The achievement of an adequate level of privacy protection is a demanding objective, especially for new technologies. One relatively new but increasing class of users of Internet related services consists of children and young people. However, if Internet services can improve social skills and widen the knowledge minors have, it could open the doors to privacy abuse and misuse. As it would not be feasible to address all the legal and technical tools available within the privacy protection process, this chapter will focus on a specific element required by regulation and applicable both in Europe and in the US: the inclusion of a privacy policy in any website that collects personal data from users. The paper will provide an analysis of some of the privacy policies available online provided by companies that focus specifically on children and by social networking sites. The analysis will couple the descriptive part with suggestions to improve the level of compliance and, consequentially, the level of protection for minors’ privacy.
Top1. Children On The Internet: Naive And Techno-Savvy
The achievement of an adequate level of privacy protection is still a demanding objective, and this is more than true for new technologies. The pervasive presence of information and communication technologies (ICTs) in our life and the increasing importance they have in our working and leisure time pushes for a more comprehensive understanding of problems and risks and, at the same time, for a more focused analysis of the needs and specificities of each class of data subjects.
One relatively new but increasing class of users of ICTs, and in particular of Internet related services, is children and young people. Statistics show that currently the percentage of children using Internet significantly overcomes the corresponding percentage of young adults (age 18-24), in a similar time period (Eurobarometer, 2007). Moreover, social studies also acknowledge that minors are more and more interested in new technologies, and Internet in particular offers them new forms of socialization not available before. Through e-mail exchanges, online surfing, virtual games, chats and other services, minors are now increasingly able to relate to others living in faraway places, to meet different people and learn about their lives, their history, games and many other topics which can enhance their own knowledge of reality in unprecedented and unparalleled ways (Simpson, 2003).
If Internet services can improve social skills and widen the knowledge minors have, it could open the doors to privacy abuse and misuse. However, we should not interpret the Internet as evil, and we should not overestimate the risks online, as, though complex and multifaceted, in most cases these are not significantly different than those children face offline. Moreover, some of these risks do not necessarily arise from the technology itself but result from offline behaviors that are extended into the online space (Staksrud and Livingstone, 2009; Home Office task force on child protection on the internet, 2008). Youngsters are always attracted to new experiences and the Internet is an ideal playground where they can search for the service that mostly fits their needs and interests, and eventually switch to a new one as soon as they get bored. This approach pushed Internet Service and Content providers to differentiate their products and services so as to gather as many users for the longer time possible. As a matter of fact, minors leave traces of their passage and provide information about themselves. This, given the expanded possibilities to collect, organize and store thousands of data (Art 29 WP, 2009), can provide the materials for databases that include detailed profiles which can be used (directly or indirectly) for marketing purposes. Thus, websites can build in systems to help them monitor and understand children preferences, so as to have the possibility to tailor the content and the services upon minors identified interests, and push those interests into specific buying trends through the way in which the content and the services are provided (Stevees, 2006; Edwards, 2008; Kerr and Stevees, 2005).
From the policymaker perspective, this framework raises two level of difficulties: on the one hand, it is not possible to define a 'one size fits all' rule applicable to all possible services and devices through which the data are collected, not only due to differentiation of services provided to users, but also to convergence of media, which allow users to interact through different devices, such as mobile phones, personal digital assistants, game consoles and PCs. On the other hand, the policy approach should not only focus on a single tool to achieve the level of privacy protection required. Increasing the safety of the online environment is an objective that should include all the previous and subsequent phases which are linked to online connection. Namely such an effort should entail the education and awareness raising actions in schools and at home, the provision of technical and legal tools that can help children and young people to manage their online experience and, in the worst case scenario, to react to potential harm.