Children and data protection law
Children and data protection law

The following Information Law practice note provides comprehensive and up to date legal information covering:

  • Children and data protection law
  • Key guidance
  • General obligations under the GDPR
  • Key concepts and definitions for the processing of children’s personal data
  • Child
  • Personal data
  • Parental responsibility
  • Best interests
  • Information society services (ISS)
  • The general approach to processing children’s data
  • More...

Brexit: On 31 January 2020, the UK ceased to be an EU Member State and entered an implementation period, during which it continues to be subject to EU law. During this period, the GDPR applies in the UK and the UK generally continues to be treated as an EU (and EEA) state for EEA and UK data protection law purposes. Any references to EEA or EU states in this Practice Note should therefore be read to also include the UK until the end of the implementation period. For further guidance on that period, its duration and the data protection laws that are anticipated to apply after the end of it, see Practice Note: Brexit—implications for data protection.

This Practice Note considers how the General Data Protection Regulation, Regulation (EU) 2016/679 (GDPR) as it applies in the UK should be complied with in regard to children’s personal data. The GDPR regime expressly recognises that the processing of children’s personal data requires specific protection and provides enhanced protection for children’s personal data. This Practice Note is also relevant to organisations which aren’t actively seeking to process children’s personal data (eg designing a product aimed at adults) since they will need to consider whether they may inadvertently end up processing childrens’ personal data (eg if a child accesses that service).

Anyone wishing to process children’s personal data in the

Related documents:

Popular documents