Abstract
The paper seeks to understand the contextual vulnerability of children in the digital ecosystem. This is done through understanding current issues through a conceptual understanding of privacy. Children constitute the most vulnerable stakeholders due to their lack of knowledge about privacy laws coupled with lack of legal attention being given to their interests. The paper seeks to highlight the shortcomings in existing data protection laws in India with respect to digital rights of children. We compare the Digital Data Protection Act in India to its European counterparts. Policy recommendations are arrived at through examination of provisions of other countries and adapting them in the Indian legal framework.
The policy recommendations explored include both structural and legal changes. The structural changes consist of setting up a nodal agency for data protection. It is required to publish regular reports regarding data breaches to ensure accountability of data controllers. Similarly, the mechanisms for age verification need to be improved in order to reduce under-age subscriptions to social media sites. The law must also define detrimental interests of children to prevent the invasion of children’s rights by the data controller. There should also be Data Protection Impact Assessment in order to identify the vulnerabilities
Introduction
In January 2023, there was a data breach on the website of Digital Infrastructure for Knowledge sharing app (DIKSHA). This is an app launched in 2017 to facilitate learning through online modules and interactive material. The cause of the data breach was that the cloud server storing data was left unprotected. Data compromised included personal information of both students and teachers. The full names of students and the area of school in which they studied was revealed. This is just one instance of children’s data being available in the public domain due to lack of adequate security of data servers .
Vulnerability of children in the online space is a global phenomenon. A report by Human Rights Watch (HRW, 2022) observes that 89% of EdTech products around the world engage in predatory data practices, putting children’s data at risk. Most EdTech companies send children’s personal information to third party advertising companies. This empowered the third party company to track an individual’s searching pattern and give out targeted advertisements. In this hostile online environment where the demand for children’s information is high, it is necessary for the government to come up with measures to specifically protect the data of children. However, the same study conducted by HRW revealed that 39 out of 42 governments procured the services of such EdTech companies. Some governments took a step further to make the use of such softwares mandatory . It is in this context that we need to study the position of children in India’s data protection framework. We look at the vulnerabilities which children face in the digital framework and why there is a need to pay special attention to their data. We subsequently lay down the legal evolution of the concept of privacy. We conclude by providing a comparison with the legal framework of other developed countries and provide policy recommendations on the same.
Click Here To Download The Paper
📌Analysis of Bills and Acts
📌 Summary of Reports from Government Agencies
📌 Analysis of Election Manifestos