Roundtable on the GDPR and children's rights
- BIK Team
From May 2018, the General Data Protection Regulation (GDPR) will take effect in EU Member States. The GDPR aims to strengthen, simplify and harmonise data protection regimes across Europe, giving individuals control over how their data are processed. It explicitly acknowledges that children merit specific protection.
The GDPR also gives a more prominent role to Data Protection Authorities (DPAs) in raising public awareness of the data protection risks, rules, safeguards and rights in relation to children. Yet, Article 8 – which contains requirements regarding parental consent for the processing of personal data of children under 16 (or 15, 14 or 13, if Member States so legislate) – has sparked a great deal of controversy and confusion. In addition, provisions regarding profiling and their application to children are the subject of diverging views.
On 23 June 2017, European Schoolnet, Ghent University and KU Leuven will co-organise a Roundtable in Brussels on The General Data Protection Regulation and children's rights: questions and answers for legislators, DPAs, industry, education stakeholders and civil society. The Roundtable will bring together a diverse group of legislators, DPAs, industry, education stakeholders and civil society organisations, for a more in-depth discussion of implementation challenges, such as:
- challenges for DPAs, industry, educators and parents
- Article 8, parental consent and codes of conduct
- profiling, behavioural marketing and data protection impact assessments
- implications for data protection and privacy education.
More detailed questions include:
- About Article 8:
o Which services will be classified as "information society services" "directly offered to a child"?
o What age will be chosen in which countries, and on the basis of which processes?
o What practical challenges will arise if different ages are maintained throughout the EU?
- About profiling, behavioural marketing and data protection impact assessments:
o Is profiling only prohibited if the decision has a legal or other significant effect?
o Which measures need to be adopted to provide "specific protection" to "children"?
o Should there be default limitations on the collection of children's personal data for profiling or behavioural marketing purposes?
- About implications for data protection and data privacy education:
o How is data protection/privacy currently integrated in national education policies and actions?
o Which learning and teaching frameworks, resources and campaigns exist, as developed by data protection authorities, Insafe network members and other civil society organisations?
o What are the GDPR implications for schools, particularly regarding the use of information society services?
While participation in the Roundtable is upon invitation only, we will keep you informed on key issues identified and lessons learned on the Better Internet for Kids (BIK) portal and on social media. Meanwhile, you can consult further background information on the GDPR, including various stakeholder perspectives, in the March 2016 edition of the BIK bulletin and on the LSE Media Policy Project blog series on the GDPR and children.
In case of queries, please contact firstname.lastname@example.org.
- Estonian Safer Internet Centre
The General Data Protection Regulation (GDPR) of the European Union entered into force on Friday, 25 May 2018. Although the media in Estonia has quite thoroughly covered the changing data protection rights, they have not paid attention to children's rights. What does the new data protection framework mean for children?
- Gloria González Fuster (LSTS)
In this article, we hear from Gloria González Fuster, a Research Professor at the Law, Science, Technology and Society (LSTS) Research Group of the Vrije Universiteit Brussel (VUB), on whether the new General Data Protection Regulation (GDPR) will help to create a better internet for kids? She argues yes… but only if we all work on it!
- Danish Youth Panel
At the end of March 2016 we published the latest edition of the BIK bulletin with a special focus on the topic of the General Data Protection Regulation (GDPR). Yesterday, the new legislation was adopted. In this article, three members of the Danish youth panel express their views on what the changes might mean for them, with particular reference to Article 8 which could have repercussions on the use of social media for young people under 16 as parental consent is now needed.
- Janice Richardson and Vitor Tomé
Here on the Better Internet for Kids portal, we have touched upon the GDPR (General Data Protection Regulation) many times in the past, for example outlining some of the challenges in the March 2016 edition of the BIK bulletin. Here, guest contributors Janice Richardson and Vitor Tomé share their views on some of the reasons why children over the age of 13 should not require compulsory parental consent for internet service access.
- BIK Team
On Friday, 23 June 2017, legislators, Data Protection Authorities (DPAs), industry, education stakeholders and civil society representatives from across Europe met in Brussels, Belgium, to discuss the General Data Protection Regulation (GDPR) with a particular focus on its implications for children's rights.
- BIK Team
The General Data Protection Regulation (GDPR) Roundtable on children's rights, organised by European Schoolnet, KU Leuven and the University of Ghent, took place on 23 June 2017. On the occasion, legislators, data protection authorities (DPAs), industry and education representatives, stakeholders and civil society gathered in Brussels to discuss the challenges of the GDPR, which will come into effect in the EU in May 2018.
- BIK Team
There has been a great deal of discussion recently about the EU General Data Protection Regulation (GDPR) and particularly around the impact on children and young people. The Information Commissioner's Office in the UK has recently launched a consultation document which provides more detailed guidance for (UK) organisations who are processing personal data under the GDPR.
- Ingrida Milkaite and Eva Lievens, Ghent University
The General Data Protection Regulation (GDPR) entered into force more than a year ago, on 25 May 2018, yet our monitoring exercise concerning the implementation of article 8 GDPR is still ongoing with 2 Member States of the EU left to (formally) adopt their national implementation laws.
- Sonia Livingstone OBE
In this article, we hear from Professor Sonia Livingstone OBE on how the provisions of the new General Data Protection Regulation will affect children and young people.