When do parents think their child is ready to use the internet independently

In all the recent discussion over social media data exploitation, licit or illicit, with or without consent, urging people to lock down privacy settings or even delete their profiles, the ‘user’ is constantly assumed to be an adult – responsible for their decisions about when to allow information society services to monetise their personal data. But who is looking out for children and their data privacy? The General Data Protection Regulation (GDPR), coming into force on 25th May 2018, proposes that for children under a certain age, companies should gain parental consent before processing their personal data. But under what age? But what is under-age? The GDPR proposed 16 as the age of consent, albeit for largely unexplained reasons. It then allowed member states to reduce the age to 13, and the UK’s Data Protection Bill has proposed just that, resulting in a lower age of consent than in some European countries, but leaving unresolved the challenges of implementation. In all this, it seems no-one has consulted parents. US research with parents suggests 13 is too young and, as Facebook reported, 77% of parents say they should be the ones to decide. The Parenting for a Digital Future project surveyed a nationally representative sample of 2032 UK parents of 0-17 year olds in November 2017. As we show, overall parents think 13 is about right, but parents of teens – to whom this decision actually matters in practice – think 13 is too young.