Skip to main content
Home

Step 5: Identify and assess risks

Contents

Step 5: Identify and assess risks

We have carefully reviewed our processing and do not think that we carry out any activities that are likely to pose a significant risk to users. Specifically, we are satisfied, that the processing is not likely to give rise to any of the following harms:

  • access to websites offering age-inappropriate content or activities;
  • financial harm (eg advertising encouraging inappropriate or excessive spending online);
  • grooming or abuse;
  • inappropriate sharing of personal information, including via uploading content containing children’s personal data;
  • access to inappropriate goods;
  • discrimination (around price of products);
  • harassment, bullying, loss of social standing leading to self-esteem and mental health issues;
  • intrusion into private spaces and associated loss of privacy for the child;
  • inaccessibility of services or discrimination due to a disability; or
  • service lock-in ie unfair contractual terms. 

Describe source of risk and nature of potential impact on individuals.

Include as a minimum an assessment of particular risks to children as listed in the DPIA standard in the Children’s Code. You may need to consider separately for different age groups.

Likelihood of harm

Remote, possible or probable

Severity of harm

Minimal, significant or severe

Overall risk

 

Low, medium or high
  1. Personalised advertising that is set to on-by-default, done without adequate transparency and safeguards, or is against the best interests of the child (for example against the CAP code or Advertising Standards Agency standards) risking children’s right to protection from economic exploitation.
 possible significant medium
  1. Personalised advertising of age-inappropriate products that risks children’s right to protection from economic exploitation. Likely to be higher risk for younger children.
 possible minimal low
  1. On-by-default data sharing with other service users that exposes children to risk of physical or emotional harm (for example through stalking, bullying or harrassment) that risks children’s right to life, survival and development.
 possible minimal low
  1. Sharing of children's data with third parties for commercial gain, against the best interests of the child or without adequate transparency and due diligence risking children’s right to protection from economic exploitation.
 possible minimal low
  1. Online tools for children (and parents, for younger children) to exercise their data rights that are not transparent, not specific to the rights they support, or not provided, and that risk the children’s right to respect for their views.
 remote minimal low