Why all data governance needs to consider children’s rights
Last month, UNICEF published a Manifesto on Good Data Governance for Children, an initiative that was the result of a year of collaboration between a working group of 17 experts, many of them affiliated with the Berkman Klein Center for Internet & Society and UNICEF.
Why a focus on children?
We know that massive amounts of data are increasingly being collected about all of us virtually everywhere we go, as our lives become more entwined with technology. So what is special about children’s data, and why did we choose to focus on children in particular?
Children’s rights are afforded extra protections under international human rights laws such as the UN Convention on the Rights of the Child, and data processing impacts on virtually all areas of children’s rights to some degree. States, companies and guardians have a duty under existing international human rights laws to prevent children’s personal information and data from being used to exploit them or violate their freedoms. The main difference between general data governance and children’s data governance is the presumption that children cannot effectively advance and advocate on behalf of their own interests because of their age and capacity. That is why we believe that children’s data merit special protection and a distinct consideration in international, regional and national governance regimes.
Privacy and protection of children’s information and identities are particularly important as they grow and experiment by making different choices and exploring different preferences, and as they develop their personalities. Children need to be afforded the agency to define who they are for themselves, without having their future pathways predetermined or their learning styles unduly narrowed down by algorithms.
Governance of children’s data also presents some challenging questions in relation to consent and children’s agency over their own data. Children, depending on their age, may be less suited than adults to provide meaningful consent for their data collection and use. This is because children are often less able than adults to make mature decisions on data use that may impact their future in ways that are difficult even for adults to understand. This problem is compounded by a general lack of transparency in relation to how data is used by technology companies — it is rare to see terms and conditions of data collection explained in child-friendly language or translated into minority languages. Generally there is already a power imbalance between the public and governments, companies, or other institutions that process their data, and children are in an especially vulnerable position within these relationships.
On the flip side, we also wanted to focus on children’s data because we are excited about the potential for its use for good. We know that children’s data can support research, development and provisions of services, and poor data governance can lead to a loss of potential benefits for children. In an increasingly data-driven global economy good data governance for children is essential for children, for development, and for business.
What does good data governance for children look like, and how do we get there?
The working group members wrote a series of background papers that informed the manifesto, covering state surveillance and the implications for children, young people in the commercialized digital environment, data governance gaps in light of Covid-19, responsible group data for children, children’s rights by design, governance of student data, and exploration of a fiduciary approach to child data governance.
As part of tackling the question of what good data governance for children looks like, the working group took the manifesto through a series of regional workshops in the US, Europe, Asia, and Africa, which helped to flesh out ten key action points:
1. PROTECT children and their rights through child-centered data governance. Such data governance should adhere to internationally agreed standards that minimize the use of surveillance and algorithms for profiling children’s behavior.
2. PRIORITIZE children’s best interests in all decisions about children’s data. Governments and companies should give priority to children’s rights in their data collection and processing and storage practices.
3. CONSIDER children’s unique identities, evolving capacities and circumstances in data governance frameworks. Every child is different, and children mature as they get older, so data governance regulations must be flexible. Marginalized children must never be left behind.
4. SHIFT responsibility for data protection from children to companies and governments. Extend the protection measures to all children below the age of 18, regardless of the age of consent.
5. COLLABORATE with children and their communities in policy building and management of their data. Through distributed models of data governance, children and their communities should have more say in how data is processed, by whom it can be processed, and with whom it can be shared.
6. REPRESENT children’s interests within administrative and judicial processes, as well as redress mechanisms. It is imperative that children’s rights are integrated into existing mechanisms, such as the work of data protection authorities.
7. PROVIDE adequate resources to implement child-inclusive data governance frameworks. Data protection authorities and technology companies must employ staff who understand children’s rights, and governments should allocate funding for regulatory oversight.
8. USE policy innovation in data governance to solve complex problems and accelerate results for children. Policy innovation can help public authorities to make the most of data, while at the same time safeguarding children’s rights.
9. BRIDGE knowledge gaps in the realm of data governance for children. There are some urgent knowledge gaps that need further research to ensure that data governance regulations are evidence-based.
10. STRENGTHEN international collaboration for children’s data governance and promote knowledge and policy transfer among countries. This Manifesto calls for greater global coordination on law and policy. Uncoordinated national-level data governance laws can lead to competing assertions of jurisdiction and conflict.
At the time of writing, increased efforts are being made to regulate the technology sector in all regions. At the same time, promising local and national initiatives are exploring ways to manage data in the public interest. A key takeaway from this manifesto is that children’s rights need to be front and centre of all of these new data governance initiatives, rather than being side-lined. This is increasingly important in a world in which children’s data cannot always easily be distinguished from adult’s data, and children are often impacted by data processing even when they are not the primary intended users of a digital platform or service.
You can read the full manifesto here, which contains rich information about many of the child rights issues impacted by data processing and elaborates on the ten action points listed above.
Watch Urs Gasser, former Executive Director of the Berkman Klein Center for Internet & Society — Harvard University; Jasmina Byrne, Chief of Policy, Office of Global Insight and Policy — UNICEF; and Emma Day, UNICEF Consultant, discussing the manifesto here with a panel of experts:
- Julie Brill, Chief Privacy Officer, Corporate Vice President, and Deputy General Counsel of Global Privacy and Regulatory Affairs — Microsoft;
- Dorothy Gordon, Chair of the Inter-Governmental Council of the UNESCO Information For All Programme; and
- Riita Vanska, Specialist in the IHAN (Human-Driven Data Economy) Project — SITRA.
For further information contact Jasmina Byrne: jbyrne@unicef.org