Facebook and Instagram face a ban on letting under-18s “like” posts on their platforms while Snapchat could be prevented from allowing the age group to build up “streaks”, under new rules proposed by the UK’s data watchdog.
The Information Commissioner’s Office (ICO) said these techniques exploit “human susceptibility to reward”.
This, it said, encouraged users to share more personal data and spend more time on apps than desired.
The proposal is part of a 16-rule code.
To ensure its success, the watchdog says that online services must also adopt “robust” age-verification systems.
In addition to calling for an end to children being exposed to so-called “nudge techniques”, the ICO advocates internet firms make the following changes among others for their younger members:
- make privacy settings “high” by default
- switch location-tracking off by default after each session and make it obvious when it had been activated
- give children choices over which elements of the service they want to activate and then collect and retain the minimum amount of personal data
- provide “bite-sized” explanations in clear language about how users’ personal data is used
- make it clear if parental controls, such as activity-tracking, are being used
The ICO suggests that firms that do not comply with the code could face fines of up to 20 million euros (£17.2m) or 4% of their worldwide turnover under the General Data Protection Regulation.
“The internet and all its wonders are hardwired into their everyday lives,” commented Information Commissioner Elizabeth Denham.
“We shouldn’t have to prevent our children from being able to use it, but we must demand that they are protected when they do. This code does that.”
Her office is now seeking feedback as part of a consultation that will run until 31 May. It is envisaged that the rules would come into effect next year.
Restrictions on Facebook’s like button – which registers a user’s interest in another user or advertiser’s post – and Snapchat streaks – which count the number of consecutive days two members have messaged each other – are not the only nudge behaviours being targeted.
The ICO also says that apps should not:
- show boxes where the Yes button is much bigger than that for No
- use language that presents a data-sharing option in a much more positive light than the alternative
- make it much more cumbersome to select the high-privacy option by, for example, requiring more clicks to turn it on
However, the regulator said it was appropriate in some cases to use nudges that encourage children to opt for privacy-enhancing settings, or to take a break after using an online service for some time.
The ICO’s rules follow a proposal from the Department for Digital, Culture, Media and Sport (DCMS) for the creation of an independent tech watchdog that would write its own “code of practice” for online companies.
The suggestions have already been welcomed by the National Society for the Prevention of Cruelty to Children (NSPCC).
“Social networks have continually failed to prioritise child safety in their design, which has resulted in tragic consequences,” commented the charity’s Andy Burrows.
“This design code from the ICO is a really significant package of measures, but it must go hand in hand with the government following through on its commitment to enshrine in law a new duty of care on social networks and an independent regulator with powers to investigate and fine.”
The Internet Association UK – which represents Facebook, Snap and other tech firms – has yet to comment.
But the code has drawn criticism from the Adam Smith Institute think tank.
“The ICO is an unelected quango introducing draconian limitations on the internet with the threat of massive fines,” said its head of research Matthew Lesh.
“It is ridiculous to infantilise people and treat everyone as children.”