Abstract
Children are increasingly the subject of data collection practices. A growing point of contention is the way in which the Internet of Things (IoT), and in particular the Internet of Toys, affects children and their rights to privacy and data protection. This chapter conducts an exploration of key fundamental rights and data protection legislation that are relevant to the Internet of Toys context in the United States and the European Union. Adopting a children’s rights perspective, it conducts an analysis of the US Children’s Online Privacy Protection Act, the EU General Data Protection Regulation and the future ePrivacy Regulation, and it reflects on their implementation and enforcement in practice. Finally, it makes a number of practical recommendations for Internet of Toys actors, policymakers and regulators.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Article 29 Working Party. (2017a). Opinion 01/2017 on the Proposed Regulation for the ePrivacy Regulation (2002/58/EC) WP 247.
Article 29 Working Party. (2017b). Guidelines on Data Protection Impact Assessment (DPIA) WP 248 REV 01.
Article 29 Working Party. (2018a). Guidelines on Automated Individual Decision-Making and Profiling for the Purposes of Regulation 2016/679 WP 251 REV 01.
Article 29 Working Party. (2018b). Guidelines on Consent under Regulation 2016/679 WP 259 REV 01.
Article 29 Working Party. (2018c). Guidelines on Transparency under Regulation 2016/679 WP 260 REV 01.
Borgesius, F. Z., & Lievens, E. (2019). Commentary Article 8 GDPR, Conditions applicable to child’s consent in relation to information society services. In M. Cole & F. Boehm (Eds.), Commentary on the general data protection regulation. Cheltenham: Edward Elgar (forthcoming).
Chaudron, S., Di Gioia, R., Gemo, M., Holloway, D., Marsh, J., Mascheroni, G., & Yamada-Rice, D. (2017). Kaleidoscope on the internet of toys—Safety, security, privacy and societal insights (No. EUR 28397 EN). Luxembourg: European Union.
Council of Europe, European Convention for the Protection of Human Rights and Fundamental Freedoms, 4 November 1950, ETS 5.
Council of Europe, Modernised Convention for the Protection of Individuals with Regard to the Automatic Processing of Individual Data, 10 0ctober 2018, CETS 223.
European Commission. (2017). Proposed regulation on privacy and electronic communications.
European Consumer Organisation. (2017). Proposal for a Regulation on Privacy and Electronic Communications (e-Privacy). BEUC Position Paper, BEUC-X-2017–059—09/06/2017.
European Data Protection Supervisor. (2017). Opinion 6/2017 on the Proposal for a Regulation on Privacy and Electronic Communications (ePrivacy Regulation).
European Parliament Committee on the Internal Market and Consumer Protection. (2017, October 23). Opinion on the proposal for a regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications).
European Union. (2012). Charter of Fundamental Rights of the European Union, 26 October 2012, /C 326/02.
Federal Bureau of Investigation. (2017, July 17). Consumer notice: Internet-connected toys could present privacy and contact concerns for children. https://www.ic3.gov/media/2017/170717.aspx.
Federal Trade Commission. (2013a). Children’s online privacy protection rule (‘COPPA’). 26 February 2018. https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childrens-online-privacy-protection-rule.
Federal Trade Commission. (2013b). FTC grants approval for new COPPA verifiable parental consent method. 26 February 2018. https://www.ftc.gov/news-events/press-releases/2013/12/ftc-grants-approval-new-coppa-verifiable-parental-consent-method.
Federal Trade Commission. (2015). Complying with COPPA: Frequently asked questions. 26 February 2018. https://www.ftc.gov/tips-advice/business-center/guidance/complying-coppa-frequently-asked-questions.
Federal Trade Commission. (2018a, February 26). VTech Electronics Limited. https://www.ftc.gov/enforcement/cases-proceedings/162-3032/vtech-electronics-limited.
Federal Trade Commission. (2018b, February 15). Electronic toy maker VTech settles FTC allegations that it violated children’s privacy law and the FTC act. https://www.ftc.gov/news-events/press-releases/2018/01/electronic-toy-maker-vtech-settles-ftc-allegations-it-violated.
Future of Privacy Forum, & Family Online Safety Institute. (2016). Kids & the connected home: Privacy in the age of connected dolls, talking dinosaurs, and battling robots. https://www.fosi.org/policy-research/kids-connected-home-privacy-age-connected-dolls-talking-dinosaurs-and-battling-robots/.
Gray, S. (2017). Federal trade commission: COPPA applies to connected toys. February 26, 2018. https://fpf.org/2017/06/26/federal-trade-commission-coppa-applies-connected-toys/.
Halzack, S. (2015, March 11). Privacy advocates try to keep ‘creepy,’ ‘eavesdropping’ Hello Barbie from hitting shelves. Washington Post.
Harris, M. (2016, May 26). Virtual assistants such as Amazon’s Echo break US child privacy law, experts say. The Guardian.
Holloway, D., & Green, L. (2016). The internet of toys. Communication Research and Practice,2(4), 506–519. https://doi.org/10.1080/22041451.2016.1266124.
Huggler, J. (2017). Germany bans internet-connected dolls over fears hackers could target children. http://www.telegraph.co.uk/news/2017/02/17/germany-bans-internet-connected-dolls-fears-hackers-could-target/.
Information Commissioner’s Office. (2017). Consultation: Children and the GDPR guidance. https://ico.org.uk/media/about-the-ico/consultations/2172913/children-and-the-gdpr-consultation-guidance-20171221.pdf.
Jolin, D. (2017). Would you want a robot to be your child’s best friend?https://www.theguardian.com/technology/2017/sep/10/should-robot-be-your-childs-best-friend?CMP=twt_a-technology_b-gdntech.
Lievens, E., Livingstone, S., McLaughlin, S., O’Neill, B., & Verdoodt, V. (2018). Children’s rights and digital technologies. In U. Kilkelly & T. Liefaard (Eds.), International human rights of children. https://doi.org/10.1007/978-981-10-3182-3_16-1
Lievens, E., & Verdoodt, V. (2018). Looking for needles in a haystack: Key issues affecting children’s rights in the general data protection regulation. Computer Law & Security Review,34(2), 269–278.
Livingstone, S., & Haddon, L. (2009). EU kids online: Final report. LSE. London: EU Kids Online (EC Safer Internet Plus Programme Deliverable D6.5).
Livingstone, S., & O’Neill, B. (2014). Children’s rights online: Challenges, dilemmas and emerging directions. In S. van der Hof, B. van den Berg, & B. Schermer (Eds.), Minding minors wandering the web: Regulating online child safety (pp. 19–38). The Hague and The Netherlands: Springer with T. M. C. Asser Press.
Lupton, D., & Williamson, B. (2017). The datafied child: The dataveillance of children and implications for their rights. New Media & Society,19(5), 780–794.
Manning, C. (2016). Challenges posed by big data to European data protection law. http://dx.doi.org/10.2139/ssrn.2728624.
Mascheroni, G., & Holloway, D. (2017). The internet of toys: A report on media and social discourses around young children and IoToys. DigiLitEY.
McReynolds, E., Hubbard, S., Lau, T., Saraf, A., Cakmak, M., & Roesner, F. (2017). Toys that listen: A study of parents, children, and internet-connected toys. ACM Press. https://doi.org/10.1145/3025453.3025735.
Milkaite, I., & Lievens, E. (2018, May). GDPR is here: Mapping the GDPR age of consent across the EU. Better Internet for Kids. https://www.betterinternetforkids.eu/web/portal/practice/awareness/detail?articleId=3017751.
Montgomery, K., & Chester, J. (2017). Data protection for youth in the digital age: Developing a rights-based global framework. European Data Protection Law Review,1(4), 277–291.
Montgomery, K. C., Chester, J., & Milosevic, T. (2017). Ensuring young people’s digital privacy as a fundamental right. In International handbook of media literacy education. London: Routledge.
Newcomb, A. (2017). That chatty smart toy your kid loves is now part of an FBI alert. February 18, 2018. https://www.nbcnews.com/tech/security/fbi-warns-parents-privacy-risks-internet-connected-toys-n784126.
Rouvroy, A. (2016). ‘Of data and men’: Fundamental rights and freedoms in a world of big data. Council of Europe, T-PD-BUR(2015)09REV.
Tabor, A. J. (2013). Imperium, LLC proposed verifiable parental consent method application. https://www.ftc.gov/sites/default/files/attachments/press-releases/ftc-grants-approval-new-coppa-verifiable-parental-consent-method/131223imperiumcoppa-app.pdf.
Turner, K. (2016, June 6). Analysis: The internet of things has a child privacy problem. Washington Post.
UN Committee on the Rights of the Child. (2014). Report of the 2014 day of general discussion “Digital media and children’s rights”.
UN General Assembly, Convention on the Rights of the Child, November 20, 1989,1577 UNTS 3.
UN General Assembly, International Covenant on Civil and Political Rights, December 16, 1966, 999 UNTS 171.
UN General Assembly, Universal Declaration of Human Rights, December 10, 1948, 217 A(III).
United States Congress. (1998). Children Online Privacy Protection Act, 15 U.S.C. §§ 6501–6506.
van der Hof, S. (2017). I agree … Or do I?—A rights-based analysis of the law on children’s consent in the digital world. Wisconsin International Law Journal,34(2), 101–136.
van der Hof, S., & Lievens, E. (2018). The importance of privacy by design and data protection impact assessments in strengthening protection of children’s personal data under the GDPR. Communications Law, 23(1), 33–43.
van Hoboken, J., & Zuiderveen Borgesius, F. J. (2015). Scoping electronic communication privacy rules: Data, services and values. JIPITEC, 6, 198.
Verdoodt, V., & Lievens, E. (2017). Targeting children with personalised advertising: How to reconcile the best interests of children and advertisers. In G. Vermeulen & E. Lievens (Eds.), Data protection and privacy under pressure: Transatlantic tensions, EU surveillance, and big data. Antwerp: Maklu.
Vincent, J. (2015). This ‘smart’ Barbie is raising concerns over children’s privacy. https://www.theverge.com/2015/3/16/8223251/hello-barbie-speech-recognition-privacy.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 The Author(s)
About this chapter
Cite this chapter
Milkaite, I., Lievens, E. (2019). The Internet of Toys: Playing Games with Children’s Data?. In: Mascheroni, G., Holloway, D. (eds) The Internet of Toys. Studies in Childhood and Youth. Palgrave Macmillan, Cham. https://doi.org/10.1007/978-3-030-10898-4_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-10898-4_14
Published:
Publisher Name: Palgrave Macmillan, Cham
Print ISBN: 978-3-030-10897-7
Online ISBN: 978-3-030-10898-4
eBook Packages: Social SciencesSocial Sciences (R0)