Report from the Roundtable on the General Data Protection Regulation and children's rights

The General Data Protection Regulation (GDPR) Roundtable on children's rights, organised by European Schoolnet, KU Leuven and the University of Ghent, took place on 23 June 2017. On the occasion, legislators, data protection authorities (DPAs), industry and education representatives, stakeholders and civil society gathered in Brussels to discuss the challenges of the GDPR, which will come into effect in the EU in May 2018.

The aim of the GDPR is to strengthen, simplify and harmonise data protection regimes across Europe, giving individuals control over how their data are processed. While it explicitly specifies that children merit specific protection, article 8 GDPR – which contains requirements regarding parental consent for the processing of personal data of children under 16 (or 15, 14 or 13, if Member States so legislate) – has been the source of much controversy and confusion among Member States.

It was in this context that the roundtable took place, not only to answer stakeholders' questions but also to raise further issues which might prove useful for companies who will need to adapt their data protection standards in less than 10 months from now.

The key sessions of the roundtable were as follows:

  • The GDPR: history, rationale and future guidance, Karolina Mojzesowicz (Deputy Head of Unit, European Commission, DG Justice and Consumers, Unit C3, Data Protection)
  • Identification of children's rights issues in the implementation of the GDPR, Prof. Simone van der Hof (Leiden University), Prof. Eva Lievens (Ghent University)
  • Do children understand the commercial nature of the internet?, Prof. Sonia Livingstone (LSE)
  • Experiences from the United States and COPPA (Children's Online Privacy Protection Act), Prof. Kathryn Montgomery (American University)
  • Challenges for DPAs, industry, parents and children, Caroline De Geest (Belgian Privacy Commission), Andrea Parola (ICT Coalition), David Martin (BEUC), Vicki Shotbolt (Parent Zone), Moderator: Prof. Peggy Valcke (KU Leuven)
  • Article 8, parental consent and codes of conduct, Moderator: Patrick Geary (UNICEF)
  • Profiling, behavioural marketing and data protection impact assessments, Frederik J. Zuiderveen-Borgesius (University of Amsterdam), David Martin (BEUC), Jeff Chester (Center for Digital Democracy), Moderator: Anna Fielder (Privacy International)
  • The implications for data protection and privacy education, Prof. Gloria Gonzalez-Fuster (VUB), Prof. Simone van der Hof (Leiden University), Pascale Serrier (CNIL) and Jeroen De Keyser (National Support Service eTwinning), Moderator: Hans Martens (European Schoolnet)

For more details about the discussions and sessions, consult the follow up report, now available on Better Internet for Kids (BIK) portal.

We equally invite you to take a look at some of the main discussions on social media during the event:

For any further queries, contact gdpr-roundtable@eun.org.


Related news

Roundtable meets to discuss the GDPR

On Friday, 23 June 2017, legislators, Data Protection Authorities (DPAs), industry, education stakeholders and civil society representatives from across Europe met in Brussels, Belgium, to discuss the General Data Protection Regulation (GDPR) with a particular focus on its implications for children's rights.

Age of consent in the GDPR: mapping recent national guidance and proposals

  • Awareness
  • 19/06/2017
  • Eva Lievens and Ingrida Milkaité, Ghent University

In preparation for the implementation of the General Data Protection Regulation (GDPR), in a number of EU Member States national (draft) implementation acts, national consultations or guidance by Data Protection Authorities (DPAs) have been published.

Please note - an updated version of this article is available here. This previous version is preserved to allow readers to track developments should they so wish.

Roundtable on the GDPR and children's rights

From May 2018, the General Data Protection Regulation (GDPR) will take effect in EU Member States. The GDPR aims to strengthen, simplify and harmonise data protection regimes across Europe, giving individuals control over how their data are processed. It explicitly acknowledges that children merit specific protection.