Children’s privacy to be addressed in UK and US

Politicians on both sides of the pond are pushing for new legislation designed to shore up children’s online privacy and safety.

 The fresh drives to give youngsters enhanced protection in both countries represents a clear shift in the discourse of international privacy standards for our current and future online communities, and comes in response to a global landscape of strengthening data legislation.

In line with the Data Protection Act 2018, the UK’s Information Commissioner’s Officer (ICO) has put together a code of practice for children’s privacy standards that integrates with existing legal frameworks. The 16 new standards will be under public consultation until the end of May, with a final version expected to come into being by the end of 2019.

The standards cover online services, including social media platforms, IoT devices and connected toys, and will combine to take a more robust stance on the protection of children’s personal information.

Makers of connected gadgets and games will have to create their products with child users in mind, unless they can prove that the devices are suited to a specific age category.

The ICO has also suggested that children’s data should not be involved in third-party data sharing to any extent, and that all tracking software features should be turned off.

In the US, politicians are working to update the Children’s Online Privacy Protection Act (COPPA) to make it more difficult for big tech firms to collect the data of under-15s.

Updates to the COPPA will make it harder for tech companies to track teens and younger children. The first update since COPPA’s introduction in 1998, COPPA 2.0 is designed to address the safety issues arising from social media platforms that rely on the collection of personal information. Amendments will extend better privacy safeguards to teenagers aged 13 to 15, and tech companies will not be able to collect personal data from under 13s without parental consent.

Building on the “right to be forgotten”, the new legislation will also introduce the “Eraser Button” to allow users to delete all personal information with one click.


Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered.