Roundtable on the GDPR and children's rights

From May 2018, the General Data Protection Regulation (GDPR) will take effect in EU Member States. The GDPR aims to strengthen, simplify and harmonise data protection regimes across Europe, giving individuals control over how their data are processed. It explicitly acknowledges that children merit specific protection.

Date 2017-06-14 Author BIK Team

The GDPR also gives a more prominent role to Data Protection Authorities (DPAs) in raising public awareness of the data protection risks, rules, safeguards and rights in relation to children. Yet, Article 8 – which contains requirements regarding parental consent for the processing of personal data of children under 16 (or 15, 14 or 13, if Member States so legislate) – has sparked a great deal of controversy and confusion. In addition, provisions regarding profiling and their application to children are the subject of diverging views.

On 23 June 2017, European Schoolnet, Ghent University and KU Leuven will co-organise a Roundtable in Brussels on The General Data Protection Regulation and children's rights: questions and answers for legislators, DPAs, industry, education stakeholders and civil society. The Roundtable will bring together a diverse group of legislators, DPAs, industry, education stakeholders and civil society organisations, for a more in-depth discussion of implementation challenges, such as:

  • challenges for DPAs, industry, educators and parents
  • Article 8, parental consent and codes of conduct
  • profiling, behavioural marketing and data protection impact assessments
  • implications for data protection and privacy education.

More detailed questions include:

  • About Article 8:

o Which services will be classified as "information society services" "directly offered to a child"?
o What age will be chosen in which countries, and on the basis of which processes?
o What practical challenges will arise if different ages are maintained throughout the EU?

  • About profiling, behavioural marketing and data protection impact assessments:

o Is profiling only prohibited if the decision has a legal or other significant effect?
o Which measures need to be adopted to provide "specific protection" to "children"?
o Should there be default limitations on the collection of children's personal data for profiling or behavioural marketing purposes?

  • About implications for data protection and data privacy education:

o How is data protection/privacy currently integrated in national education policies and actions?
o Which learning and teaching frameworks, resources and campaigns exist, as developed by data protection authorities, Insafe network members and other civil society organisations?
o What are the GDPR implications for schools, particularly regarding the use of information society services?

While participation in the Roundtable is upon invitation only, we will keep you informed on key issues identified and lessons learned on the Better Internet for Kids (BIK) portal and on social media. Meanwhile, you can consult further background information on the GDPR, including various stakeholder perspectives, in the March 2016 edition of the BIK bulletin and on the LSE Media Policy Project blog series on the GDPR and children.

In case of queries, please contact

Related news