If you have children, you should be more than a little worried about what they’re doing online when you’re not around. Now that everyone has the Internet right in their pockets, children’s data privacy has become a problem. It is an issue that needs to be addressed not only in legislation but also within families.
Children are particularly vulnerable to data privacy violations because they are often unaware of the risks associated with sharing their data online and less aware of the common ways that threat actors target their victims. You already know what threats apply to yourself, and those same threat actors will also go after your children’s info. It’s all up for grabs if it can fetch a price on the Dark Web.
There’s the “stranger danger” element of the Internet as well. Forget whether you know who they’re talking to online — do they know who’s behind the screen? They may think they do, but catfishing and spear-phishing can happen to anyone, regardless of age! These bad actors may wish to physically harm your child, extort them and your family, or use them as a gullible entryway into your network and systems.
What Legislation Protects Children’s Data?
One of the most well-known laws protecting children’s data privacy is the U.S. Children’s Online Privacy Protection Act (COPPA), which requires companies to obtain parental consent before collecting or using the personal data of children under the age of 13. COPPA also requires companies to provide parents with access to their children’s data and to allow parents to delete their children’s data.
In Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) has a provision that requires companies to obtain parental consent before collecting or using the personal data of children under 13. This is very similar to the Australian Privacy Act 1988, which requires companies to take reasonable steps to protect children’s personal information and obtain parental consent to collect, use, or disclose sensitive information from children under 18.
In the European Union, the General Data Protection Regulation (GDPR) requires companies to obtain parental consent before collecting or using the personal data of children under 16. The United Kingdom incorporated some of these principles into its own law, the Data Protection Act (2018). Companies must consider the child’s best interests when processing their data and implement age-appropriate safeguards.
Many other countries have specific laws governing children’s data privacy. The requirements and age limits may vary, but the overall goal is to protect children’s personal information and ensure their data is handled responsibly. This is a value shared around the world.
You can’t stop kids from going online these days, but you can ensure they are safer when surfing. Talk to other parents about their concerns about children’s data privacy. Read news articles and blog posts about children’s data privacy so you can stay current on what’s going on in the cyber-threat landscape and your local legislature. Most importantly, talk to your children. Make them part of the conversation and read those articles and posts together. If they are old enough to be online, they are old enough to be part of the solution.
At Commonwealth Sentinel, we can evaluate your existing IT security and work with your team to improve it. We can also provide a complete source of services. At Commonwealth Sentinel, we stay focused on cyber security so you can focus on other things. Contact us today or sign up for a free consultation.
At Commonwealth Sentinel, we stay focused on cyber security so you can focus on other things.