The Age Appropriate Design Code requires data protection to be made a primary consideration when designing online services, from the point of inception. It sets out 15 standards that companies are expected to incorporate into services used by children, including apps, connected toys, games, and even educational websites.
The code was drafted by the Information Commissioner’s Office (ICO) and published in a “clarified and simplified” form last year, following initial publication of a draft in 2019. The ICO will also be responsible for enforcing the rules.
The measures cover transparency, default setting and data minimisation. The code states that privacy settings should be set to high by default and nudges (indirect suggestions) should not be used to encourage children to weaken their settings. It also says location settings that allow the world to see where a child is should also be switched off by default. Furthermore, data collection and sharing should...