Children’s data is unprotected as the internet fails to protect their security, a Guardian investigation has found.

Websites could be putting children at risk because they fail to require parental consent from users under 13-years of age and, moreover, have no way of knowing the age of users.

Research carried out by Agnes Nairn from the University of Bath found that 85 per cent of 20 web sites popular among children collected personal information from users, although 70 per cent made no effort to encourage parental involvement.

“It is very hard for kids to tell what information is being demanded and why,” commented Ms Nairn. “And the problem is, the kids themselves don’t care.”

In the US, the Children’s Online Privacy Protection Act 1999 prohibits online collection, use and disclosure of personal details of children under 13 without parental consent, but no such legislation exists in the UK.

The Direct Marketing Association was also found to provide little protection, as while it code states that “websites that are directed at children must not collect personal data from children under 16 years of age without first obtaining a parent/guardian’s verifiable and explicit consent” – this is impossible to enforce.ADNFCR-8000151-ID-18229475-ADNFCR

Related Topics: Business Data & Lists