Skip links

UK Children’s Commissioner Report: Who Knows What About Me?

Blog. For each year passing by more children are getting online, and younger children are spending more and more of their day online. A new study from the UK Children’s Commissioner is on a very important mission: To kickstart thoughts on what this means for children’s lives now – and how it may impact on their future lives as adults.

Children aged 5-15 spend 2 hours online on a weekday and 3 hours per day at the weekend. Children aged 11-16 post on social media 26 times a day (if they continue at the same rate, that is a total of nearly 70,000 posts by age 18.7. Parents of children aged up to 13 share an average of 100 photos and videos of their child each year.8 On average by the age of 13, parents have posted 1300 photos and videos of their child to social media.

  • The report starts by asking questions rooted in everyday scenarios:
  • Could data about a child’s language development and early educational performance at age four play some role in their university application outcomes?
  • Could their parents’ shopping habits impact upon the products and services they are targeted with through advertising?
  • Could personal health data affect their ability to take out insurance in future?

And the answer is of course, yes, it all could!

Algorithms can be used to make predictions about an individual’s characteristics on the basis of historic data about them. In essence, data can be used to learn, deduce or infer much more about individuals than ever before – and these techniques will continue to become ever more advanced. So, it is a matter of how personal data gathered in childhood might be used to shape the individual child’s experiences and prospects in the long term.

Data is getting more and more attention in the UK. But there is greater awareness of some types of data given out online than others. And we need to get more precise when we talk about data. London School of Economics and Political Science highlights that there is an important distinction between the following:
Data that is given directly – e.g. a date of birth posted on someone’s personal information section of their social media profile. Data that is “given off” – this is data that is given unknowingly when people go online, captured through technology such as web cookies. It includes metadata, e.g. someone’s location when they posted something or used an app, the time spent using a certain platform, etc.

When the two previous types of data are analysed it gives rise to inferred data. This is data based on algorithms and predictions. For example, when someone gives their age, gender and likes certain things on Facebook (all forms of direct data giving), this information might be used to predict, which products they might buy – a type of inferred data.

Children need personal data protection – no matter where it stems from. The most significant recent development trying to enforce data privacy has been the implementation of the General Data Protection Regulation (GDPR) this year.

The report sums up this legal framework under GDPR with a special view on children. But it is done mostly in headlines and transcript from the legal framework itself. There are no examples of what these legal wordings actually mean IRL. Maybe this is because the actual legal standards have not been tried in a courtroom – yet.

Stop Right There – and Think
The report  – unfortunately a bit vague – concludes that everyone needs to pause and think:
Schools need to start educating their pupils about the importance of guarding personal information.
Children and parents need to be much more aware of what they share and consider the consequences.
Companies behind apps, toys and other products aimed at children need to stop filling them with trackers, and put their terms and conditions in language that children understand.

And crucially, the Government needs to monitor the situation and refine data protection legislation if needed, so that children are genuinely protected – especially as technology develops.
One could wonder, though, why children and their parents are named in the upper part of that list before companies and the government. Because, really, first of all, companies and the politicians need to get in gear.

A report made by in March 2018 shows that only 2 of 14 investigated popular apps among childen are treating childrens’ data ethically responsible. Danish companies like LEGO and Edulab are role models and frontrunners banning e.g. third party cookies from their websites. (now TikTok), Snapchat, Youtube and Facebook, on the other hand, are sharing childrens’ data, use manipulatory behavioral design and just pretend that there are no kids on their platforms.

No – We Need To Act
So – first of all, companies and politicians need to take responsibility. A report like the one from the UK Child Commissioner is a very important contribution to the issue around children’s right to privacy. But it seems a bit hesitant when it states that a broadening of our understanding is needed for the government, industry and legislators to take responsibility: “Government, industry, regulators and others will need to be ready to respond quickly as our understanding of these challenges develops”.
“Research such as this will help fill the gaps in our understanding of how children’s data might be used in the future, and how we can exploit the benefits while protecting against the risks”.

The truth is:  Society already have enough knowledge for industry and politicians to act. Politicians don’t need to wait for more “understanding” or “research” in order to act. We need to take control – now. As the Commissioner Anne Longfield, writes in her foreword:

“This is only going to get bigger – so let’s take action now to understand and control who knows what about our children”.

Downlead the study