Karlin Lillington: Facebook’s age of consent rule not worth a click

Much-hyped parental permission rule is tiny part of EU data protection directive

It was estimated that overall some 7.5 million Facebook users in 2012 were children under 13.
It was estimated that overall some 7.5 million Facebook users in 2012 were children under 13.

Teenagers will need their parents' permission to use Facebook!

If you were paying any attention to print and broadcast media in the past few days, you might have thought this was an unexpected, perhaps even dastardly move by Facebook (it was not, and Facebook had nothing to do with it).

Or, you might have picked up a bit more detail – that a new EU regulation on data protection could require children up to 16 to obtain parental permission to sign up for social media sites. Such was the media obsession with this one point, that anyone could be forgiven for believing this was the regulation’s only – or at the very least, its most important – feature.

The truth is less draconian than has been portrayed (though, fair play to Facebook and other social media companies for so successfully spinning this into panic headlines worldwide).

READ MORE

What has actually happened is this: after three years of vigorous debate, the EU has finally reached agreement on a critical piece of long-awaited legislation that lays out, in detail, the protections afforded to the data of European citizens, and the responsibilities of companies, governments, and any organisation storing or processing such information to safeguard that data.

Age of consent

The age of consent element is, despite the hullabaloo, one of the least dramatic elements in the new regulation, a major overhaul of the creaky, almost pre-web, unfit for purpose 1995 EU data protection directive.

That’s not to say the consent provision is either welcome or sensible, but it also isn’t as alarming as has been portrayed.

To begin with, for years now, children under 13 have been required to get parental permission to use data-gathering websites in the EU (as well as in the US, under the Federal Trade Commission’s Children’s Online Privacy Protection Act).

The new EU regulation continues with that existing requirement. But, in a last-minute amendment to the regulation that has annoyed many, and went against the wishes of the European Parliament, individual states now have the option to require such permissions for children up to 16.

But they are not legally obliged to raise the age under the regulation. What this means in practice is that most states are likely to leave the age at 13. Those that pushed for the amendment can bring in their own legislation, if they can get it through their own national parliaments.

But even those states that do choose an age between 13 and 16 will find it unrealistic – perhaps, impossible – to enforce such a rule. About all that can be done by social media or other sites to take the new regulations’s required “reasonable steps” to ensure teenagers are of legal age to use a site, is to ask them to click a box stating they are old enough.

Parental rules

And internationally, that has worked about as successfully in the past as parental rules requiring teens shut down their mobile phones at night, or refrain from texting during mealtime.

A study in 2012 – when Facebook’s own rules barred children under 13 from using the site – a parental survey by analyst MinorMonitor indicated that 38 per cent of all children using Facebook were, you guessed it, under 13. Four per cent were under six.

It was estimated that overall some 7.5 million Facebook users in 2012 were children under 13.

The fact is that most parents are unlikely to even know, or notice, that their teens – or even younger children – are using social media and other sites without their permission.

Yes, a certain amount of parental monitoring can be done – and should be done with children under 13 – but most kids are far more au fait with the web, apps and social media sites than their parents.

Many now have mobile phones and will access sites with these devices when parents aren’t around.

Unfortunately, vulnerable teens in search of information or support may be the most likely to suffer from age restrictions, if they are successfully applied. But still, it is hard to imagine how they could be.

From the viewpoint of the apps, social media sites and websites that gather data from minors, the new rule, if enacted by individual member states, may cause minor headaches. But service providers are required already to have provisions in place for the under-13s in Europe, provisions that have not thus far resulted in a slew of lawsuits. Making a few tweaks to up the age parameters may be annoying and ultimately, pointless, but it's hardly an operational crisis for companies.

In the bigger picture, the age of consent provision is only a very tiny element of a badly needed regulation that will bring in sweeping data protections, backed, importantly, with real regulatory teeth. These will benefit all EU citizens – including minors.