Research published today by the joint 5Rights-LSE Digital Futures for Children centre into changes made by 50 companies reveals that UK and EU laws for children’s safety and privacy are leading to significant changes to tech services, governance, moderation strategies, information and tools as well as default settings. The most impactful include social media accounts defaulted to private settings, changes to recommender systems and restrictions on targeted advertising to children.
The report Impact of regulation on children’s digital lives examines the impacts on services for UK users in particular of the UK’s Age Appropriate Design Code (AADC) and Online Safety Act (OSA) as well as the EU’s Digital Services Act (DSA). It looks at changes publicly announced by companies over the period 2017–24 as well as material directly provided by the 8 companies who answered a request for information sent to 50 businesses.
The research recorded a total of 128 changes announced by Meta, Google, TikTok and Snap over the period – either in anticipation of legislation or regulation, or following its introduction – with a peak of 42 changes in 2021, the year the AADC came into effect.
As the report shows, the most impactful changes are those that are by design and default – changes to product design that take responsibility for aligning digital services with children’s rights and development needs. The research revealed however that companies are significantly relying on tools such as parental controls in response to legislation and regulation. As the report notes:
“While there is a valid relationship between the use of tools and the requirements in the AADC, GDPR and DSA, there is a risk of over-reliance as a privacy and safety measure. The evidence indicates low levels of use and efficacy for parental controls, plus risks to child autonomy. This therefore presents a risk of reliance to the exclusion of other measures.”
Drafted by the former UK Deputy Information Commissioner Steve Woods, the report highlights how “the UK and EU approach to legislation and regulation seeks to ensure companies’ systems and processes embed safety by design and duties of care, to realise the rights of children in relation to the digital environment, so they can learn, explore and play online safely” and that, with the AADC, DSA and OSA passed, “this is the optimal moment to set out a baseline for monitoring the impact” for children online.
A broad lack of transparency however hinders this monitoring. Not all changes are publicly announced, and, of the 50 companies Steve Woods wrote to for evidence, only 8 answered, and then only partially.
The report sets out 11 recommendations to companies and regulators: