Following a twelve-month grace period, the Age Appropriate Design Code has now come into force.
The UK’s new digital privacy regulation will compel social media companies, gaming platforms and video services to protect children’s data online and has been lauded by campaigners as one of the first successful pieces of digital media regulation.
The Code’s implementation means that businesses must now adhere to a wide array of rules, such as implementing effective age verification checks; limiting the data that can be collected from under 18s; and limiting location tracking.
It also prohibits businesses making use of “nudge” techniques, which can be used to encourage users to provide unnecessary personal data.
In the last few weeks, in a race to get ahead of the deadline, a number of large tech companies have scrambled to make announcements on additional protections for children.
Businesses found to have breached the code can be hit with a fine of up to 4 per cent of annual turnover, in line with the punishments for GDPR breaches.
Whilst the Code has been heralded as one of the UK’s first successful and effective pieces of digital media regulation by some, others have pointed out its introduction may not be greeted with delight by those it purports to protect.
With many teenagers being far more tech savvy than their parents and grandparents, there is a fear that some young people will dismiss the intentions of the code.
“The ICO has made it abundantly clear that with the introduction of the new Age Appropriate Design Code, they expect proactive engagement on compliance. As a result, we have already seen much activity from tech platforms as they introduce measures to ensure the ICO are satisfied they are working hard to meet the new standards,” commented Elle Todd, Partner at international law firm Reed Smith in London.
“However, one of the most interesting questions around engagement and the AADC concerns not the regulators but children and teens themselves. Like a lot of data protection regulation, one wonders how it will really be greeted by those it purports to protect – take the infamous nightmare of cookie pop-ups for example,” Todd told City A.M. today.
She added that “in the case of the AADC, the biggest change we’re seeing companies required to make is to “age up” protections from under 13’s to teenagers, including 16 & 17 year olds, by turning off certain functionality by default, or pushing users towards child-friendly versions.”
“This is a lot of technical product development change that could end up simply being dismissed by the flick of a toggle, by teens much better able to navigate privacy settings than their parents. Teens are tech savvy and reluctant to be treated differently, so it remains to be seen how much of an impact filters and nudges towards positive behaviour can make,” Todd concluded.
She believes the Code could be a real test case and inform further child protection measures, such as the Online Safety Bill, which is due to be published by the Government in the coming months.