Wednesday, 3 February 2016

GDPR and the Digital Age of Consent for Online Services

GDPR and the Digital Age of Consent for Online Services:

"Apart from being difficult to enforce on a practical level, the proposed threshold is also at odds with the existing legal framework in the UK on the capacity of young people to enter into contracts.

In England and Wales, a child does not generally acquire full legal capacity until the age of 18. However, minors can and do enter into contracts before reaching full age.

Like the ICO's approach to processing of personal data, the English courts take the view that the validity of such contracts will depend on the child's understanding of the transaction.

In the Court of Appeal judgment in R v Oldham Metropolitan BC, ex parte Garlick [1993] AC 509, for example, Scott LJ commented that, whilst a child well under the age of 10 could purchase sweets, a 4-year-old could not contract for the occupation of residential property.

Clearly this is an extreme example, but the point is that children acquire contractual capacity on a gradual basis as their understanding of the world develops. Drawing a line in the sand for all circumstances is impractical and unworkable.

It is therefore likely that a minor could legally consent to a website's terms and conditions and privacy policy well before their 16th birthday, provided that they understood the nature of the contract.

Nevertheless, it is well established at common law that contracts entered into by minors are voidable at the minor's option but remain binding on the other party. Information society service providers could therefore be at risk of a minor voiding their consent to the processing of their data months after accessing a website or app." 'via Blog this'

No comments: