Children and data protection law
Children and data protection law

The following Information Law practice note provides comprehensive and up to date legal information covering:

  • Children and data protection law
  • General obligations under the UK GDPR and EU GDPR
  • Key concepts and definitions for the processing of children’s personal data
  • Child
  • Personal data
  • Parental responsibility
  • Best interests
  • Information society services (ISS)
  • The general approach to processing children’s data
  • ICO checklist—general approach to processing children’s personal data
  • More...

This Practice Note considers how the UK data protection law should be complied with in regard to children’s personal data.

On 31 January 2020, the UK ceased to be a member of the EU and EEA. Given the extensive data flows between the EEA and UK, equivalent EEA data protection laws will remain of particular interest to UK practitioners. In relation to the subject matter of this Practice Note, there is great similarity between:

  1. the General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) (applicable under UK laws until the end of the Brexit implementation period at 11 pm UK time on 31 December 2020 and remaining applicable in the EEA thereafter), and

  2. the UK General Data Protection Regulation, Retained Regulation (EU) 2016/679 (UK GDPR) (applicable under UK laws from the end of the Brexit implementation period and largely based on the EU GDPR)

Therefore, this Practice Note also addresses equivalent requirements under the EU GDPR at high level to assist UK practitioners who may need to consider the position under either. It refers to both as ‘GDPR regimes’ for convenience where there is no need to distinguish them.

Note that:

  1. this Practice Note considers equivalent provisions under the EU GDPR applicable in EEA states at the supranational level only—the EU GDPR allows EEA states to implement a number of national derogations and you should refer

Related documents:

Popular documents