Changes are coming to the European law on personal data protection – time for penalties and child protection!

The European Parliament reports the ongoing talks on Tuesday have brought a “strong compromise” with the Council concerning the work on the high level of protection of personal data. This work relates to regulations and directives, which will be the subject of a vote in the Committee on Civil Liberties, Justice and Home Affairs.

What comes with new law?

“In the future, firms breaching EU data protection rules could be fined as much as 4% of annual turnover” – says Jan Philipp Albrecht MEP, Vice-Chairman of the Committee on Civil Liberties, Justice and Home Affairs. Moving beyond the revelation in our own backyard, it will be a quite significant change, since the current legal situation does not provide financial penalties. The provisions are merely an authorization of the Inspector General for Personal Data Protection to issue administrative decisions in accordance with the provisions on administrative enforcement proceedings against infringers. But it is not a financial penalty, which the EU authorities are expected to introduce with the new legislation.

However, member states have not reached a common position in determining the proposed minimum age of thirteen at which children will be able to independently use social networks. In the end, member states will be able independently establish their own boundaries between thirteen and sixteen years of age.

Thus, teenagers under 16 – depending on the political decisions in the particular member states – can be officially denied access to Snapchat, Instagram and Facebook if … they don’t obtain parental consent. Currently, all major social networking sites – in compliance with applicable European and American law – are available to thirteen year olds..

If everything works like a charm, the new regulations will be subject to a vote in the European Parliament in 2016, after which member sstates will have two years to implement the new rules into their national laws.

How does it look in practice and will the new regulations actually protect children?

Children aged thirteen and younger are using social networks by providing a false age during the registration process. Creating a new profile is extremely simplified and does not contain any mechanisms that would verify the data provided by the user. That is why – in my opinion – the amendment to the provisions will not compel children to suddenly ask their parents for permission for something which for many years were a part of their virtual lives and activities already. It seems more likely that smart and young users will quickly change their data in the account settings, than allow themselves to be thrown out of a particular social network. And if they are banned … they will just register a new account. Of course we need to appreciate the fact that the EU notes the problem of protecting children in cyberspace and shows us the increasing risks associated with the mindless sharing of ever-increasing amounts of data (often private) to social media as well as the impact of such media on child development. Probably however, this is not the right path.

It is worth asking now: is it not better to invest in the safety of children by raising the awareness of parents about the importance and necessity to monitor the activity of their children on the internet, rather than create a new box “to tick”?

Only a fraction of adults realize that corporations and social networks create databases with extremely valuable information on the behaviour of Internet users (and thus potential customers). Therefore we can assume that children are also unaware. Let our behaviour while surfing the web be guided by the thought: “Content thrown onto the internet once, remains there forever”, even if it is not entirely true and the newly available legal tools – including the “right to be forgotten” (request against search engine operators to remove certain data from their results) – allow for effective action. It is better to prevent than cure.