The author of this article is Professor Eva Lievens, University of Ghent
In summary
- The United Nations Convention on the rights of the child (UNCRC) attributes rights and freedoms to children. These rights can be both supported and challenged by online services that use children’s data.
- Whilst the UNCRC is primarily addressed to governments, private organisations and companies also carry a responsibility to respect children’s rights.
- All decisions and actions that directly or indirectly affect children in the digital environment should actively take into account the child’s best interests as a primary consideration.
- This document helps online services to reflect on how children’s rights are affected. It also explains which elements needs to be considered when they carry out the “best interests assessment” and the data protection impact assessment (DPIA) required by the Children’s code.
- What is the United Nations Convention on the rights of the child?
- Who does the UNCRC apply to?
- What are the key principles at the centre of the UNCRC?
- What does the “best interests of the child” mean?
- Which rights and freedoms recognised in the UNCRC might be impacted when using online services?
- List of references
What is the United Nations Convention on the rights of the child?
The United Nations Convention on the rights of the child (UNCRC) was adopted in 1989. It is the most widely ratified human rights treaty in history. This is in itself an acknowledgement of the importance of children’s rights. The UNCRC embodies the idea that every child should be recognised, respected and protected as a rights holder and as a unique and valuable human being. It applies to all persons under the age of 18.
Since the adoption of the UNCRC, children’s lives have been transformed in many areas. Digital technologies have played an important part in that transformation. This was recognised in 2021 by the United Nations Committee on the rights of the child in its General comment No. 25 on the rights of the child in the digital environment. Children rely on digital technologies for:
- communicating with friends and family;
- playing;
- learning;
- expressing themselves; and
- exploring their identity and personality.
The UNCRC supports children in such activities by attributing them a wide range of rights and freedoms.
Many, if not all, of these rights are affected – positively and sometimes negatively – by the use of online services. For example, the collection and processing of children’s personal data by online services may help to personalise and enrich educational resources (right to education) and keep them safe (right to protection from violence). However, it can also result in discriminatory decisions (non-discrimination) and interfere with their private life (right to privacy).
Who does the UNCRC apply to?
The UNCRC addresses the State parties who have signed and ratified the Convention. This means that the government of each State needs to respect and guarantee the rights that are listed to each child by taking a wide range of measures. The UN Committee on the rights of the child General comment No. 16 recognises “that duties and responsibilities to respect the rights of children extend in practice beyond the State and State-controlled services and institutions and apply to private actors and business enterprises.”
States should ensure that businesses, such as providers of online services, take up their responsibility to:
- respect children’s rights; and
- prevent and remedy abuse of these rights in the digital environment.
The ICO was obliged to take the UNCRC into account when developing the Children’s code. It provides the framework for articulating and assessing how UK GDPR principles should be interpreted in the context of online services’ use of children’s data.
What are the key principles at the centre of the UNCRC?
There are four central principles that underpin the implementation of all the rights in the UNCRC:
- non-discrimination: the rights of all children should be ensured without discrimination of any kind;
- the best interests of the child: whenever decisions or actions are taken that affect children, the bests interests of the child must be a primary consideration;
- right to life and development of the child: all children should be enabled to develop in an optimal way: physically, mentally, spiritually, morally, and socially; and
- right to be heard: children should be able to express their views freely in all matters affecting them, to participate in all decision-making processes related to their lives, and to exert influence over such decisions in accordance with their age and maturity.
What does the “best interests of the child” mean?
Overall, the purpose of determining and assessing the best interests of the child is to ensure the full and effective enjoyment of all rights acknowledged by the UNCRC and the holistic development of the child. According to the Committee on the rights of the child, the concept of the best interests is dynamic and has three elements:
- a substantive right: the child’s best interests must be assessed and taken as a primary consideration when decisions or actions are taken that affect children;
- a fundamental interpretative legal principle: if a legal provision is open to more than one interpretation, the interpretation which most effectively serves the child’s best interests should be chosen; and
- a rule of procedure: the decision-making process must contain an evaluation of the possible impact (positive or negative) of the decision on the child or children concerned.
All decisions and actions that directly or indirectly affect children in the digital environment should actively take into account the child’s best interests. States should undertake such a best interests assessment when they adopt legislation about digital technologies. Technology companies or providers of online services must do the same when making decisions about products and services that are being used by children. This is part of the child rights and data protection due diligence that businesses should undertake.
In certain instances, they will need to take into account the best interests of an individual child. For example, when children report issues with how their data is used or exercise their data rights. In other circumstances, the best interests of an identified group of children or children in general, will need to be a primary consideration. This is the case when decisions are made about issues that do not relate to one specific child, but for instance, to the group of child users of a specific service. Vulnerabilities of certain groups of children may need to be considered (such as children with disabilities or children belonging to minority groups).
Taking the child’s best interests as a primary consideration entails a balancing exercise of the interests of all parties. The different interests need to be evaluated and balanced. The interests of an online service provider, for example, will need to be weighed against the interests of children. The child's interests have high priority. In the words of the Committee on the rights of the child, “a larger weight must be attached to what serves the child best”.
A best interests assessment is flexible, and organisations should adapt it to the decisions and actions on a case-by-case basis. It should take into account the specific circumstances, needs and diversity of the particular group of children or children in general. For example, it includes consideration of the child’s safety and protection from violence and exploitation, and requires an assessment of the possibility of future risk and harm.
Organisations must document the different elements and interests that they have evaluated. The decisions concerning children must be motivated, justified and explained. In the context of the Children’s code, such an assessment is a fundamental aspect of step 4 of the data protection impact assessment, which is obligatory for all organisations that fall within its scope.
Lastly, when conducting a best interests assessment, it is essential to engage children, listen to their views, and give these views due weight. Depending on the decision or action, organisations should involve the individual child, or listen to a representative sample of children (of the group), taking into account their evolving capacities. For providers of online services, this could take the form of:
- child user surveys;
- engagement with youth panels; or
- participatory or co-design research with children.
Where it is not feasible for providers of online services to seek the views of children directly, they can engage with organisations working for and with children, or up-to-date research that includes children’s views.
Which rights and freedoms recognised in the UNCRC might be impacted when using online services?
The UNCRC attributes a wide range of rights to children, many of which might be advanced and sometimes challenged when children use online services. According to the code, whenever an online service is likely to be accessed by children, organisations much undertake a data protection impact assessment (DPIA).
When conducting a DPIA it is important to look further than the right to privacy, which is often the most obvious right at stake, and assess the benefits and risks of the processing for all rights and freedoms of children.
Examples of children’s rights that might be supported when children use online services:
- The right to development (article 6 UNCRC). The development of children’s physical, mental, spiritual, moral, and social capacities and their transition into adulthood can be supported by online services.
- The right to be heard (article 12 UNCRC). Online services can provide children with a platform to make their voices heard, for example when participating in local or national policy- and decision-making. In the design phase of developing online services this right can be put in practice by providers of online services by engaging with children and taking their views into account when creating products and services.
- The right to freedom of expression (article 13 UNCRC). This right can be supported by offering children opportunities to seek, receive and impart information. Communicating, sharing and consulting information online are activities that children greatly value.
- The right to freedom of association and assembly (article 15 UNCRC). This right can be supported by offering children online spaces to meet, participate in communities of their choice, deliberate with others and advocate for their rights.
- The right to privacy (article 16 UNCRC). This right relates to identity development, self-representation as well as to the processing of a child’s personal data. Online services might provide children with opportunities to explore and shape their identities and to communicate and share information in private settings, by using avatars, pseudonyms or encrypted messaging services.
- Access to information and material from a diversity of national and international sources (article 17 UNCRC). Online services can play in important role in providing access to information by offering diverse and qualitative content for children to explore and enjoy.
- Rights of children with disabilities (article 23 UNCRC). Online services can help children with disabilities to build relationships with peers, access information and enhance their quality of life.
- Right to health (article 24 UNRCR). Online services can facilitate access to health services, support and information, also in times of health crises.
- The right to education (article 28 and 29 UNCRC). Online services can offer possibilities for education, learning and teaching literacy, both in formal and informal settings, in situ and remotely.
- The right to play (article 32 UNCRC). Online services can promote children’s rights to culture, artistic activities, rest, recreation, leisure and play.
Examples of children’s rights that might be at stake when children use online services:
- Non-discrimination (article 2 UNCRC). The UNCRC rights should be ensured for each child, including children with particular vulnerabilities (such as children with disabilities, children belonging to minority groups, refugee and migrant children or children in alternative care). Discrimination on the basis of sex, disability, socio-economic background, ethnic or national origin, language or other grounds must be prevented. Such discrimination might occur, for instance, when profiling and automated decision-making in the context of online services are based on biased or partial data or lead to discriminatory decisions.
- The right to development (article 6 UNCRC). The right to development might be hampered when children use online services, and in particular when such services profile children. Profiling children can limit their potential self-development in childhood, as predictions about them that do not necessarily correspond to their identity and beliefs may shape preferences, affect decisions and hinder experimenting.
- The right to freedom of expression (article 13 UNCRC). The use of content filtering systems can protect children from content that is believed to be harmful to them but at the same time restrict their freedom to seek, receive and impart information. Any restriction must be lawful, necessary and proportionate, and take into account the evolving capacities of children.
- The right to freedom of thought (article 14 UNCRC). This right might be impacted when systems are deployed that make and use inferences about a child’s emotions or inner state. A negative effect might also occur when news or content ranking hinders children to freely form thoughts and opinions.
- The right to privacy (article 16 UNCRC). Unlawful, unfair or untransparent processing of personal data, constant monitoring, tracking and surveillance, and unwanted disclosure of personal information or images might negatively affect the child’s right to privacy.
- Access to information (article 17 UNCRC). Prioritisation of content by online services for commercial or political purposes must not negatively affect children’s access to information.
- Protection from harmful content (article 17 UNCRC). Online services might provide access to content that is harmful to children or that encourages children to engage in harmful activities. Children must be protected from such content, with respect for children’s evolving capacities and without unduly affecting the child’s right to freedom of expression.
- The right to play (article 31 UNCRC). This right might be impacted by manipulative elements in games, for instance, when children are encouraged to spend more money or gamble or are exposed to inappropriate advertising or content.
- The right to protection from economic exploitation (article 32 UNCRC). This right might be impacted when children working in the digital environment are subjected to exploitative practices or when children are being taken unjust advantage of for commercial gain or profit.
- The right to protection from violence and sexual exploitation and abuse (article 19 and 34 UNCRC). Online services might be used to perpetrate violence against children or to sexually abuse or exploit them. Children should be protected from physical or mental violence, injury, sexual exploitation and abuse, trafficking, and recruitment by terrorist or violent extremist groups.
List of references
Buitelaar, J. (2018). Child’s best interest and informational self-determination: what the GDPR can learn from children’s rights. International Data Privacy Law. 8(4). 293–308.
Council of Europe (Committee of Ministers) (2016). Recommendation on human rights and business.
Council of Europe (Committee of Ministers) (2018). Recommendation CM/Rec(2018)7 of the Committee of Ministers to Member States on guidelines to respect, protect and fulfil the rights of the child in the digital environment.
Council of Europe (2020). Handbook for policymakers on the rights of the child in the digital environment.
Council of Europe (2021). Listen – Act – Change Council of Europe Handbook on children’s participation.
Data Protection Commission Ireland (2020). Fundamentals for a child-oriented approach to data processing.
Digital Futures Commission (2021). Child Rights Impact Assessment: A tool to realise children’s rights in the digital environment.
Lievens, E., & Verdoodt, V. (2018). Looking for needles in a haystack: key issues affecting children’s rights in the General Data Protection Regulation. Computer Law & Security Review. 34(2), 269–278.
Lievens, E., Livingstone, S., McLaughlin, S., O’Neill, B., & Verdoodt, V. (2018). Children’s rights and digital technologies. In U. Kilkelly & L. Ton (Eds.), International human rights of children (pp. 1–27). Singapore: Springer.
Savirimuthu, J. (2019). Datafication as Parenthesis: Reconceptualizing the Best Interests of the Child Principle in Data Protection Law. International Review of Law, Computers and Technology. 34(3). 310–341.
Stoilova, M., Livingstone, S. and Nandagiri, R. (2020). Digital by default: children’s capacity to understand and manage online data and privacy. Media and Communication, 8(4). 197–207.
Eekelaar, J. & Tobin, J. (2019). Art. 3 The best interests of the child. In: Tobin. J. (Ed.) The UN Convention on the Rights of the Child: A Commentary (pp. 73-106). Oxford: Oxford University Press.
Unicef (2018). Children’s Online Privacy and Freedom of Expression.
Unicef, the UN Global Compact and Save the Children (2012). Children’s Rights and Business Principles.
Unicef (2013). Children’s rights in impact assessments - A guide for integrating children’s rights into impact assessments and taking action for children.
United Nations Committee on the Rights of the Child (2003). General Comment No. 5 (2003) General measures of implementation of the Convention on the Rights of the Child (arts. 4, 42 and 44, para. 6).
United Nations Committee on the Rights of the Child. (2013). General comment No. 16 (2013) on State obligations regarding the impact of the business sector on children’s rights.
United Nations Committee on the Rights of the Child (2013). General comment No. 14 on the right of the child to have his or her best interests taken as a primary consideration (art. 3, para. 1).
United Nations Committee on the Rights of the Child (2016). General Comment No. 20 on the implementation of the rights of the child during adolescence.
United Nations Committee on the Rights of the Child (2021). General Comment No. 25 on the rights of the child in the digital environment.
United Nations Special Rapporteur on the right to privacy (2021). Artificial intelligence and privacy, and children’s privacy.
van der Hof, S. and Lievens, E. (2018). The importance of privacy by design and data protection impact assessments in strengthening protection of children’s personal data under the GDPR. Communications Law. 23(1). 33–43.
van der Hof, S., Lievens, E., Milkaite, I., Verdoodt, V., Hannema, T., & Liefaard, T. (2020). The child’s right to protection against economic exploitation in the digital world. The International Journal of Children’s Rights, 28(4). 833–859.
Verdoodt, V., & Lievens, E. (2017). Targeting children with personalised advertising : how to reconcile the (best) interests of children and advertisers. In G. Vermeulen & E. Lievens (Eds.), Data protection and privacy under pressure : transatlantic tensions, EU surveillance, and big data (pp. 313–341). Maklu.
5rights Steering Group (2021). Explanatory Notes to General comment no. 25 (2021) on children’s rights in relation to the digital environment.
5rights Steering Group (2021). Our Rights in a Digital World: A snapshot of children’s views from around the world.