As a society we have to face up to some uncomfortable realities . A child can get onto a harmful, pornographic website within three clicks. Young people often share personal or inappropriate images of themselves online and through social media. Children can be groomed online for sexual abuse. Commercial companies sell and exploit the digital footprint of children. And parents are often in the dark. At a basic level, many parents tell us they don’t know what’s the best age to give their child a phone.
It’s a hot topic of late but actually, the digital age of consent is the least relevant and least important of a suite of measures being proposed as part of the Data Protection Bill which is before our Oireachtas right now. This is happening to bring Irish law into line with an EU regulation - ‘the GDPR’ for short - which will come into force later this month. With no proper research or evidence, the digital age of consent was parachuted into the GDPR at the eleventh hour.
The age of digital consent is the age at which a child can give their consent to a platform or online service to collect and profile their information. In the US, a digital age of consent was introduced to deal with excessive marketing by industry. The age was set at 13 for political reasons but in time they found that this just wasn’t enough to protect children.
Most children were able to bypass verification mechanisms with the result that they were using services and platforms that their parents had no idea about. And many services just decided that their service wasn’t for children with the result they didn’t need to seek parental consent. We’ve seen this happen in Ireland in the last two weeks.
WhatsApp Messenger decided to raise their user age to 16. No great victory there. It just means they don’t have to seek parental consent now at all. The onus is on parents to make sure that their children aren’t using the service if they are underage.
The truth is that the EU failed to offer proper guidance on how to deal with the fact that huge amounts of children lie about their age online. The GDPR does not specify what age verification measures providers must put in place to verify a child’s age. And without this set out, we’re concerned that children could be seriously exposed. The EU was warned by the European NGO Alliance for Child Safety Online that their failure to deal with this could result in failed prosecutions for online grooming of children. Children may lie to get onto these sites and child abusers could argue they honestly thought that the child wasn’t underage. We can’t risk this.
The GDPR also failed to outline exactly which services providing vital counselling and preventive supports could be exempted from this duty. In fact, the EU didn’t even have any research to justify either 16, 15, 14 or 13 as the digital age of consent. What a mess.
We will have to wait several years for the research to emerge. We’ll also have to wait for any proper guidance from the EU. That’s why the Joint Oireachtas Committee on Justice and Equality recommended 13 as the age of digital consent and called for the Government to keep it under review. It wasn’t because of some daft misguided notion. It was because the proposal from the EU wasn’t properly worked out.
As parents of course, what gets us most is the fact that the digital age of consent only gives parents the right to hand over their child’s data for commercial exploitation. If a parent says no, their child is cut off from the platform or service. That’s just not fair. And as evidenced in recent reports covering data breaches, many people and parents don’t even know what they are handing over. A children’s rights approach wouldn’t set an age at all because children and young people are different. It would put the onus back on providers not to exploit children commercially.
Today, the Dáil will get to vote on the Data Protection Bill and proposals to prohibit the commercial exploitation of children’s data. We call on Oireachtas members to support this approach. But we also call on the Dáil to take its time when considering the age of digital consent. The rush to 16 could result in unintended consequences. There may be a need to raise the age of digital consent in time but we must iron out any problems with it now.
We need to get the political focus back on measures that can truly protect children. Exposure to pornography has come out in studies as the number one issue children found upsetting online. And yet we’ve done nothing as a country to make it off limits.
We still have no Digital Safety Commissioner in place. There is still no public body at the moment with the power to regulate the online world to make children safe. No one has the power to compel social media platforms or the broadband providers that we all use every day to prevent a child from engaging in harmful content online. No one has the power to set down codes of conduct for online providers. And that’s just not good enough. We need political leadership at the highest levels on this and we need it now.
The internet has been called the biggest social experiment in history. We owe it to our children to make sure that they are not unwitting, involuntary guinea pigs.
Fergus Finlay is the Chief Executive of Barnardos. Grainia Long is the Chief Executive of the ISPCC and Tanya Ward is the Chief Executive of the Children’s Rights Alliance