Resolution on set up of joint actions of awareness and education of youngsters at an European and international level
adopted by
the European Privacy and Data Protection Commissioners’ Conference
29 – 30 April 2010, Prague
As the United Nations Convention on the Rights of the Child of 20 November 1989 has just celebrated its twentieth anniversary, we must acknowledge that the United Nations’ challenge to build a “world fit for children” remains unfulfilled. This is particularly true concerning the protection of children’s privacy in the digital era.
Today, in Europe and all over the world, youngsters use the Internet and other means of communication daily to exchange messages, photos, videos and other information, which are data that may concern them directly or that may concern for instance their friends, their parents or their teachers. These new means of communication can contribute to a better dissemination of ideas and knowledge. However, most of the time, youngsters (as well as adults) are unaware that the personal data they communicate leave traces that reveal their life habits and their behaviour. These personal data may be used for commercial and profiling purposes and even, in some cases, for criminal purposes.
Moreover, despite the fact that some social networks require a minimum age of 13 to register, youngsters under that age are present in significant numbers on these networks.
To face the major challenges posed by these developments, it has become imperative for our authorities to supervise and to oversee the activities undertaken by social networks and by other actors of the world of information and communication technologies. Social network providers’ practices are too often based on a so-called “free and informed consent” using information notices which are complex and unreadable, especially for youngsters. Such practices do not provide an adequate level of protection for the respect of children’s rights. Moreover more effective measures should be adopted to ensure that the right to oblivion, in particular through the right to obtain the deletion of personal data, is guaranteed in practice in a more satisfactory manner for youngsters.
At the same time, our authorities must orientate their action towards youngsters themselves. Making young generations aware of the dangers inherent in new technologies and making them aware of a socially responsible use of these new technologies, respecting themselves and others, in particular their privacy (and their personal data), must become an objective of utmost importance for our European societies.
Several actions have been undertaken in that direction both at international and national level.
Thus, during the thirtieth International Conference of data protection and privacy Commissioners held in Strasburg, in October 2008, two resolutions on social networks services and on children’s online privacy were approved by 60 supervisory authorities’ representatives of all the continents. In March 2008 the International Working Group on Data Protection in Telecommunications (Berlin Group) had adopted the “Rome Memorandum” on social network services1. The Committee of Ministers of the Council of Europe2, comprised of 47 Member States, and the Article 29 Working Party of the European Union3 are also involved in this issue.
In addition, the European Commission set up the Safer Internet programme4 which aims at financing projects to create a protection framework for communication services such as networking sites. It also developed the “Safer Social Networking Principles for the European Union”5. The implementation of these principles, on a voluntary basis and through self-declarations of compliance, is a positive step. It is necessary to go further so that these principles become a corpus of binding rules applicable to all social networks.
At a national level, in Europe and beyond, many countries have already carried out innovative solutions with regard to the education and awareness of children. It is necessary to promote and learn from these initiatives, at an international level, in order to extend these pro-active policies.
Therefore, the European Conference of data protection and privacy Commissioners reaffirms its resolution to take all the necessary measures to ensure real and effective protection of children’s online privacy, in particular on social networks. More particularly, the European Conference encourages:
- european data protection authorities to develop tools in order to take into account the specificity of the protection of youngsters’ privacy, in particular by promoting the adoption by data controllers of privacy policies easier to read and to understand for youngsters;
- government initiatives to develop specific regulations to protect, in a strengthened manner, youngsters’ personal data and privacy;
- government initiatives to introduce awareness of the main principles of personal data protection as a compulsory element in schools education programmes;
- the creation of training modules dedicated to the protection of personal data in higher education, the training of competent staff to educate youngsters, and also the creation of specific structures, clearly identified and visible for the public, with regard to youngsters’ awareness;
- the cooperation and exchange of information between data protection authorities, at a European and global level, in order to develop measures to educate youngsters and to draw up an overview of the tools developed in the various European countries for improving awareness.
Notes:
______________________________________________________________________
2 See the Declaration on protecting the dignity, security and privacy of children on the Internet dated 20 February 2008:
URL link https://wcd.coe.int/ViewDoc.jsp?Ref=Decl(20.02.2008)&Language=lanEnglish&Ver=0001
3See opinion 2/2009 dated 11 February 2009 on the protection of children's personal data
(URL link http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2009/wp160_en.pdf) and the opinion 5/2009 dated 12 June 2009 on online social networking (URL link http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2009/wp163_en.pdf);
4 Decision No 854/2005/CE of 11 May 2005 and Decision No 1351/2008/EC of the European Parliament and of the Council establishing a multiannual Community programme on protecting children using the Internet and other communication technologies.
5 URL link http://ec.europa.eu/information_society/newsroom/cf/itemdetail.cfm?item_id=5565