EU to Strengthen Control over Children's Data Usage

EU to Strengthen Control over Children's Data Usage

=====================================================================================

The Digital Services Act (DSA) in the European Union, the Online Safety Act (OSA) in the United Kingdom, and the Children's Online Privacy Protection Act (COPPA) in the United States have introduced stricter requirements for online platforms and digital services to ensure the ethical treatment and data protection of minors.

These laws recognise minors as a distinct risk group requiring enhanced safeguards. Key common effects across these legislations include:

1. Privacy by default for minors' accounts: Platforms must ensure children’s profiles are private by default, disabling features like public friend lists, automatic location sharing, cameras, microphones, or content downloads unless minors actively opt in.
2. Robust age verification: Simple self-declaration of age is no longer sufficient. These laws require reliable, privacy-preserving, and harder-to-bypass age verification methods such as mobile network checks, bank account linking, or identity wallets (notably the EU Digital Identity Wallet under the DSA).
3. Ethical design and risk mitigation: The DSA's guidelines emphasise implementing appropriate and proportionate measures tailored to protect minors’ privacy, safety, and security from systemic risks. This includes protecting against manipulative commercial practices such as profiling-based advertising directed at minors, which is prohibited when the platform knows the user is a child.
4. Non-obligatory extra data processing for age determination: The DSA clarifies that platforms are not obliged to process additional personal data beyond what is reasonably required to confirm age.
5. Regulatory oversight and compliance benchmarks: While the DSA guidelines are not legally binding, they set significant standards and benchmarks that enforcement bodies will use to assess compliance. Similarly, the UK’s OSA involves risk assessments submitted to Ofcom, its regulator, strengthening online child protection.
6. Attention to minors’ digital rights: All three laws indicate minors must receive a higher level of protection as a vulnerable group, reinforcing ethical treatment by online service providers including transparency, safety, and restrictions on exploitative content or interactions.

In summary, these laws collectively shape a more protective legal framework for minors online. They require digital service providers to implement stringent privacy defaults, reliable age assurance, and measures against harmful content or commercial exploitation, fostering a safer and ethically responsible digital environment for children in their respective jurisdictions.

Additionally, personal data of minors is now considered ethically charged under the new rules. The European Commission has developed the GDPR Register, an Estonian startup's initiative, to simplify the process of complying with the GDPR. The European Union also plans to launch the EU Digital Identity Wallet in 2026 for age verification.

These developments mark a significant step towards ensuring a safer and more ethical digital world for minors, setting new standards for online service providers and regulators alike.

1. The need for stricter policies in the realm of politics and legislation, particularly concerning environment, education, and business, should be prioritized to establish a general news narrative that securely protects all minors across different digital platforms.
2. With the introduction of stricter data protection policies for minors, such as those found in the Digital Services Act (DSA), Online Safety Act (OSA), and Children's Online Privacy Protection Act (COPPA), schools should incorporate digital education focused on online safety and responsible use of the internet in their curriculums.
3. To create a more sustainable and ethically sound digital business environment, companies should abide by policies promoting the privacy, safety, and security of minors, as set forth by the DSA, OSA, and COPPA, by refusing to engage in manipulative commercial practices and protecting against exploitative content or interactions.

Read also: