In today’s highly connected world, children start using the Internet at a young age and may not fully grasp the risks, or understand the consequences, of sharing their personal data. While parents play an important role in guiding and protecting children in this digital environment, organisations can also play a significant role in ensuring that the products or services that they offer adopt a data protection by design1 approach. This would ensure that children’s personal data are protected, and that they can safely benefit from participation in the online space.
These Advisory Guidelines clarify how the data protection provisions in the Personal Data Protection Act 2012 (“PDPA”) apply to children’s personal data in the digital environment. However, these Guidelines are not exhaustive, and not every section may be applicable to each organisation.
The Guidelines should be read in conjunction with Chapter 8 of the PDPC’s Advisory Guidelines on the PDPA for Selected Topics (Data Activities Relating to Minors) as it covers the application of the data protection obligations on general activities for minors (i.e. individuals who are less than 21 years of age). Organisations should continue to comply with all the relevant data protection obligations under the PDPA, even if not covered in the Guidelines.
Organisations are reminded that if there is any inconsistency between another written law and the data protection provisions in the PDPA, the other written law will prevail to the extent of the inconsistency.
Views: 0
