Protection of minors' data on social networks

In the 21st century where the homo digitalis has evolved into a much more sophisticated version at a technological level, not only the limits but the real power we have over our personal information since we were born[1] in our mother's womb and we take the first steps in the different stages of our life through the overexposure of these on the main platforms that capture them and make use of them in Social networks.

This limit is even more compromised when personal data of minors who make indiscriminate use of these networks, exposing not only their data but also compromising their privacy, privacy and his right to honor; sometimes being victims of crimes such as grooming[2], cyberbullying, sexting[3] or identity theft (among others) and that can lead our children to very difficult situations.

Next, we will analyze the main aspects to take into account regarding the protection of minors' data on social networks.

STARTING LINE: WHERE DO WE START?

It is evident that you cannot put gates on the field. Internet It is like the sea, its beginning is known, but not its end and in the use we make of it, some consequences or others will emerge. Furthermore, it is important to make a generational distinction in the use of these social network: since this is not the same in the digital natives of Generation Z who spend more than 1 and a half hours a day while Generation Alpha[4] (children of the Millennials) spend an average of one hour[5]up to date.

All of the above leads us to the conclusion that Social Networks are their dominant mode of social interaction and therefore their main channel of communication with the world around them. But how do they access it?

In our country, the minimum age of consent for the processing of personal data of minors is 14 years; This is explained in article 7 of the Organic Law on Protection of Personal Data and guarantee of digital rights [6] and in art. 8 of the General Data Protection Regulation[7].

It is important to keep in mind that the consent provided in a clear and unequivocal manner by the minor can be withdrawn at any time as stated in article 7.3 of the GDPR. In addition, young people over 14 years of age are also entitled to exercise ARCO-LIPO rights.[8] included in the Regulations.

Regarding the minimum age to create profiles on social networks, the most popular platforms are Instagram, Tiktok or Twitter and setting the minimum age for its use at 13 or 14 years (depending on the network). The real problem comes later, when, to access these, the established mechanisms are not secure enough: some networks request the date of birth of the minor. A fact that is easily variable and just changing a couple of digits is enough to give “the digital key” to a world that is equally exciting and insecure. Is good faith presumed on the part of the giant owners of these networks for this simple step? It's hard to believe in it. Even sometimes, it is the parents or family members themselves who knowingly actively participate in the discharge process, I understand, without being aware of all the risks that this entails: contact with unknown adults or older adolescents, exchange of images or videos of sexual content, access to images or videos that contain violence of all kinds (such as harmful viral challenges) and possible deception or blackmail.

With everything stated above, it draws my attention powerfully that not even in the GDPR nor in the LOPDGGDD the personal data of minors has not been included in the list numerus clausus of data specially protected by art. 9 of the GDPR. It is curious that philosophical data (philosophical convictions) prevail over those of a child. Does someone who likes Aristotle deserve greater protection than a child's personal data? Nonsense, which, sometimes, has the literality of the Law.

PROGENITORS AS DIGITAL CONTAINMENT DAMs

Another aspect to take into account is the role played by parents when addressing this topic; and even more so if they are separated and there is no consensus, much less approval for the processing of minors' data on social networks.

Many fathers and mothers make the mistake of thinking that the one who decides on this matter is the one who has custody, however, this is not the case, since this is a parental responsibility shared by both parents.

Regarding the right to one's own image, it is a fundamental right and therefore the decision to publish a photograph of the minor on a social network belongs to the sphere of parental authority (which is mandatory, personal and non-transferable; unless the parents are deprived of it or are excluded from its exercise by a sentence) Furthermore, parents as holders of this information have the obligation and responsibility to protect the image of their minor children and avoid, in the interest of the minor, overexposure of the child in these digital environments. Therefore, the Supreme Court, in its reiterated jurisprudence, states that the agreement of both parents is necessary to be able to upload images of their children together on social networks (WhatsApp, Facebook, instagram…)

A different issue is when the minor turns 14 years old, he or she is the one who can decide on the processing of their data. There, the paper in watching As parents, they must be constant through continuous interaction with their children, opting for a conciliatory position, agreeing on limits for the use of networks, always under parental supervision.

In most cases, we are not aware of what it means to upload a photo of our children to social networks, it is like throwing a leaf into the wind: no one knows where it will end up. From someone unknown to pass it on WhatsApp to third parties outside your intimate sphere (without your consent) or what is worse, pedophiles who can steal the photo and use it for their abject desires or to impersonate them and thus deceive more children.

Finally, our children will grow up and be heirs of the reputation online and digital biography that we have been creating and managing on the Internet until, legally, they can take control over their own image as personal data. Therefore, respecting your privacy will always be the best defense for your future.

HOW TO HELP OUR CHILDREN IN THE MANAGEMENT OF THEIR SOCIAL NETWORKS?

Without a doubt, the training and advice of prevention in the management of social networks in minors and the protection of their personal data, it is the best weapon to defend themselves against digital attacks that directly attack their fundamental rights and freedoms. Below are a series of proposals from various areas for optimal management and safeguarding of your privacy:

1. Teach our children to filter and relativize everything they will find on networks: approval of their comments, disapproval and criticism and not to be so vulnerable to 'like' and 'dislike'.
2. Carry out a Parental control cash, through apps mobile phones intended for this purpose; always with collusion with our children. We are not infiltrated spies. We are your digital custodians to help you whenever you need it.
3. As parents, respect the age set by each social network when opening a profile for our children minors and teenagers. And when that time comes, explain the risks and the consequences and what information and data they can and should not share; in addition to alerting them of possible behaviors that may be found and must be reported to us immediately.
4. Regarding Social Network Service providers, it would be advisable to establish a much more exhaustive online identity verification system, such as the digital ID where the real age of the minor appears, not allowing access or creation of a profile if they do not comply with the legal requirements for this.
5. The schools, are also actors who play a transcendental role. The Spanish Data Protection Agency recommends implementing a subject where minors are trained in their use of both the Internet and social networks, so that they know how to detect the possible risks and the benefits that they can bring.

Finally, in a world where the moment is shared, but the moment is not lived, we should do an introspective exercise to extract ourselves from all this maelstrom of created needs that in some cases can become addictions that make us lose contact with reality and with our real social life. It has been proven that some adolescents use up to seven social networks simultaneously thanks to their transversality. Is it really necessary to expose our privacy and personal data 7 times using a “free product” where the product is really us?

The influence that the “Fifth Power” exerts in all areas of life is immeasurable, but it is us as parents and also users Those of us who must establish the limits in order to be real and effective owners of our fundamental rights and not exchange goods due to the superpower of our personal data. Let us therefore try to take effective control of the technology to take advantage of its benefits without getting trapped in it.

Bibliographic references:

Spanish Data Protection Agency (2020). Protection of minors on the Internet. Avoid inappropriate content while preserving your privacy

https://www.aepd.es/sites/default/files/2020-04/nota-tecnica-proteccion-del-menor-en-internet.pdf Last visit July 26, 2022

Davara Fernández de Marcos, L., “Minors on the Internet and Social Networks: Applicable Law and Duties of Parents and Educational Centers. Brief reference to the Pokémon Go phenomenon. https://www.aepd.es/sites/default/files/2019-10/menores-en-internet.pdf  Last visit July 25, 2022

AEPD sector guides. Guide for educational centers. https://www.tudecideseninternet.es/aepd/images/guias/GuiaCentros/GuiaCentrosEducativos.pdf Last visit July 26, 2022

Minors and information, communication and leisure technologies. A guide for parents. Alicante Provincial Council http://www.infocoponline.es/pdf/2015NT.pdf Last visit July 25, 2022

Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and the free circulation of these data and repealing the Directive 95/46/EC (General Data Protection Regulation).

Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights

Organic Law 2/2006, of May 3, on Education

Organic Law 1/1996, of January 15, on legal protection of minors, on modification of the Civil Code and the Civil Procedure Law

Organic Law 1/1982, of May 5, on civil protection of the right to honor, personal and family privacy and one's own image

Civil Code

Pact for the good use of social networks https://www.is4k.es/de-utilidad/recursos/pactos-familiares-para-el-buen-uso-de-dispositivos

---

[1] Legal term that refers to the human being from the moment he is conceived until his birth.

[2] Generation Z: these are those born between 1996 and 2012, that is, they have not known a world without the Internet or social networks

[3] Term that refers to the sending of sexual, erotic or pornographic messages using the mobile phone as a means.

[4] Generation Alpha: the first digital generation 100%, born in the last decade.

[5]https://marketing4ecommerce.net/redes-sociales-y-adolescentes-como-las-usan-los-miembros-de-la-generacionalfa/#:~:text=Por%20supuesto%20que%20la%20preferencia,tercer%20lugar%20TikTok%20(77%25)

[6]From now on LOPDGDD https://noticias.juridicas.com/base_datos/Laboral/632849-lo-3-2018-de-5-dic-proteccion-de-datos-personales-y-garantia-de-los-derechos.html#a7

[7]From now on GDPR  https://noticias.juridicas.com/base_datos/Privado/574082-regl-2016-679-ue-de-27-abr-proteccion-de-las-personas-fisicas-en-lo-que.html#a8

[8] Arts. 15 -22 of the GDPR; where the rights of: Access, Rectification, Deletion (Forgetting), Limitation of Treatment, Portability and Opposition are made explicit.