Project Information | Children's data privacy

Children's data privacy rights

The privacy of individuals has become a global issue in the wake of events such as Cambridge Analytica and whistle blower Edward Snowden, but even more so as reports of data breaches, hidden data collection practices, and unethical practices by companies, institutions and governments come to light in the media.

Privacy advocates and researchers have expressed concerns about the surveillance by governments, institutions and companies becoming the norm, and that our personal data is used by these organisations in ways that determine our opportunities and choices, affecting our life outcomes. Data about us is increasingly collected through surveillance by public institutions and companies using biometrics, cameras, social media communications and interactions, our web browsing, purchases, downloads, participation in online surveys, competitions, and communications, our personal networks, and smart - often wearable or in home devices. Rapid integration of smart technologies, storage and processing capacities, algorithms and data analytics has meant that enormous amounts of personal data are collected, aggregated, analysed and used to generate personal dossiers of which we are unaware. Most of this without our knowledge or our 'informed' consent. It is clear that commercial data processing generates inequalities through denying people access to the same opportunities, offers and information.

Regulatory advances such as the EU Global Data Protection Act (GDPR) (May 2018), COPPA, or California Consumer Privacy Act (January 2020) have made some headway into addressing the issue of the privacy and individual control of personal data in the digital era. Although privacy advocates express concern over such events, individuals are less likely to understand how their personal information and privacy is at risk in the digital environment. However, we all have a role in protecting our personal data as well.

Researchers have determined that "vast amounts of data are being collected from children, with or without consent, with or without knowledge that children are even using the services and, further, with or without adequate security provision, and without parental awareness of many of these issues (Livingstone and Yoo, 2018, January 18)." One study by SuperAwesome in December 2018 discovered that children under 13 are exposed to anywhere between 1 and 2 million trackers per year, and that these are collecting some 5 million data points: such as their "location, websites visited, device identifiers etc." and that this increases to around 12 million per year for 12 year olds as they spend more time online. Online advertisers don't discriminate between adults and children and parents are often unaware of how advertisers reach children.

Key findings

Seminar

Academic publication

Children are increasingly subject to corporate surveillance practices where information about them is collected without their knowledge. As early adopters of new technology they are often assumed to be ‘digital natives’ with superior digital skills, but how much do they understand about commercial models and practices whereby data about their own internet activities are collected and used by corporations employing big data analytics? We wanted to know how much parents and teenagers know about these things, and what strategies they currently employee to mitigate corporate surveillance.

We conducted interviews with New Zealand parents and their teenagers in order to understand how they conceptualise and manage privacy risks online. We adopted a grounded approach to the interviews which revealed that parents and teenagers were more likely to think about privacy in relation to their own sharing of information typically done through social media. But beyond this, we were able to identify how they conceptualised privacy and privacy risk, and this allowed us to position their concerns and concepts in relation to their own data sharing, sharing data with institutions, and corporate surveillance. We were particularly interested in how parents thought about children's personal information in the digital context, and whether they saw corporate surveillance of their own and their children's data as problematic.

Key findings can be viewed here, or at this blog post, or an academic publication

These key findings provide much needed critical assessment of the existing regulatory approaches which rely on consumers, parents and teenagers to assess and manage data protection for themselves. Findings suggest that as parents and teenagers do not perceive corporate surveillance to be harmful, they are unlikely to engage in strategies and decisions that limit or prevent corporate data mining of their personal information.There is an urgent need to call on businesses and policymakers to take a stronger approach to protecting children's data.