Implementing responsibility and ethics in the design of apps for children

Executive summary

The internet has opened up unlimited opportunities for everyone for learning and economic growth, including children. The internet has allowed children to be networked, connecting them to people across the world, to learn and share their experiences of growth. This access to information and the internet has simultaneously created challenges of risk and safety for children online. The need for parents to consistently monitor their child’s growth and safety online has often led them to control children’s screen time to risks of cyberbullying, cyberstalking, cyber extremism, addictions and disorders of online gaming and attention span issues for the child. More alarming threat for children online is sexual abuse and exploitation.

These concerns are not limited to parents alone, but have been shared by educators, industry and government institutions alike. Organizations like UNICEF and International Telecommunication Unit (ITU) have been promoting child safety online through “the Child Online Protection Initiative”. These organizations have invested significantly in providing guidelines on child safety online for multiple stakeholders, and have been working with these stakeholders to keep the internet safe for children. Laws like Children’s Online Privacy Protection Act in the United States (US) have pushed compliance for children’s safety online for the internet, and have become the norms which the industry abides by. The Convention on the Rights of the Child, which is the most widely ratified international human rights treaty, also acts as recommended guidelines for the industry to protect children online.

Various digital organizations have been responding to these threats by introducing a variety of measures including parental controls for digital solutions, Child Sexual Abuse Material or CSAM control measures, and educating partner organizations on threats to child safety. Within India, various laws and rules under the IT Act of 2000 require organizations to address issues related to child safety online. The 2020 Child Online Safety Index has rated India 9th (among 30 countries) in the protections for children online. While there are considerable efforts that have been already taken as part of various initiatives for child safety online, India has been unable to make all organizations address the issue of child safety online.

The draft Digital Personal Data Protection (DPDP) Bill of 2022, while regulating the issue of child safety and privacy online, requires organizations to address various harms to children and adolescents. The draft, while helping us give a direction to look at various practices that can be adopted to protect privacy of citizens, also raises other concerns on implementing them with business and engineering practices. These concerns will be part of continuous debates until the law is shaped and further rules which are part of the law are actually made.

1. Definitional issues

a. Consent and guardianship

The upcoming DPDP Bill 2022 has definitions for consent and deemed consent. While a child’s consent is expected to be provided by a ‘guardian’, the concept of deemed consent from a child’s safety point of view is a concerning aspect. Consent managers that are required to be designed by various data fiduciaries will have to make special provisions for children, and the definitions will determine how these are designed.
From legal jurisprudence in the Aadhaar judgment, even when a guardian gives away data of the child, the child can take control of their personal data when the child becomes an adult. These needs for specialized mechanisms for children will require changes in engineering practices among business operations of several digital products.

b. International practices on child safety

Child safety is different across various geographic locations. Online exploitation needs a wider social and cultural background before one can provide solutions to these problems. A child’s exposure to knowledge, information, socio-cultural practices are varied and thus result in complex patterns across various socio-economic groups. There could be some similar patterns, but solutions to social and cultural problems will be varied across regions. While we adopt some of these international practices on child safety recommended by organizations like UNESCO and ITU, localizing for Indian conditions is required.

2. Online harms and online disorders

a. Cyberbullying and CyberStalking