The Office of the Australian Information Commissioner (OAIC) has published a set of proposed changes to the country’s Children’s Online Privacy Code, putting the onus on agencies and businesses that collect or disclose the personal information of children to “consider the best interests of children” before doing so.
“It has been estimated that by the time a child turns 13, around 72 million pieces of data will have been collected about them, making them vulnerable to harms from data breaches, discrimination, algorithmic bias and targeted advertising of harmful products, amongst other risks,” privacy commissioner Carly Kind said in a 31 March statement.
In addition, the new exposure draft includes the following obligations:
- That direct marketing is only permissible with consent and when in the child’s best interests. Personal information must also be collected directly from the child, not a third party.
- More rights and controls for children. This includes a right to request the destruction of their personal information.
- Privacy notices and policies must be written in clear, accessible, age-appropriate language.
- Stronger consent mechanisms, including telling a child when a parent consents on
their behalf
“Importantly, the code will not restrict or limit children and young people’s participation in online spaces. Instead, it raises the standard for privacy protections in Australia and puts the onus on online services to do better when handling children’s personal information online,” Kind said.
“Children play, learn, socialise and connect with family and culture online – it’s important that children can participate without fear or exploitation. The code will give confidence to parents that the apps, games and websites their children use are taking steps to protect children’s privacy.”
Not-for-profit, the Alannah & Madeline Foundation has welcomed the draft proposal. It asserts that digital platforms can no longer operate under a “business-as-usual model that treats children’s personal information as a commodity”.
“Every child has the right to be safe online, and this code is an essential tool to uphold that right. By requiring platforms to prioritise the wellbeing of children over data-driven profits, we are finally seeing the systemic accountability that parents and educators have been demanding,” Sarah Davies AM, CEO of the Alannah & Madeline Foundation, said in a statement.
“We welcome this code and call for clear penalties for non-compliance. We are eager to ensure that the regulator is fully resourced and has support to bring these protections to life. It’s no small task to change the way the tech industry handles children’s data, but with the rise of generative AI and other digital technologies, we cannot afford not to do it.”
You can read the exposure draft here.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
David Hollingworth
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.