The Kids Cyber Protection Code

In a digital age when many everyday actions generate data, the relation between privacy and data online is becoming highly complex and is affecting all ages and definitely the younger generations. The internet is a great way to connect with your friends and learn new things. But it's also important to stay safe. 

Children start facing privacy decisions and risks as soon as they enter the digital environment, long before their media literacy prepares them to make decisions in their own best interests. 

This in turn sets a significant media literacy challenge for children (and their parents and teachers) as they try to understand and engage critically with the digital environment. The available evidence also suggests that children are not fully aware of the threats coming from commercial entities that collect, record and aggregate data on their platforms, and nor do they fully understand how their data is used for economic profit by targeting ads or customising content. 

Now with the growing concerns over children’s privacy and the commercial uses of their data, it is vital that children’s understandings of the digital environment, their digital skills and their capacity to consent are taken into account in designing services, regulation and policy. 

New UK Code for Children On-Line
The long-awaited launch of a new code of practice to protect children’s privacy online has moved a step closer after Information Commissioner Elizabeth Denham has finally submitted the regulator’s plans to the Secretary of State.

The Age Appropriate Design Code of Practice, called the Kids Code, is designed to providers of apps, software programs, websites, games, connected toys and even devices without a screen which process personal data and are likely to be accessed by children in the UK.

The Government included provisions in the Data Protection Act 2018 (and GDPR) to create standards that provide proper safeguards for children when they are online.

However, the code requires approval from Parliament so will not be implemented until after the General Election. Current restrictions in the pre-election period mean that the submitted code will not be published until after a new Government is formed. The proposal follows around 450 responses to the draft code sent out for consultation in April and dozens of meetings with trade bodies, industry representatives, campaigners and individual organisations.

In a recent blogpost, Denham said: "Online services play an ever-growing part in our children’s lives, but the Internet was not designed for children. Our code aims not to protect children from the digital world, but instead protect them within it.

"We do not want to see an age-gated Internet, where visiting any digital service requires people to prove how old they are. Our aim has never been to keep children from online services. We want providers to set their privacy settings to ‘high’ as a default, and to have strategies in place for how children’s data is handled."

DataIQ:          LSE:        Childline:      UK Council For Child Internet Safety

You Might Also Read:

Websites To Be Fined Over 'online harms' Under New UK Law:

 

 

« Russia’s AI Mission Is State-Driven
Spyware Website Taken Down »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

ComSec LLC

ComSec LLC

ComSec perform threat assessments to identify vulnerabilities and help protect businesses against corporate espionage via electronic eavesdropping.

Libraesva

Libraesva

Libraesva secures email communications for organisations, helping them eliminate email borne threats, preserve email data and provide an environment for their people to communicate safely.

Zurich

Zurich

Zurich is a leading multi-line insurer providing a wide range of property and casualty, and life insurance products and services in more than 210 countries and territories.

Hyve

Hyve

Hyve provide a wide range of managed web hosting services including private, hybrid and public VMware cloud hosting.

Advanced Resource Managers (ARM)

Advanced Resource Managers (ARM)

ARM provide specialist recruitment services for technology and engineering including cyber security.

Wilson Sonsini Goodrich & Rosati (WSGR)

Wilson Sonsini Goodrich & Rosati (WSGR)

WSGR is the premier provider of legal services to technology, life sciences, and growth enterprises worldwide. Practice areas include cybersecurity and data protection.

IT Security House

IT Security House

IT Security House is a leading European supplier of Cyber Security Intelligence and eCrime services.

Wolfpack Information Risk

Wolfpack Information Risk

Wolfpack specialise in information and cyber threat management covering the full spectrum of prevention, detection, incident response and business resilience capabilities.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

Austrian Institute of Technology (AIT)

Austrian Institute of Technology (AIT)

AIT is Austria's largest research and technology organisation and a specialist in the key infrastructure issues of the future including data science and cybersecurity.

Isovalent

Isovalent

Isovalent deliver the most advanced Kubernetes networking & security capabilities to the most demanding of enterprise users.

IT-Seal

IT-Seal

IT-Seal GmbH specializes in sustainable security culture and awareness training.

Stronger International

Stronger International

Stronger International provides expert cyber services and training to organizations and individuals to enhance IT and security knowledge.

Strivacity

Strivacity

Strivacity lets brands quickly add secure login and identity management capabilities to their customer-facing applications without tying up an army of developers or consultants to do it.

Evo Security

Evo Security

Evo Security is an Identity and Access Management company focused exclusively on serving MSPs, MSSPs and their SMB and Mid-Market customers.

Codezero Technologies

Codezero Technologies

Codezero is at the forefront of microservices development, employing an identity-aware overlay network that delivers zero-trust security to DevOps.