Michael J. S. Beauvais,Bartha Maria Knoppers

DOI: https://doi.org/10.3389/fgene.2021.659027

IF: 3.7

2021-04-14

Frontiers in Genetics

Abstract:The COVID-19 pandemic has underscored the need for new ways of thinking about data protection. This is especially so in the case of health research with children. The responsible use of children’s data plays a key role in promoting children’s well-being and securing their right to health and to privacy. In this article, we contend that a contextual approach that appropriately balances children’s legal and moral rights and interests is needed when thinking about data protection issues with children. We examine three issues in health research through a child-focused lens: consent to data processing, data retention, and data protection impact assessments. We show that these issues present distinctive concerns for children and that the General Data Protection Regulation provides few bright-line rules. We contend that there is an opportunity for creative approaches to children’s data protection when child-specific principles, such as the best interests of the child and the child’s right to be heard, are put into dialogue with the structure and logic of data protection law.

genetics & heredity

Siniša Domazet,Ivona Šušak-Lozanovska

DOI: https://doi.org/10.5937/pnb24-44680

2023-01-01

Politika nacionalne bezbednosti

Abstract:Adolescents in the age of technology face a variety of security issues, but one of the most significant ones, that needs to be addressed by legislators, is privacy and data protection. Research has shown that children's rights, especially children's privacy, are regulated by a large number of international regulations. At the European level, both the European Union and the Council of Europe guarantee the rights to privacy and data protection. The Children's Online Privacy Protection Act is the relevant act in the US. The most common violations of children's data and privacy have been found to be online data sharing and mobile application data collection practices. Children's privacy on the Internet can be improved by better communication between parents and children regarding Internet use, educating children about cyber security and online threats, using parental control software, installing antivirus programs on devices used by children and the like.

Chao Wu

DOI: https://doi.org/10.1016/j.techsoc.2024.102457

IF: 6.879

2024-01-01

Technology in Society

Abstract:In recent years, data privacy has attracted increasing public concerns, especially with public scandals from top Internet companies, emerging over inappropriate data collection, lack of transparency in data usage, and manipulation of users' preferences. This has led to responsive efforts from multiple sectors of society to constrain the violation of individuals’ data privacy. Among these efforts, the regulations like GDPR are the most influential, which are believed to be able to change the foundation of the whole data ecosystem. The main concern of current regulation is data transparency, designed to enable individuals to make rational decisions about their data. However, I argue that transparency cannot mitigate a key issue of data privacy, which is the right of receiving benefits from data. This issue is getting severe with the rapid development of the data economy and will become the essential problem of social welfare and fairness in the AI era. I further point out that the key to solving this issue is to migrate the current centralized data utilization paradigm to a new decentralized paradigm. Based on the recent technical advancements, I propose an applicable pathway to implement such a paradigm. And to realize a fair and sustainable data eco-system, joint efforts should be made within this paradigm.

Kathryn C. Montgomery,Jeff Chester,Tijana Milosevic,Kathryn C Montgomery

DOI: https://doi.org/10.1542/peds.2016-1758O

2019-10-03

PEDIATRICS

Abstract:This article focuses on the privacy implications of advertising on social media, mobile apps, and games directed at children. Academic research on children's privacy has primarily focused on the safety risks involved in sharing personal information on the Internet, leaving market forces (such as commercial data collection) as a less discussed aspect of children's privacy. Yet, children's privacy in the digital era cannot be fully understood without examining marketing practices, especially in the context of "big data." As children increasingly consume content on an ever-expanding variety of digital devices, media and advertising industries are creating new ways to track their behaviors and target them with personalized content and marketing messages based on individual profiles. The advent of the so-called Internet of Things, with its ubiquitous sensors, is expanding these data collection and profiling practices. These trends raise serious concerns about digital dossiers that could follow young people into adulthood, affecting their access to education, employment, health care, and financial services. Although US privacy law provides some safeguards for children younger than 13 years old online, adolescents are afforded no such protections. Moreover, scholarship on children and privacy continues to lag behind the changes taking place in global media, advertising, and technology. This article proposes collaboration among researchers from a range of fields that will enable cross-disciplinary studies addressing not only the developmental issues related to different age groups but also the design of digital media platforms and the strategies used to influence young people.

pediatrics

Gabrielle Berman,Kerry Albright

DOI: https://doi.org/10.48550/arXiv.1710.06881

2017-10-19

Abstract:In an era of increasing dependence on data science and big data, the voices of one set of major stakeholders - the world's children and those who advocate on their behalf - have been largely absent. A recent paper estimates one in three global internet users is a child, yet there has been little rigorous debate or understanding of how to adapt traditional, offline ethical standards for research, involving data collection from children, to a big data, online environment (Livingstone et al., 2015). This paper argues that due to the potential for severe, long-lasting and differential impacts on children, child rights need to be firmly integrated onto the agendas of global debates about ethics and data science. The authors outline their rationale for a greater focus on child rights and ethics in data science and suggest steps to move forward, focussing on the various actors within the data chain including data generators, collectors, analysts and end users. It concludes by calling for a much stronger appreciation of the links between child rights, ethics and data science disciplines and for enhanced discourse between stakeholders in the data chain and those responsible for upholding the rights of children globally.

Computers and Society

Stacey B. Steinberg

DOI: https://doi.org/10.25172/smulr.77.2.8

2024-01-01

Abstract:Digital technology has changed the landscape young people face as they come of age. It has changed how children interact with their parents, schools, community organizations, and the state. Despite many benefits, digital technologies that employ data collection, algorithms, and artificial intelligence pose significant risks for the next generation. Private businesses can collect, use, and sell a child’s data in ways never imagined by their families. Information collected by third parties with good intentions can be stolen through data breaches. Through faulty algorithms, websites can make inaccurate assumptions about young people’s interests, teachers can make inaccurate assumptions about a student’s potential achievement, and the state can make inaccurate assumptions about a child’s risk to engage in criminal activity. It can also feed young people information that is harmful to their physical or psychological well-being. Meanwhile, current efforts in the United States that promise to protect children online threaten to undermine their right to privacy. United States federal and state laws are ill-equipped to truly offer children online privacy protections. There are few legal remedies available to young people whose data is used in malicious ways. The remedies that do exist are insufficient to simultaneously safeguard children while respecting privacy as young people mature. To that end, this Article seeks to explore how current laws centered on children’s online protection are inadequate, and why the obsession with keeping young people safe online often curtails their need for agency and autonomy. It offers a cogent path forward to guide federal and state policymakers as they update children’s online privacy protection law.

Olha Yavor,Viktoriia Piddubna,Olena Ruban

DOI: https://doi.org/10.15587/2523-4153.2023.286647

2023-09-13

Abstract:The article highlights the legal concerns surrounding the protection of minors' personal data. The writers have conducted an original study of the sources regulating civil and labor relations in the field of acquiring and using personal data. The expansion and use of information technology and online communications can potentially lead to the violation of personal rights by the owners of personal data, both in workplace settings and in the daily lives of ordinary residents. The purpose of this article is to highlight issues concerning the collection, storage, use, and dissemination of the personal data of a minor, as well as to develop methods to protect the personal data of a child based on a comprehensive analysis of international acts, Ukrainian legislation, unique literature, and case law materials pertaining to the protection of personal data of a minor. Based on the analysis of national legislation and case law of the European Union, the author concludes that the right to personal data protection is one of the forms of realization of the right to respect for private and family life. The obligation to protect person's rights to processing and storage of his or her private information is a negative obligation on the part of both the State and the owners of personal data. The article addresses current difficulties concerning the security of children' personal data under current civil and medical legislation in Ukraine and other countries. The provisions of the General Data Protection Regulation, the California Consumer Privacy Act, and Ukraine's "On Personal Data Protection" Law are compared. Possible steps to establish further protection of children's personal data during collection and processing, whether utilizing websites, video games, online purchases, and so on, are proposed. The paper concludes that state functions should be executed without necessitating individuals' consent for the collection of personal data. Personal data processing should be carried out within the framework and on the basis of Ukrainian laws and regulations, taking into account international conventions in this area. The analysis of methods for safeguarding children's personal data enabled the identification of supplementary avenues for data protection. These include acquiring copies of personal data by both children and their parents, rectifying inaccuracies, completing incomplete data, exercising the 'right to be forgotten' and the 'right to erasure' of personal data, invalidating transactions, and seeking compensation for material and moral damages arising from the unlawful use of personal data

Hildred Anderson

DOI: https://doi.org/10.56397/le.2024.02.02

2024-02-01

Abstract:This paper provides a comprehensive examination of the Children’s Online Privacy Protection Act (COPPA) in the United States, tracing its historical evolution since its enactment in 2000. The analysis encompasses key amendments, legal challenges, and adaptive changes made to COPPA, shedding light on its impact on safeguarding children’s online privacy. Assessing both the positive effects and challenges faced by COPPA, the study explores its influence on online platforms, businesses, and advertisers. Furthermore, the paper discusses the legislation’s adaptability in response to emerging issues, including technological advancements and critiques, and examines potential future developments needed to enhance its effectiveness. The conclusion synthesizes key findings, highlighting the broader implications for the protection of children’s online privacy and suggesting areas for further research.

Mariya Stoilova,Sonia Livingstone,Rishita Nandagiri

DOI: https://doi.org/10.17645/mac.v8i4.3407

IF: 3.043

2020-11-10

Media and Communication

Abstract:How do children understand the privacy implications of the contemporary digital environment? This question is pressing as technologies transform children’s lives into data which is recorded, tracked, aggregated, analysed and monetized. This article takes a child-centred, qualitative approach to charting the nature and limits of children’s understanding of privacy in digital contexts. We conducted focus group interviews with 169 UK children aged 11–16 to explore their understanding of privacy in three distinct digital contexts—interpersonal, institutional and commercial. We find, first, that children primarily conceptualize privacy in relation to interpersonal contexts, conceiving of personal information as something they have agency and control over as regards deciding when and with whom to share it, even if they do not always exercise such control. This leads them to some misapprehensions about how personal data is collected, inferred and used by organizations, be these public institutions such as their schools or commercial businesses. Children’s expectation of agency in interpersonal contexts, and their tendency to trust familiar institutions such as their schools, make for a doubly problematic orientation towards data and privacy online in commercial contexts, leading to a mix of frustration, misapprehension and risk. We argue that, since the complexity of the digital environment challenges teachers’ capacity to address children’s knowledge gaps, businesses, educators, parents and the state must exercise a shared responsibility to create a legible, transparent and privacy-respecting digital environment in which children can exercise genuine choice and agency.

communication

Laurien Desimpelaere,Liselot Hudders,Dieneke Van de Sompel

DOI: https://doi.org/10.17645/mac.v8i4.3232

IF: 3.043

2020-11-10

Media and Communication

Abstract:Children’s personal data are often collected for commercial aims. Although regulations in different countries aim to protect children’s privacy (e.g., by imposing websites to request parental consent for the processing of children’s data for commercial purposes), concerns about protecting children’s online data continue to rise. This article therefore aims to get insights into parents’ and children’s privacy coping strategies and perceptions underlying these strategies. In-depth interviews with ten parents and nine children (8–11 years) were conducted. Findings show that although children engaged in avoidance (e.g., leaving the particular website) and confrontation (e.g., seeking support) strategies, they mainly did this to protect their privacy from malicious individuals—and not from commercial parties. Participating children also lacked general knowledge about both explicit and implicit data practices. To protect their children’s privacy, parents in this study mainly adopted restrictive mediation strategies, but lacked the knowledge to undertake concrete actions in the case of implicit data collection. Implications for policymakers are discussed.

communication

Eva Lievens

DOI: https://doi.org/10.1080/18918131.2021.1992951

2021-04-03

Nordic Journal of Human Rights

Abstract:Digital technologies affect the lives of children and the rights that are specifically attributed to them by the United Nations Convention on the Rights of the Child (UNCRC), article 24 of the EU Charter of Fundamental Rights and many national constitutions. There is no doubt that the digital environment has enormous potential for the empowerment of children and their exercise of the UNCRC rights. Yet, children (and their parents) are expected to make difficult decisions about whether or not or how to use platforms, devices and services that function in complex and opaque manners and whose impact on the rights of the child are difficult to grasp. This is especially the case for data- and advertising-driven practices that intentionally deceive or manipulate children or that are based on pervasive tracking and inferences about children's behaviour, attention and emotions. Based on a legal study of the UNCRC, legislation and policy documents at UN, Council of Europe and European Union level, and scholarship, this article studies the extent to which duties and responsibilities rest on policymakers, platforms and service providers and regulators to uphold the best interests of the child as a primary consideration (Article 3 (1) UNCRC) and what this means for the digital spaces in which children grow up. In particular, the article explores how the application of the precautionary principle might better serve the best interests of the child and how this might require legal restrictions on certain practices, enhanced responsibilities for public and private actors, and stronger enforcement by regulators.

Noah Apthorpe,Sarah Varghese,Nick Feamster

DOI: https://doi.org/10.48550/arXiv.1903.05152

2019-03-13

Abstract:Increased concern about data privacy has prompted new and updated data protection regulations worldwide. However, there has been no rigorous way to test whether the practices mandated by these regulations actually align with the privacy norms of affected populations. Here, we demonstrate that surveys based on the theory of contextual integrity provide a quantifiable and scalable method for measuring the conformity of specific regulatory provisions to privacy norms. We apply this method to the U.S. Children's Online Privacy Protection Act (COPPA), surveying 195 parents and providing the first data that COPPA's mandates generally align with parents' privacy expectations for Internet-connected "smart" children's toys. Nevertheless, variations in the acceptability of data collection across specific smart toys, information types, parent ages, and other conditions emphasize the importance of detailed contextual factors to privacy norms, which may not be adequately captured by COPPA.

Computers and Society

Michael S. Hsiao,France Bélanger,Janine S. Hiller,Payal Aggarwal,Karthik Channakeshava,Kaigui Bian,Jung-Min Park

2007-01-01

Abstract:As children increasingly use the Internet, there have been mounting concerns about their privacy online. As a result, the U.S. Congress enacted the Children’s Online Privacy Protection Act (COPPA) to prohibit websites from collecting information from children under 13 years of age without verifiable parental consent. Unfortunately, few technologies are available for parents to provide this consent. Further, few parents are aware of the laws and technologies available. This research explored parental awareness of laws and technologies associated with protecting children’s privacy online, and usage of technologies and techniques for parental control, using focus group research. The results of the study are used to propose an emergent framework of factors that will impact use of privacy protection tools and techniques by parents.

Anirudh Ekambaranathan,Jun Zhao,Max Van Kleek

DOI: https://doi.org/10.48550/arXiv.2111.14596

IF: 6.4588

2021-11-29

Human-Computer Interaction

Abstract:The industry for children's apps is thriving at the cost of children's privacy: these apps routinely disclose children's data to multiple data trackers and ad networks. As children spend increasing time online, such exposure accumulates to long-term privacy risks. In this paper, we used a mixed-methods approach to investigate why this is happening and how developers might change their practices. We base our analysis against 5 leading data protection frameworks that set out requirements and recommendations for data collection in children's apps. To understand developers' perspectives and constraints, we conducted 134 surveys and 20 semi-structured interviews with popular Android children's app developers. Our analysis revealed that developers largely respect children's best interests; however, they have to make compromises due to limited monetisation options, perceived harmlessness of certain third-party libraries, and lack of availability of design guidelines. We identified concrete approaches and directions for future research to help overcome these barriers.

Anirudh Ekambaranathan,Jun Zhao,Max Van Kleek

DOI: https://doi.org/10.1145/3411764.3445599

2021-05-06

Abstract:The industry for children’s apps is thriving at the cost of children’s privacy: these apps routinely disclose children’s data to multiple data trackers and ad networks. As children spend increasing time online, such exposure accumulates to long-term privacy risks. In this paper, we used a mixed-methods approach to investigate why this is happening and how developers might change their practices. We base our analysis against 5 leading data protection frameworks that set out requirements and recommendations for data collection in children’s apps. To understand developers’ perspectives and constraints, we conducted 134 surveys and 20 semi-structured interviews with popular Android children’s app developers. Our analysis revealed that developers largely respect children’s best interests; however, they have to make compromises due to limited monetisation options, perceived harmlessness of certain third-party libraries, and lack of availability of design guidelines. We identified concrete approaches and directions for future research to help overcome these barriers.

V. Kravchuk

DOI: https://doi.org/10.24144/2307-3322.2023.78.2.7

2023-08-31

Abstract:The article analyzes the protection of personal data based on foreign experience. Social networking has been identified as one of the most prominent cultural phenomena to emerge in the Web 2.0 era. They keep users connected and facilitate the exchange of information between them. The European Union has adopted a new personal data protection system called the General Data Protection Regulation (GDPR). Its main goals include providing individuals with tools to control their personal data, implementing modern standards for the protection of personal information, developing the digital space of the European Union to safeguard personal data, ensuring strict compliance by all parties, and providing legal support for the international transfer of personal information. United States legislative documents related to aspects of data protection and privacy were analyzed, namely: California Consumer Privacy Act (CCPA); Children’s Online Privacy Protection Act (COPPA); Health Insurance Portability and Accountability Act (HIPAA); State data breach notification laws. It is noted that China has a comprehensive legal framework that regulates the protection of personal data, and includes the following legal acts: Personal Information Protection Law (PIPL) and Data Security Law (DSL). Conclusions were made that the urgency and importance of protecting personal data in social networks is due to rapid technological progress, the growth of cyber security threats and the spread of these platforms. By protecting personal data, people can maintain privacy, prevent abuse, maintain user trust, reduce risk, and comply with legal obligations. The issue of ensuring mobility and interoperability in social networks gives particular importance to the protection of personal data, as it relates to this particular data, and not just to technology, as it may be in the telecommunications sector. This requires additional thought and measures to ensure privacy and data security. Therefore, when developing legal protection mechanisms for online social networks, it is necessary to take into account and solve problems related to the protection of personal data.

Salome Sigua

DOI: https://doi.org/10.69554/lhgf4272

2024-03-01

Abstract:Children and young people are often at the forefront of grasping the new and exciting opportunities the Internet can offer such as playing, communicating, experimenting with relationships and identities, learning, creating and expressing themselves. It is estimated that globally one in three of Internet users are under the age of 18. This paper examines how online platforms (Meta, Google, TikTok, etc.) protect children's personal data and how they determine whether consent is given by the correct person and whether the consent can be used as the lawful ground for processing personal data. This paper also observes the role of a parent or guardian in the giving of consent regarding the processing of a child's personal data. The paper will examine questions such as what is the digital age, what is the General Data Protection Regulation regarding the protection of children's personal data and what are the examples of European countries in this regard?

Yevhen Kobko,Hanna Foros,Khrystyna Shperun,Oleksandr Nikitinskyi,Roman Savchuk

DOI: https://doi.org/10.18592/sjhp.v23i2.12304

2024-02-09

Abstract:The research aims to uncover the legal regulations pertaining to the protection of minors' personal data, considered a crucial component of informational security. Through an analysis of Ukrainian and European legislation, in conjunction with the General Data Protection Regulation and the California Consumer Privacy Act, this study seeks to explore preventive measures against third-party abuse of children's information. The research highlights the responsibilities imposed on state authorities and legal entities, based on Ukrainian and European legislation, to safeguard personal data. The methodology employed in this article involves the utilization of both general scientific and specialized methods of scientific cognition. The specificity of the research subject, along with its purpose and tasks, guided the selection of these methods. The research results reveal various problematic issues related to the collection, storage, use, and distribution of personal data of minors. The obligation to protect an individual's rights to the processing and preservation of personal data or private information is a responsibility placed on state authorities in accordance with the legislation of Ukraine and European countries (Germany, Switzerland, France, Italy, Norway, Great Britain), as well as on legal entities that own or store the specified personal data. In conclusion, the protection of personal data emerges as a fundamental right, integral to the broader rights of family and private life. The study also underscores the importance of international cooperation mechanisms in addressing this multifaceted issue.

Karen Louise Smith,Leslie Regan Shade

DOI: https://doi.org/10.1177/2053951718805214

2018-07-01

Abstract:Children’s digital playgrounds have evolved from commercialized digital spaces such as websites and games to include an array of convergent digital media consisting of social media platforms, mobile apps, and the internet of toys. In these digital spaces, children’s data is shared with companies for analytics, personalization, and advertising. This article describes children’s digital playgrounds as a data assemblage involving commercial surveillance of children, ages 3–12. The privacy sweep is used as a method to follow the personal information traces that can be expected to be disclosed through typical use of two children’s digital playgrounds: the YouTube Kids app and Fisher-Price Smart Toy plush animal and companion app. To trace the data flows, privacy policies and other publicly available documents were analyzed using political economy and privacy informed indicators. This article concludes by reflecting upon the dataveillance and commercialization practices that trouble the privacy rights of the child and parent when data assemblages in children’s digital playgrounds are surveillant.

social sciences, interdisciplinary

Ellie Graeden,David Rosado,Tess Stevens,Mallory Knodel,Rachele Hendricks-Sturrup,Andrew Reiskind,Ashley Bennett,John Leitner,Paul Lekas,Michelle DeMooy

2023-08-25

Abstract:Under the current regulatory framework for data protections, the protection of human rights writ large and the corresponding outcomes are regulated largely independently from the data and tools that both threaten those rights and are needed to protect them. This separation between tools and the outcomes they generate risks overregulation of the data and tools themselves when not linked to sensitive use cases. In parallel, separation risks under-regulation if the data can be collected and processed under a less-restrictive framework, but used to drive an outcome that requires additional sensitivity and restrictions. A new approach is needed to support differential protections based on the genuinely high-risk use cases within each sector. Here, we propose a regulatory framework designed to apply not to specific data or tools themselves, but to the outcomes and rights that are linked to the use of these data and tools in context. This framework is designed to recognize, address, and protect a broad range of human rights, including privacy, and suggests a more flexible approach to policy making that is aligned with current engineering tools and practices. We test this framework in the context of open banking and describe how current privacy-enhancing technologies and other engineering strategies can be applied in this context and that of contract tracing applications. This approach for data protection regulations more effectively builds on existing engineering tools and protects the wide range of human rights defined by legislation and constitutions around the globe.

Computers and Society