Skip to main content

Protect children’s privacy by default

This section outlines how to design privacy information that meets children’s needs as they grow and develop.

 

Things to do

Privacy settings must be high by default

Settings must be ‘high privacy’ by default (unless you can demonstrate a compelling reason for a different default setting, taking into account of the best interests of the child).

Many children just accept whatever privacy settings you provide and never change them. This is why it’s important for the defaults you set to offer the highest protection.

It is not enough to allow children to activate high privacy settings. You should:

  • provide them by default;
  • keep them high when you update services; and
  • design ways for children to revert to strong protections if they do change them.

Example of high default privacy settings: Children’s personal data is only visible or accessible to other users of the service if they change their settings to allow this.

Example of temporary privacy setting change: Share location data for a set amount of time.

Help children keep stronger privacy protections

Design prompts when children try to change default privacy settings.

Younger children may need a parent or guardian to change a setting.

Older children may need clear and neutral information in context to help them make a decision.

Think about ways to help children restrengthen privacy settings if they do change them. Give them options to change privacy settings for a set amount of time, only in a specific context or when they end the current session.

Present choices neutrally or only use ‘nudge techniques’ (design features which lead or encourage users to follow the designer’s preferred paths) to strengthen privacy settings.

Let children set high privacy settings on shared devices

If you allow multiple users to access a service from one device, where possible, allow them to set up their own profiles with individual privacy settings. This means children don’t have to share adult privacy settings when using a shared device.

Example of children’s privacy settings on a shared device: Allow children to set up their own profiles and have their own privacy settings.

 

Things to avoid

Example of a ‘nudge’ that lowers privacy: Interactions that deliberately encourage children to share data.

Don’t ‘nudge’ towards lower privacy options

Ensure your designs do not influence children to share data or follow your preferred path.

Present choices in a clear and neutral way. For younger children, it may be appropriate to ‘nudge’ them towards stronger privacy options.

 

Things to check

  • Have you set high privacy settings as default for children using your service?
  • Have you designed prompts for when children try to change default settings?
  • Have you thought how you can help children keep and maintain high privacy settings?
  • Have you checked and redesigned any moments in your service where the interface design encourages children to share data, eg by using nudge techniques?

""

Design test

Take our test to see if your default settings are offering the highest level of protection, to children by default.

Explore more themes

Getting started

This section outlines ways to understand and introduce the Children’s code standards into your practice.

Bring children's views into the design process

This section outlines the importance of involving children in the design process so that your service meets their needs and has their best interests at heart.