The children’s rights-by-design standard for data use by tech companies
Issue brief | The duties of tech companies under the Convention on the Rights of the Child
Highlights
This work is part of UNICEF’s Good Governance of Children's Data project.
In the debates about privacy and data protection, the prevalence of the consent standard in regulatory policies places a much greater responsibility on users, often exempting States or companies from the detrimental use of personal data and privacy violations.
When it comes to children's data, parental consent mechanisms are usually insufficient, often leading to an illusion of protection. Either due to the lack of choice, the overload of information and consent, or the complexity of data processing, the vast majority of families adhere to the terms of use without full understanding of their meaning. This generates a constant tension between the responsibility of online platforms or application providers and the families’ and children’s actual agency to deal with the complexity of the digital world.
However, the centrality of parental consent as the only threshold for assessing child protection in the digital environment could imply a mitigation of the responsibility of companies to ensure safe environments for children, free from violations of their rights.
This paper argues that the responsibility for children’s data protection should also include the provider’s responsibility as regards children’s rights, especially when considering the design and development of any online product or service.
