22/05/2024Partner Carl Rohsler announces the publication of In Depth Gambling Law, published by Lexology
Memery Crystal Partner and leading gambling expert, Carl Rohsler, announces the publication of the ninth… Read more
16/09/2015
The Global Privacy Enforcement Network (GPEN), a network of more than 50 privacy enforcement authorities from over 40 countries, recently co-ordinated an internet sweep, where 29 authorities, including the UK Information Commissioners Office (ICO), reviewed websites and mobile apps targeted at, or that were popular among, children.
The aim of the sweep was to establish if websites and mobile apps were collecting personal information from children, and if so, the amount and type of information, the safeguards and controls in place regarding any collection of personal data and whether communications of this collection was tailored appropriately to a young audience.
Results of the sweep
The results of the privacy sweep were alarming. Approximately 41% of the 1,494 websites and mobile apps reviewed did not having acceptable controls in place and the GPEN considered that there was a ‘lack of information in privacy notices on how the information would be used’.
Other results from the review included:
Privacy authorities also noted concerns around the inappropriate nature of some advertisements on websites and apps aimed at children.
What now?
It is understood that privacy authorities will now consider whether further action is required against specific websites and apps, and whether or not there are cases that should be addressed by co-ordinated international action.
The ICO has announced that it will write to those website and mobile app publishers that caused concern, setting out clear instructions on the changes that will need to be made in order to comply with data protection laws. The ICO has not ruled out enforcement action against those that do not comply with its instructions.
What does this mean for websites and mobile apps targeted at children?
Greater care is needed when dealing with the personal information of children, so website and mobile app publishers should avoid using generic privacy policies and tailor them appropriately so that users know what data is being collected, why it is being collected and how this information will be used. The ICO highlighted the need for protective controls, such as parental dashboards, and pre-set avatars and/or usernames to prevent children inadvertently sharing their own personal information.
Guidance for website and app publishers targeting children
Closing thoughts
The results of GPEN’s privacy sweep show that websites and apps are failing to adhere to the data protection laws, both at a domestic and international level. It is clear that the ICO will not stand back and continue to allow websites and mobile apps to operate in this way and changes to websites and privacy policies will be required.
If you are concerned that you might not be fully compliant of your data protection obligations and would like further advice then please contact a member of our team.
Tim Ryan
This publication is not intended to be a comprehensive review of data protection obligations related to websites and mobile apps targeted at children.
Memery Crystal Partner and leading gambling expert, Carl Rohsler, announces the publication of the ninth… Read more
In this five-part audio series in association with The Gambling Law Review and Lexology, Partner and renowned gambling… Read more
In this five-part audio series in association with The Gambling Law Review and Lexology, Partner… Read more