Introduction and Summary

The Information Technology and Innovation Foundation (ITIF) is pleased to submit these comments in response to the Brazilian National Data Protection Authority’s (ANPD) request for public comment concerning “Making Subsidies: Processing of Personal Data of Children and Adolescents.”[1] ITIF is a nonprofit, non-partisan public policy think tank based in Washington, D.C., committed to articulating and advancing pro-productivity, pro-innovation, and pro-technology public policy agendas around the world that spur growth, prosperity, and progress.

Age verification, parental controls, and transparency have become hot button issues within the global debate surrounding children’s online safety and privacy. Improved systems for age verification would keep more children away from inappropriate content, but the different methods of verifying users’ ages online pose varying risks to user privacy and could restrict some adult users from age-gated digital platforms. Greater parental control over children’s online behavior would allow for a more individualized approach to children’s protection, but this requires parents to be informed and involved in their children’s online safety and privacy. Finally, greater transparency surrounding digital platforms’ safeguards for children and the potential risks children may face online will not solve these issues, but it would better inform parents and policymakers, leading to better decision-making at every level.

Internet Games and Applications

2. Considering that the processing of personal data must be limited to that strictly necessary for the purpose for which it is intended, what are the good practices and techniques available and appropriate for verifying the age of users of digital platforms?

There are multiple different ways digital platforms can verify users’ ages, and each of these methods comes with different strengths and weaknesses. Some are more accurate but more invasive, whereas others are less invasive but also less accurate.

First, many digital platforms already require users to either check a box indicating they are over a certain age or input their date of birth to confirm they are over a certain age. This form of self-verification is the least invasive, because it only requires users to disclose, at most, one piece of personal information: their date of birth. Because many people share the same birthday, this piece of information cannot uniquely identify an individual. However, this method is also the least reliable, as underage users can and often do lie about their age in order to gain access to certain digital platforms.^[2]

On the other end of the spectrum when it comes to accuracy and invasiveness is the ID check. This form of age verification is common in physical spaces, where customers must provide a valid government-issued ID in order to prove they are above the minimum age required to enter an age-gated space or purchase an age-gated product. It is also highly accurate, as government-issued IDs are more difficult to falsify than checking a box or entering one’s date of birth. However, because most in-person ID checks do not involve making a copy of each customer’s ID, these encounters pose lower privacy risks than online ID checks, where a digital platform may store the information from users’ IDs. Additionally, as many as three million Brazilians do not have necessary identity documents, complicating the process of online ID checks for those individuals.^[3]

Digital forms of government-issued identification could solve some of the privacy concerns associated with ID checks for age verification, as well as make the process more efficient. Currently, online ID checks typically require users to upload a photo of their physical ID as well as sometimes additional steps to prove the ID belongs to them, such as uploading a current image of their face to compare to the photograph on the ID. If designed right, digital IDs would streamline this process and allow users to only share necessary information. For example, individuals trying to access an age-restricted digital platform could verify that they are over a certain age without providing their exact date of birth, let alone all the other information a physical ID would reveal. Brazil’s digital ID system has 153 million registered users, and while these IDs currently allow users to prove their identity to access government services, the system could potentially allow for easier and more privacy-protective age verification in the future.^[4]

Finally, in between self-verification and ID checks, there is a third potential method of age verification using artificial intelligence (AI) to estimate users’ ages from an image of their face. Combined with privacy protections requiring online services to delete users’ images after the age estimation process is complete, this would minimize the amount of personal information users have to give up in order to verify their age. Of course, age estimation technology is not perfectly accurate and likely never will be, but it is constantly improving.

4. What mechanisms and good practices can be adopted to increase the control of parents and guardians over the processing of personal data of children and adolescents in the digital environment?

In order to increase parental control, and as an alternative to age verification, device operating systems could create a “trustworthy child flag” for user accounts that signals to apps and websites that a user is underage and apps and websites that serve age-restricted content could check for this signal from their users and block underage users from this content. Rather than using ID checks to determine whether to activate this child flag option, this would be an opt-in process built in to existing parental controls on devices. Parents could activate or disable the child flag option depending on their own values and the maturity of their children. Additionally, devices could default to certain parental controls recommended for children.^[5]

Because this approach does not require anyone to disclose or verify their identity, it does not create privacy risks by forcing users to share their government IDs or allowing online services to link their online activity to their offline identities. It is also a low-impact approach, allowing adults to continue using the Internet as they do today. Similarly, the vast majority of websites and apps that are meant for the general public would not have to take any action. Third, it would be entirely voluntary for users. Parents who want to control what their children see on the Internet could choose to use this feature and other parents could choose not to.

5. What good practices related to transparency and the provision of information in a simple, clear, and accessible manner can be observed by digital platforms when processing personal data of children and adolescents?

Requiring digital platforms to provide certain information would enable children and parents to make better-informed safety and privacy decisions. With the necessary information at their fingertips, parents could more effectively tailor their child’s online safety and privacy protections to their parenting style and the child’s developmental needs, allowing for an individualized approach to children’s online safety and privacy instead of a one-size-fits-all mandate. Information that would be useful to children and their parents includes information about the safety and privacy safeguards of a digital platform, potential risks facing children on the platform, personalized recommendation systems the platform uses, and advertising on the platform that targets children.

Conclusion

A combination of privacy-protective age verification systems utilizing digital forms of identification and AI, parental controls that are readily available and easy to use, and greater transparency from digital platforms would increase children’s safety and privacy, encourage innovation in improved safety and privacy controls, and better inform policymakers and parents on next steps to protect children.

Thank you for your consideration.

Endnotes