The AEPD has stressed the need to verify the age of minors online and the balance between privacy and protection of minors. In a world in which Internet access by minors is increasingly common, many parents fear about the type of content that their children will be able to view and that could have a negative or significant impact on their development.
I’n fact, every day many minors access inappropriate content online, such as pornographic content or social networks that entail risks such as cyberbullying or sxual harassment by adults (groaming).
In this sense, the Spanish Data Protection Agency (AEPD) has emphasized the need to implement effective Famous trademark registration services methods to prevent minors from accessing inappropriate internet pages and/or sharing sensitive information about themselves. without being aware of the risks that this entails.
Taking into account that a minor would fall within what the regulations consider as a group of vulnerable people who, due to their young age and inexperience, could face numerous risks that could significantly affect them, it is necessary to guarantee specific and forceful protection when Your data is processed by those responsible for the treatment.
In this regard, and after the publication of the General Data Protection Regulation (RGPD) and Law 3/2018, of December 5 , on the Protection of Personal Data and guarantee of digital rights (LOPDGDD), it was established that the processing of The personal data of a minor based on consent could only be carried out when he or she is over fourteen (14) years of age.
In the case of minors under fourteen (14) , the processing of their personal data based on the basis of legitimation of consent will only be lawful if the consent of the holder of parental authority or guardianship is established, in accordance with the provisions of the Civil Code.
That is, only those over fourteen (14) years of age or, if they are under that age, the parents or guardians of the interested party may legally grant their consent.
Although in recent years the legal and regulatory framework applicable in the European Union to guarantee greater safety for minors in the digital environment has evolved considerably, for practical purposes the age verification mechanisms and parental consent tools they remain ineffective in many cases.
To implement valid mechanisms, which do not lead to excessive data processing with the aim of verifying the user’s age, the French data protection authority (CNIL) issued a report of recommendations in which it is established that verification systems of age should be structured around five fundamental pillars:
- Data minimization
- Standardization and intervention of trusted independent third parties to avoid the direct transmission of identifying data to the owner of a site that offers, for example, pornographic content .
For its part, the proposes similar solutions such as having an independent third party verify the identity of the user by providing an official document (passport or driving license) and, once the age of majority has been verified, said information be encrypted or destroyed, so that it is only shared with the adult content service whether the user is of legal age or not.
In short, it is important to highlight the fundamental role of the control authorities in this sense, since their functions include promoting this issue and raising public awareness , as well as pursuing and reprimanding those responsible for the treatment who have not implemented the necessary tools to verify the age of its users when required.
At Letslaw by RSM, our team ofwill advise you on everything related to online age verification and other issues. Do not hesitate to contact us.