportunity or housing advertisement, for example.
It argued that such discrimination, which would be “blatantly obvious” in the days of print advertising, is now difficult to detect and guard against at a time when content is personalised.
What Is The Age Of Digital Consent?
Image Credit: Pxhere.
The General Data Protection Regulations (GDPR) is an EU law which came into effect in the UK through the Data Protection Act 2018.
The GDPR contains specific protections for children – defined as under 16 years of age – such as stating that consent when processing a child’s data can only be obtained with parental authorisation.
EU members states, however, are able to reduce this age to 13, and the UK has done this.
The report also highlights that protections for children in the UN Convention on the Rights of the Child must apply until the age of 18.
- Do children have the right to privacy?
- UK ‘porn block’: Is it the end of the road for online age verification?
- What is GDPR?