The UK Information Commissioners Office (ICO), the enforcer of the Data Protection Act, has begun a review of websites and apps used by children as part of an international project to consider privacy concerns around the type of personal information services collect.
The ICO will look at 50 websites and apps, looking particularly at
- what information they collect from children
- how that is explained
- what parental permission is sought
The websites and apps will include those specifically targeted at children, as well as those frequently used by children.
The same approach will be taken by 28 other privacy enforcement authorities from around the world, with a view to publishing a combined report in the autumn. The ICO will also consider action against any website or app that it finds to be breaking the Data Protection Act.
Steve Eckersley, ICO Head of Enforcement, said:
Anyone with children knows how many websites and apps are now targeted at them, and how popular they are with children. That’s true from Canada to Columbia, and the same concerns exist around what information the companies behind these services are gathering.
In the UK, we’re clear that apps and websites should not gather more personal data than they require, and operators should be upfront about how and why they collect information and how they use it. . These principles are true whatever the audience, but they are especially true where children are concerned. This research should give us a valuable insight into whether companies in the UK are operating compliantly, as well as how that fits with what is happening around the world
The work is coordinated by the Global Privacy Enforcement Network, and follows previous reports on website privacy policies, and how apps collect personal data. This year’s focus was chosen after privacy enforcement authorities identified a growing number of websites and mobile apps targeted at, or popular among, children.