<img src="https://certify.alexametrics.com/atrk.gif?account=b2hlr1ah9W20em" style="display:none" height="1" width="1" alt="">
    Get started

    What's a suitable age of consent in relation to GDPR?

    age of consent

    The age of consent, i.e when a child is required or able to give their consent for the processing of their own personal data under GDPR, Article 8, is 16 years of age, although member states are allowed to allocate their own age of consent, provided that this does not fall below the age of 13. In the UK, the age of consent has been taken to be 13, the lowest age that the GDPR will allow.

    Is that low enough? Or too high?

    The purpose of consent is to draw a line in the sand showing from which age onwards children can provide their own consent for the processing of their personal data. We tend to generally think about children’s data being used for social media purposes, such as the Instagram service, which is aimed at users who are at least 13 years of age, and even has an online form to enable the reporting of account users who are younger than that.

    However, children are unwittingly giving away rights to the private data and putting their online security at risk says the UK’s Children’s Commissioner.Blog: 5 steps to staying compliant when sharing data under GDPR

    A survey undertaken by the Commissioner’s Growing Up Digital taskforce revealed that nearly 50% of 8 to age of consent 11 year olds agreed to vague terms and conditions offered by social media firms, and that none of the children surveyed fully understood the terms and conditions of the Instagram service, which is used by more than half of 12 to 15 years and 48% of 8 to 11 year olds, with only half of these 8 to 11 year olds even being able to read the terms, which ran into more than 5,000 words over 17 pages of text. All of this, despite as mentioned above, Instagram being aimed at ages 13+ and with a reporting facility for users aged less than 13.

    According to Ofcom, 3 and 4 year olds spend 8 ¼ hours a week online, 12 to 15 year olds spend more than 20 hours and 70% of them have a social media profile.

    As with most adults, if I want to know anything about social media, I’ll ask a child member of my family or circle of friends, there are no greater experts in the use of social media sites than children – but experts in compliance we can tell from these statistics alone, they are not.

    Having said that, even common sense should tell us that children, even at the age of 13, cannot reasonably be expected to make informed choices about their rights relating to personal data, the world of data protection is a minefield, and filled with legal and compliance professionals who can debate the topics and intricacies of such for hours on end, yet under the UK’s enactment of GDPR, we will be allowing children as young as 13 to be making their own decisions regarding their own data protection.

    Clearly there is a need for parental intervention still, and for parents to at least provide guidance to their children in this topic, and interestingly enough, I am sure that the parents will do so when it comes to financial matters that these 13 year olds will be able to choose whether to provide or withhold their consent on, matters such as child bank accounts and child trust funds. Similarly, it will be interesting to see the direction in which financial services firms move when it comes to consenting children, who consent to receive marketing and promotional material, or who seek to restrict or withdraw consent, perhaps without any real understanding of the impact and consequences of such instructions. GDPR-compliance-training

    Leave a comment


    eBook: Essential Uncovered

    Skillcast Essentials is our best-selling library and there's a reason for that. Essentials library provides comprehensive coverage of the key compliance / conduct issues that companies in the UK face today.

    Request now

    How to use storytelling in compliance training for maximum impact

    Stories help us to connect with people and the world around us. They have the power to  engage us in a way simple narratives just can't. And we remember stories. I'll bet you still remember your ...

    Read More
    5 ways to fire up a culture of compliance

    Any company's biggest risk to attaining and maintaining full compliance with laws and regulations is the conduct of its people - we call this the people dimension of compliance. And against this ...

    Read More
    6 traits of effective compliance officers

    Protecting the ethical integrity of a company is the heart of the compliance officer’s role. And as regulators continue to clamp down on misconduct with higher fines, compliance officers are under ...

    Read More
    New infographic reveals a lack of transparency about political engagements

    Nearly three quarters of companies are failing to disclose how they engage with politicians, according to a new report by Transparency International UK. The 2018 Corporate Political Engagement Index ...

    Read More