Every data controller and the data processor must process a child’s personal data in a way that safeguards their rights and interests, per the Personal Data Protection Bill.
The Personal Data Protection Bill has been posted online by the Ministry of IT and Telecommunication, and experts as well as regular people are being asked for their opinions. Some specific safeguards for the child data have been proposed by the Personal Data Protection Bill.
Personal Data Protection Bill 2023 states that because they are early adopters of new technologies and because they are “canaries in the coal mine for threats to us all,” children are also susceptible to the dangers of the digital world. As a result, the Data Protection Bill of 2023 ensures that children have additional protection for their data.
Every data controller and the data processor must process a child’s personal data in a way that safeguards their rights and interests, per the Personal Data Protection Bill.
Before processing any personal information pertaining to a child, the data controller or a data processor must confirm the child’s age and obtain their consent, as well as the consent of any other appropriate adult or person with parental responsibility.
The Data Protection Bill states that in order to set up the process for age verification and the parental consent to process children’s data, rules must be prescribed under subsection (2) of the bill.
The volume of the processed personal data, the proportion of that personal data that is likely to be of a child, the potential for harm to the child as a result of processing that personal data, and any additional factors that may be required should all be taken into account when processing children’s data.
The Bill states that neither a data controller nor a data processor may process any personal information about a child that is likely to endanger him. Children’s tracking, behavioural monitoring, and targeted advertising are not permitted by data controllers or processors.