---

Age checks ‘must protect children’s data’

The Data Protection Commission (DPC) has welcomed a recent statement adopted by the European Data Protection Board (EDPB) on age assurance.

The statement, adopted at the EDPB’s February meeting, lists ten principles for the compliant processing of personal data when determining the age or age range of an individual.

The board said that its statement was aimed at ensuring a consistent European approach to age assurance, to protect minors while complying with data-protection principles.

The Irish watchdog was a co-rapporteur on the statement.

‘Least intrusive’ method

EDPB chair Anu Talus said that age assurance was essential to ensure that children did not access content that was inappropriate for their age.

“At the same time, the method to verify age must be the least intrusive possible and the personal data of children must be protected.

“The principles put forward by the EDPB will help the industry to assess an individual’s age in a way that is compliant with data-protection principles, while protecting children’s wellbeing,” she stated.

‘Additional means’ to track

One of the principles states that the best interests of the child should be a primary consideration for all parties involved in age assurance.

Another principle warns that age assurance should not lead to any unnecessary data-protection risks for people.

“In particular, age assurance should not provide additional means for service providers to identify, locate, profile, or track natural persons,” the EDPB says.