“In an age where children learn how to use an iPad before they ride a bike, it is right that organizations designing and developing online services do so with the best interests of children in mind,” said UK Information Commissioner, Elizabeth Denham. “Children’s privacy must not be traded in the chase for profit.”

The UK ICO unveiled a set of rules known as the “Age Appropriate Design Code.”

“The Code outlines 15 standards online services should follow to protect children’s privacy … It also provides guidance on data protection safeguards aimed at ensuring online services are appropriate for children’s use.”

The code includes requirements for platforms to:
  • set privacy settings to “high” by default
  • minimize data collection and sharing
  • turn off by-default location tracking and targeted advertising
  • not use “nudge techniques” to encourage children to provide unnecessary personal information
  • conduct data protection impact assessments
  • provide transparency in privacy and data policies

If passed by Parliament, the Code will take effect around fall 2021.

Details from the International Association of Privacy Professionals.