IGF 2023 WS #62 Data Protection for Next Generation: Putting Children First

Wednesday, 11th October, 2023 (08:30 UTC) - Wednesday, 11th October, 2023 (10:00 UTC)
WS 3 – Annex Hall 2

Data Governance & Trust
Data Privacy and Protection

Organizer 1: Ananya Singh, USAID Digital Youth Council
Organizer 2: Vallarie Wendy Yiega, 🔒
Organizer 3: Man Hei Connie Siu, 🔒International Telecommunication Union
Organizer 4: Keolebogile Rantsetse, 🔒
Organizer 5: Neli Odishvili, CEO of Internet Development Initiative

Speaker 1: Njemile Davis, Government, Western European and Others Group (WEOG)
Speaker 2: Edmon Chung, Technical Community, Asia-Pacific Group
Speaker 3: Sonia Livingstone, Civil Society, Western European and Others Group (WEOG)
Speaker 4: Theodora Skeadas, Civil Society, Western European and Others Group (WEOG)
Speaker 5: Emma Day, Civil Society, Western European and Others Group (WEOG)


Ananya Singh, Government, Asia-Pacific Group

Online Moderator

Man Hei Connie Siu, Civil Society, Asia-Pacific Group


Neli Odishvili, Civil Society, Eastern European Group


Round Table - 90 Min

Policy Question(s)

1. How do children in different age-groups understand, value, and negotiate their digital self and privacy online? What capabilities or vulnerabilities affect their understanding of their digital data and digital rights? 2. What is a good age-verification mechanism so that such a mechanism itself doesn’t lead to the collection of more personal data? 3. How can we involve children as active partners in the development of data governance policies and integrate their evolving capabilities, real-life experiences, and perceptions of the digital world to ensure greater intergenerational justice in laws, policies, strategies, and programmes?

What will participants gain from attending this session? Participants will first ‘un-learn’ the current trend of the universal (often, adult) treatment of all users, which fails to respect children’s ‘evolving capacity’, lumping them into over-broad categories (under-13s, under-18s). Attendees will be introduced to the ongoing debates on the ‘digital age of consent’ and on how age-verification mechanisms almost ironically lead to the collection of more personal data. Panelists will elaborate on children’s perception of their ‘data self’ and the many types of children’s privacy online. Participants will also be given a flavor of the varying national and international conventions concerning the rights of children regarding their data. As our speakers come from a range of stakeholder groups, they’ll provide the attendees with a detailed idea on how a multistakeholder, intergenerational, child-centred, child-rights based approach to data governance related policies and regulations can be created.


Now, even before children are born, their data finds its way into the world. From ultrasound images to baby cameras, from social media to search engines, from email address to IP address, from governmental use of biometric technology in birth registration and national ID systems to EdTech, massive amounts of children’s data are being collected every second as we speak. Hence, children’s data needs our special attention. The main difference between general data protection and children’s data protection is that children may be less aware of the risks, consequences, and safeguards concerned with and their rights in relation to the processing of personal data. They cannot effectively advance or advocate on their own behalf owing to their age and capacity. They are less suited than adults to provide meaningful consent for the collection and use of their data because technology companies are not known for explaining their terms and conditions of data collection in an uncomplicated, jargon-free, child-friendly language and/or in local languages. Most importantly, children need to be afforded the agency to define who they are for themselves, without having their future pathways predetermined or their learning styles unduly narrowed down by algorithms. This workshop aims to highlight the power imbalance between data-collecting institutions and children. It will take the discourse on children’s online safety beyond the usual cyberbullying and internet addiction, and call for attention to the need for more transparency and accountability in processing children’s personal data. Speakers will deliberate on existing policies on child data governance, identify gaps, assess the technical aspects of child data capture, storage, and use, cite case studies of children’s data collection and breach of privacy, enlist any applicable international children’s rights standards & conventions, and recommend how children’s trust and interests can be prioritised to create a child-centred data governance structure.

Expected Outcomes

Outcomes: 1. Shed light on the types of children’s data and privacy online 2. Critically analyse how a tiered Age-Appropriate Design Code could be conceptualised 3. Justify why child-centred data protection is the need of the hour 4. Identify the gaps in existing policies on child data and suggest corrective measures 5. Drive conversation towards real-life examples of children’s data collection and breach of privacy 6. Emphasize how international children’s rights principles, standards, and conventions can be applied to children’s personal data collection, processing, and profiling 7. Highlight best practices concerning children’s data protection, if any Outputs: 1. The session’s highlights and key takeaways will be published in a blog series on the NetMission.Asia website 2. The session discussions will inspire the creation of a learning document that may be shared with wider audiences including but not limited to international donors, media, civil society, private sector, government, and end users.

Hybrid Format: As the session begins, both onsite and remote participants will be encouraged to scan the mentimeter QR code to express their expectations from the session. Equal time will be given to online/onsite speakers. In case of slow internet connection, the online moderator will first turn off the speaker's video and if the issue still exists, the speaker may use Zoom's dial-in tool. The rapporteur will track the flow of online chat and include relevant points in the session report. Once the audience Q&A begins, online participants will be encouraged to use Zoom's Q&A feature and onsite attendees will be given microphones to ask questions. The onsite and online moderators will coordinate to ensure an alternating pattern of Q&A between onsite and remote participants/speakers. At the session’s end, the audience may provide feedback for the session by scanning the mentimeter QR code.