The Data Protection Commission (DPC) has published the final version of its guidance “Children Front and Centre: Fundamentals for a Child-Oriented Approach to Data Processing” (the Fundamentals). This is the culmination of an intensive project over the last 3 years which has involved 3 separate stakeholder consultation processes (including a direct consultation with children), engagement with experts in the area of children’s rights, expansive research and a two-stage drafting process. The Fundamentals introduce child-specific data protection interpretative principles and recommended measures that will enhance the level of protection afforded to children against the data processing risks posed to them by their use of/ access to services in both an online and offline world. The Fundamentals will also assist organisations that process children’s data by clarifying the principles, arising from the high-level obligations under the GDPR, to which the DPC expects such organisations to adhere.
Work on the Fundamentals began in late 2018 with the launch of a two-streamed public consultation. Stream 1 sought the views of adult stakeholders including parents, educators, children’s rights organisations and industry, amongst others, on core data protection issues pertaining to children by means of a traditional online consultation document. Stream 2 sought to engage directly with children and young people in the classroom through a specially designed consultation process.
Following several months of in-depth academic and policy research and legal analysis, as well as further engagement with key stakeholders in the area of children’s rights, in December 2020, the DPC published a draft version of the Fundamentals and ran a public consultation on the document between 18 December 2020 and 31 March 2021, to give stakeholders a final opportunity to present their views. In total, 27 submissions were received in response to this consultation. Participating stakeholders came from a wide range of sectors, including technology and social media companies, children’s rights charities, public sector bodies and trade associations. A detailed report on the submissions received in response to this public consultation was published in November 2021, along with the DPC’s responses to the various thematic issues which emerged.
This final version of the Fundamentals rests heavily on significant consultations, expert input and stakeholder submissions, including from children themselves, and is an important step in terms of achieving the higher standards of protection for children’s personal data required under the GDPR. The DPC is determined to drive a transformation in how the personal data of children is handled and the Fundamentals represent an important stepping stone in this evolution.
The Fundamentals have immediate application and operational effect, now forming the basis for the DPC’s approach to supervision, regulation and enforcement in the area of processing of children’s personal data. The full guidance document can be found here.
Work to date on the Fundamentals for a Child-Oriented Approach to Data Processing:
- 19 December 2018, Public Consultation on the Processing of Children’s Personal Data and the Rights of Children as Data Subjects under the GDPR
- 28 January 2019, Know Your Rights and Have Your Say! Stream Two of the DPC’s Public Consultation on the Processing of Children’s Personal Data and the Rights of Children as Data Subjects under the GDPR
- 29 July 2019, “Some stuff you just want to keep private!” – Preliminary report on Stream II of the DPC’s consultation on the processing of children’s personal data and the rights of children as data subjects under the GDPR
- 09 September 2019, Whose Rights Are They Anyway? Trends and Highlights from Stream 1 of the DPC’s Public Consultation on Children’s Data Protection Rights
- 18 December 2020, Children Front and Centre: Fundamentals for a Child-Oriented Approach to Data Processing
- 19 November 2021, “Children Front and Centre: Fundamentals for a Child-Oriented Approach to Data Processing”: Report on Public Consultation
About the DPC
The Data Protection Commission (DPC) is the national independent authority in Ireland responsible for upholding the fundamental right of individuals in the European Union (EU) to have their personal data protected. Accordingly, the DPC is the Irish supervisory authority responsible for monitoring the application of the General Data Protection Regulation (GDPR), and we also have functions and powers related to other regulatory frameworks, including the Irish ePrivacy Regulations (2011) and the EU Directive known as the Law Enforcement Directive (LED). The statutory powers, duties and functions of the DPC are as established under the Data Protection Act 2018, which gives further effect to the GDPR, and also gives effect to the LED.
At LS Consultancy, we provide a cost-effective and timely bespoke advertising services including GDPR support services to make sure all your advertising and campaigns are compliant, clear and suitable for their purpose.
Our range of innovative solutions can be tailored to suit your unique requirements, no matter whether you’re currently working from home, or are continuing to go into the office. Our services can be deployed individually or combined to form a broader solution to release your energies and focus on your clients.
Why Not Download our FREE Brochures! Click here.
Call Us Today on 020 8087 2377 or send us an email.