Is EU regulation effective in ensuring children’s online privacy and data protection?

Following the rationale of the current EU legal framework protecting personal data, children are entitled to the same privacy and data protection rights as adults. However, the child, because of his physical and mental immaturity, needs special safeguards and care, including appropriate legal protection. In the online environment, children are less likely to make any checks or judgments before entering personal information. Therefore, this paper presents an analysis of the extent to which EU regulation can ensure children’s online privacy and data protection

Systematic privacy impact assessment scheme for smart connected toys data privacy compliance

Children\u27s privacy compliance assessment in the area of smart connected toy (SCT) or play robot is a challenge, considering the plethora of device manufacturers using varied controls in an attempt to address diverse global children\u27s privacy regulations. Systematic privacy impact assessment scheme (SPIAS) is an abstract model developed to assess children\u27s SCT privacy compliance to known global child-centered legislation such as the Children\u27s Online Privacy Protection Act (COPPA). SPIAS addresses this issue by integrating global survey and analysis of existing children\u27s privacy legislation, and evaluating privacy theories to provide means of classifying data processed by SCT into set states using a finite state machine (FSM). SPIAS, as a tool to, can be adapted assess and address privacy risks and compliance arising from a new SCT or the convergence of existing SCT that collects, processes, and transfers children information

Designing for GDPR - Investigating Children’s Understanding of Privacy: A Survey Approach

The General Data Protection Regulation (GDPR) places new obligations on businesses that collect and process data from children. It goes so far as to say that privacy notices should be presented in child-friendly and age appropriate formats. Fulfilling GDPR obligations will require designers to have a better understanding of how children understand privacy issues. This research aims to investigate children’s understanding of privacy online. Thirty-two children from a UK primary school, aged between 8 years and 10 years old completed a survey to gauge their understanding of privacy. Eight different scenarios were presented to the children and they had to decide whether the information should be kept private or not and state the reason why. This work identifies that children do have an understanding of privacy, especially when related to online safety. However, children do not yet understand that their data has an inherent value, have misconceptions about data and what data should be protected. This highlights the challenges for designers of technology used by children to meet the GDPR obligations

Leaning into CHAOS (Child\u27s Health and Online Safety Act): Revision to FTC\u27s Enforcement of COPPA & New Model Rule for Child Advertising

This article focuses on the need for a new model act introduced by the author (the Child’s Health and Online Safety Act) to amend the Child’s Online Privacy Protection Rule. First, to understand the landscape of existing child privacy protections, this article discusses the historical background of the Federal Trade Commission’s (FTC’s) authority to regulate child advertising. Furthermore, this article illustrates how the current law, the Children’s Online Privacy Protection Rule (COPPA), regulates entities who direct their websites or online services and advertising to children. Next, this article introduces case law that illustrates the weaknesses of COPPA. Finally, the focus turns to adopt CHAOS (Child’s Health and Online Safety Act), which would amend COPPA and strengthen the foundation to protect our vulnerable population. This new act would seek to replace the various shortcomings that COPPA has not yet addressed and would require new broader obligations such as banning targeted advertising to children, stopping the collection of personal information from children in certain regards, and adopting a new scope, expanded definitions, education opportunities, and more that would provide a more appropriate level of protection for children. Congress must, therefore, be called upon to adopt CHAOS and answer the call by lawmakers, parents, the President, and others to enhance the privacy protections for the US’s most vulnerable population and create a new generation of tech-savvy and safeguarded youths

Indecent Exposure: Do Warrantless Searches of Cell Phones Violate the Fourth Amendment?

This article argues that searches of student’s cell phone should require a warrant in most circumstances. The amount and personal nature of information on a smart phone warrants special Fourth Amendment protection. This issue is particularly relevant in the public school setting where administrators routinely confiscate phones from students caught using them in school. With more frequency, administrators are looking at the phones, scrolling through text messages and photos, and on some occasions, responding to text messages. The U.S. Supreme Court in Safford v. Redding, acknowledges the special considerations that school children should be afforded in part because of the unique subjective view they have of their own privacy. This same unique perspective should similarly be applied to the contents of a student’s cell phone. Over 75% of teenagers carry a cell phone on a daily basis, and many use the device as a private diary and portal for personal data and information. Teens appear willing to capture in their phone’s text or photos their most private world, and this might seem to signal a renunciation of their privacy. However it is because teens are so willing to expose themselves in a world that they think is private that their expectation of privacy in their phones should be accorded substantial protection. Cell phones in and of themselves are not dangerous. They cannot hold drugs or weapons - only information about drugs or weapons. Given that a cell phone contains highly private information, poses no imminent danger, and its contents can be preserved while a warrant is obtained, school officials should be required to get a warrant unless there are exigent circumstances such as immediate, apparent threat to student safety

Protection of children's online privacy in Malaysia

Purpose - The advantage of digital era with borderless world and having unlimited access to the Internet, enjoyed by most, if not all people, including the young or children. While the current millennials (Lenhart, Purcell, Smith, & Zickuhr, 2010) are more computer savvy than their parents (Heckman, 1999), children are also well versed with Internet and enjoy the digital access at the very young age.However, policy-makers are concern with the advancement of Internet and propagates the idea of shielding and segregating the children from the harm that may cause from access to the Internet (Allen, 2001). Also, Kumaran (2016) highlighted that although there are many benefit and advantages of the Internet but the harm and dangers it poses to the children is worrying because the informational privacy of the children is threatened by children’s participation in the digital world. Moreover, children are unconcern with their privacy, or do not know how to protect their informational privacy and data protection which are of concern to adults (Allen, 2001) and they are unaware the consequence and the impact of revealing their personal information, either their own data or their family data. Some countries have enacted specific legislations to protect the privacy of the children like the Children’s Online Privacy Protection Act (COPPA) in the United States of America (Hetcher, 2000) or introduced self-regulatory initiatives on online child privacy like in the European Union (EU) (Macenaite, 2016). At the international level, the Convention on the Rights of the Child (CRC) was introduced in 1989 by the United Nation (Lundy, 2012) to generally protect the children. The CRC acknowledges that the children is a group of people that needs extra care and protection. In Malaysia, the government has introduced the Child Act 2001 and the Sexual Offences Against Children Act 2017 that protect the children. However, how far these two Acts protect the online privacy of the children in Malaysia? As such, the paper seeks to examine the legal protection of online children privacy in Malaysia, focusing on the Child Act 2001

Delegating and Distributing Morality: Can We Inscribe Privacy Protection in a Machine?

This paper addresses the question of delegation of morality to a machine, through a consideration of whether or not non-humans can be considered to be moral. The aspect of morality under consideration here is protection of privacy. The topic is introduced through two cases where there was a failure in sharing and retaining personal data protected by UK data protection law, with tragic consequences. In some sense this can be regarded as a failure in the process of delegating morality to a computer database. In the UK, the issues that these cases raise have resulted in legislation designed to protect children which allows for the creation of a huge database for children. Paradoxically, we have the situation where we failed to use digital data in enforcing the law to protect children, yet we may now rely heavily on digital technologies to care for children. I draw on the work of Floridi, Sanders, Collins, Kusch, Latour and Akrich, a spectrum of work stretching from philosophy to sociology of technology and the “seamless web” or “actor–network” approach to studies of technology. Intentionality is considered, but not deemed necessary for meaningful moral behaviour. Floridi’s and Sanders’ concept of “distributed morality” accords with the network of agency characterized by actor–network approaches. The paper concludes that enfranchizing non-humans, in the shape of computer databases of personal data, as moral agents is not necessarily problematic but a balance of delegation of morality must be made between human and non-human actors

A glance of child’s play privacy in smart toys

© Springer International Publishing AG 2016. A smart toy is defined as a device consisting of a physical toy component that connects to one or more toy computing services to facilitate gameplay in the Cloud through networking and sensory technologies to enhance the functionality of a traditional toy. A smart toy in this context can be effectively considered an Internet of Things (IoT) with Artificial Intelligence (AI) which can provide Augmented Reality (AR) experiences to users. Referring to the direction of the United States Federal Trade Commission Children’s Online Privacy Protection Act (COPPA) and the European Union Data Protection Directive (EUDPD), this study adopts the definition of a child to be an individual under the age of 13 years old. In this study, the first assumption is that children do not understand the concept of privacy. The second assumption is that children will disclose as much information to smart toys as they can trust. Breaches of privacy can result in physical safety of child user, e.g., child predators. While the parents/legal guardians of a child strive to ensure their child’s physical and online safety and privacy, there is no common approach for these parents/guardians to study the information flow between their child and the smart toys they interact with. This paper discusses related privacy requirements for smart toys in a toy computing environment with a case study on a commercial smart toy called Hello Barbie from Mattel

Sharenting : Why Do Parents Violate Their Children's Privacy?

This paper presents a theoretical analysis of the concept of sharenting, emphasizing its role in violating children’s privacy. Mechanisms of online self-disclosure are also analyzed, especially regarding parents’ activities consisting of posting information about their children online. Lack of legal regulations regarding the protection of children’s privacy online was also pointed out. Finally, a model of sharenting was developed, which was the basis for establishing a framework of the conceptualization of a research project on sharenting