Key recommendations of EGDF and ISFE for Irish Data Protection Authority related to Fundamentals for a Child-Oriented Approach to Data Processing
- ISFE and EGDF recommend that the main criterion for assessing whether organisations need to comply with the standards and expectations of the Fundamentals should be whether the services they provide are directed at or intended for children.
- ISFE and EGDF recommend clarifying the steps that need to be taken to ensure that age verification mechanisms are effective when a service provider stipulates that its service is not for the use of children below a certain age.
- ISFE and EGDF recommend that the Fundamentals take into consideration that it is not always possible for organisations to offer services without any type of consent-based data collection.
- ISFE and EGDF recommend the DPC to reconsider its position that marketing and advertising activities in pursuit of commercial/business interests of an organisation will generally not align with its “zero interference with the best interests of the child” principle.
- ISFE and EGDF recommend that the Fundamentals recognise the central role that parents and legal guardians can play in helping their children understand the risks of data processing activities and ensuring that they have the benefit of specific protection under the GDPR.
The full position paper can be downloaded from here: http://www.egdf.eu/wp-content/uploads/2020/01/202103-ISFE-EGDF-Response-on-the-Fundamentals-for-a-Child-Oriented-Approach-to-Data-Processing.pdf.pdf
The broader EGDF approach on the protection of children from inappropriate data practices can be accessed here: http://www.egdf.eu/documentation/7-balanced-protection-of-vulnerable-players/protection-of-minors/protection-of-children-from-inappropriate-data-practices/