By Simone van der Hof, Kruakae Pothong, Sonia Livingstone
In search of good recipes for realising child rights in the digital environment, the Digital Futures commission has reviewed various policy documents, standards and regulations intended to make digital technologies more trustworthy in general and, importantly, more respectful of child rights. We identified Code Voor Kinderrechten (the Dutch Code for Children’s Rights) as offering comprehensive child-rights guidelines for digital innovators. The code sets out 10 guiding principles for designers and developers to embed children’s rights in their digital products and services. We interviewed Professor Simone van der Hof to gain insights into the intention and ambition of the Code.
SI We were commissioned by the Dutch Ministry of Internal Affairs and Kingdom Relations to develop the children’s rights code. The inspiration came from the Age-Appropriate Design Code (now Children’s code) in the UK. The code was developed based on the research on children’s rights and digital technologies that was carried out over the years. On top of that we talked to experts, we talked to developers, we talked to children. Then we came up with the 10 principles based on children’s rights, data protection law and consumer law. Each principle explains how it is embedded in the law and provides practical guidelines for implementation.
KR Who’s the intended audience for the code?
SI The intended audience is designers and developers of digital technologies that impact children as the first audience. But obviously, it’s interesting for a lot of other people as well, like CEOs of tech companies and their marketing departments, privacy lawyers, regulators and policymakers. In the Dutch parliament the question was raised whether a code can be developed at the European level so that the principles are more widely supported. We also would like to turn it into an awareness instrument for parents and children. Moreover, we have been asked to extend the code to education and issues concerning child abuse.
KR And might it be become mandatory?
SI Although the code itself is not mandatory, the laws on which it is based are. However, a Dutch parliamentarian raised the question of making the code mandatory since many digital services are not appropriate for children. That’s not a surprise to you, I’m sure. Interestingly, the code is used in the summons of two collective actions (1 and 2) against TikTok that have been initiated in the Netherlands last year. These summons use the code to interpret the law from a children’s rights perspective and to show that what is happening on TikTok is not in line with the rights that children have.
SO I wonder if you see a gap between what’s legally required and what’s technically possible?
SI It’s always a bit of a struggle. Although some practices are not allowed under the law, it is not always easy to have the law enforced. It must be a priority for regulators or fall within their remit. And in a court case, it will have to be proven that children are harmed, which is not easy. Therefore, having the conversation with designers and developers on how to design in a way appropriate for children is a more constructive approach.
KR There is a lot of emphasis on privacy and data protection in the code. What’s the rationale?
SI Because the inspiration, obviously, was the Age-Appropriate Design Code. However we have also focused on consumer law. They are different areas of law but they must be more connected given the business models of tech companies and how these impact design. We see a merging of dark patterns and data-driven design choices that raise both consumer law and data protection issues. For example, in-game behaviour is monitored to match gamers in a way that increases the likelihood of them making in-game purchases. A greater focus on both these areas of law can impact design considerably and make it more appropriate for children.
KR What about children’s other rights and other principles?
SI In the code, the best interest principle of the UN Convention is the starting point for designing apps and games that impact children. It’s very important to make sure that a child rights impact assessment (CRIA) is carried out whenever a digital service impacts children and preferably it must be an explicit legal obligation. A CRIA must be part of the toolbox set for designers and developers.
SO We began a discussion with the ICO about best interests – have you seen their best interests framework for the Age-Appropriate Design Code? It is hard to give advice to providers in a way that doesn’t become a tick-box exercise yet but is practical.
SI To be honest, I would already be very happy with the tick-box because it is more than what is happening now. But it’s certainly not enough and maybe you would rather want to work with best practices.
SO Best practices can be worrying because they go out of date and because people don’t agree on what is best practice, or it can look as if you’re being partisan to a particular company or particular brand.
SI The best practice should not become a stamp of approval. You will still need to constantly look at what the impact is. Because often you won’t know until children start using an app. You still would want to have a toolbox of, if you run into this, this is the way you can solve it. That would also need to be a living document. Technologies develop so fast, and you need to stay on top of that.
KR With the emphasis on the right to privacy in the digital environment, are you portraying privacy as an enabler of other rights?
SI Yes, to a certain extent. You can also see that in the code, where we explain how children’s rights are relevant, starting from the general principles. Two of those have become principles in the code itself: the best interests principle and the right to be heard. All the principles in the code are very much connected to other rights like the right to health, the right to play, the right to protection against economic exploitation. The UN Convention is not widely known in these other areas. I’m a law and technology lawyer. But there is not a lot of law and technology lawyers aware of children’s rights.
SO On the right not to be economically exploited, this takes us back to the business models and the providers who will say, if you don’t let me profile the child, target them with advertising, sell their data, etc., how am I going to make any money? There’ll be no products for children. If businesses say, look, I’m just making money, but I’m not exploiting the child, what’s civil society’s response?
SI That’s a very good question and maybe something to develop further also. Is it even possible to change the business models that a lot of these apps are built upon?
KR On that note, your engagement with the gaming community would be very interesting. If they are focussing on behavioural design, there is a business model sitting behind that. And if you manage to get them to become aware of dark patterns, would that change the business model?
SI Take games. They’re designed in a certain way to make them engaging, to make sure that people stay on the platform. If I say this element is unfair, it might not be easily possible to just take it out. Sometimes it is, as we saw, with loot boxes after they were banned in the Netherlands and Belgium. Sometimes, however, design is so intertwined with the game that it can be difficult to change this. That’s why you need to start early in the design process to look into the impact that certain choices in your technical architecture might actually have on people. Those choices are not just technical choices, they’re also choices about how to make money with the game. So early on, do an impact assessment on and maybe look at other games, how they do it; there’s examples out there that do a good job.
Professor Simone van der Hof is the professor of law and digital technologies at the Centre for Law and Digital Technology (eLaw). Her research and academic expertise spans the areas of children’s rights and digital technologies. Her recent research focuses on data protection and consumer law in relation to children’s rights, including the Children’s Rights Code, euCONSENT project to develop child-friendly age verification and parental consent and behavioural design in video games.