In today’s digitally connected world, social inclusion has extended into virtual spaces, and young people are increasingly exchanging personal information to stay connected with friends and access social media platforms. This trend has raised significant privacy concerns, especially as recent research by the Information Commissioner’s Office (ICO) reveals how critical data handling is for safeguarding children online.

The ICO’s Children’s Data Lives research has highlighted the importance of enforcing stronger privacy practices to protect young users who may not fully understand the implications of sharing their data.

Data as a form of currency

For many children, personal data has become a form of currency. According to the ICO’s findings, young people often feel they must exchange personal details to access apps and social media platforms, which are central to their social lives.

The research emphasises that, while children seek acceptance in digital spaces, they are largely unaware of how their data is being collected or used by companies. Many young users place their trust in well-known platforms, assuming they are safe, but these platforms’ designs can obscure data-sharing practices, making it difficult for children to make informed decisions about their privacy.

The ICO’s strategy for child privacy protections

In response, the ICO has taken several steps to promote safer digital environments for children. Through its Children’s Code strategy, the ICO aims to ensure that online services prioritise the needs and privacy of young users. This initiative holds businesses accountable for implementing privacy practices that protect children’s rights and enable them to interact safely online.

The ICO has reviewed the privacy practices of 34 social media and video-sharing platforms as part of the Children’s Code strategy. This review assessed issues related to:

  1. Default privacy settings: Since many children rely on default settings, the ICO is pushing for these defaults to be set to privacy-friendly options, minimising exposure to unnecessary data sharing from the outset.
  2. Geolocation: The ICO is addressing the risks associated with geolocation data, which can reveal a user’s location. They advocate for stricter control over location settings to reduce the risk of exposing children’s whereabouts unknowingly.
  3. Age assurance: Verifying the age of users helps ensure that privacy features are appropriately tailored for children, preventing them from inadvertently sharing personal data in adult-oriented environments.

Holding businesses accountable

As part of their commitment to enforcing the Children’s Code, the ICO requested further information from 11 companies to understand how their privacy practices align with child-friendly standards.

While most companies have engaged voluntarily, the ICO had to issue formal information notices to three companies—Fruitlab, Frog, and Imgur—to compel them to provide detailed responses on critical matters such as geolocation, default privacy settings, and age verification. Frog and Imgur have now responded, and the ICO is carefully reviewing their submissions.

A safer online future for children

As digital spaces play an ever-growing role in children’s social lives, the ICO remains committed to its Children’s Code strategy, and will continue to encourage businesses to adopt stronger, more transparent privacy practices.

See: https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2024/10/statement-on-ico-s-work-to-protect-children-online/