Elizabeth Denham, Information Commissioner
Information Commissioner’s Office, Wycliffe House
Cheshire, SK9 5AF
30 May 2019
Dear Commissioner Denham,
Re: The Draft Age Appropriate Design Code for Online Services
We write to you as civil society organisations who work to promote human rights, both offline and online. As such, we are taking a keen interest in the ICO’s Age Appropriate Design Code. We are also engaging with the Government in its White Paper on Online Harms, and note the connection between these initiatives.
Whilst we recognise and support the ICO’s aims of protecting and upholding children’s rights online, we have severe concerns that as currently drafted the Code will not achieve these objectives. There is a real risk that implementation of the Code will result in widespread age verification across websites, apps and other online services, which will lead to increased data profiling of both children and adults, and restrictions on their freedom of expression and access to information.
The ICO contends that age verification is not a ‘silver bullet’ for compliance with the Code, but it is difficult to conceive how online service providers could realistically fulfil the requirement to be age-appropriate without implementing some form of onboarding age verification process. The practical impact of the Code as it stands is that either all users will have to access online services via a ‘sorting’ age-gate or adult users will have to access the lowest common denominator version of services with an option to ‘age-gate up’. This creates a de facto compulsory requirement for age-verification, which in turn puts in place a de facto restriction for both children and adults on access to online content.
Requiring all adults to verify they are over 18 in order to access everyday online services is a disproportionate response to the aim of protecting children online and violates fundamental rights. It carries significant risks of tracking, data breach and fraud. It creates digital exclusion for individuals unable to meet requirements to show formal identification documents. Where age-gating also applies to under-18s, this violation and exclusion is magnified. It will put an onerous burden on small-to-medium enterprises, which will ultimately entrench the market dominance of large tech companies and lessen choice and agency for both children and adults – this outcome would be the antithesis of encouraging diversity and innovation.
In its response to the June 2018 ‘Call for Views’ on the Code, the ICO recognised that there are complexities surrounding age verification, yet the draft Code text fails to engage with any of these. It would be a poor outcome for fundamental rights and a poor message to children about the intrinsic value of these for all if children’s safeguarding was to come at the expense of free expression and equal privacy protection for adults, including adults in vulnerable positions for whom such protections have particular importance.
Mass age-gating will not solve the issues the ICO wishes to address with the Code and will instead create further problems. We urge you to drop this dangerous idea.
Open Rights Group
Index on Censorship
Watch Global Partners Digital
CC: Rt Hon Jeremy Wright QC MP, Secretary of State for Digital, Culture, Media and Sport