Element 68Element 45Element 44Element 63Element 64Element 43Element 41Element 46Element 47Element 69Element 76Element 62Element 61Element 81Element 82Element 50Element 52Element 79Element 79Element 7Element 8Element 73Element 74Element 17Element 16Element 75Element 13Element 12Element 14Element 15Element 31Element 32Element 59Element 58Element 71Element 70Element 88Element 88Element 56Element 57Element 54Element 55Element 18Element 20Element 23Element 65Element 21Element 22iconsiconsElement 83iconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsiconsElement 84iconsiconsElement 36Element 35Element 1Element 27Element 28Element 30Element 29Element 24Element 25Element 2Element 1Element 66
GDPR and Growing Up in Digital Media Environments

GDPR and Growing Up in Digital Media Environments

For the first time at the European level, the European General Data Protection Regulation (GDPR) includes specific data protection provisions for the processing of personal data of children and adolescents. In addition to special legal considerations in favour of minors, art. 8 (1) GDPR in particular provides that “information society services” aimed at children require the consent or approval of their legal guardians if these services rely on consent when processing the data of persons under the age of 16. For digital information centres and prevention services, but also for providers of online services for children, this can make practical work more difficult and lead to legal uncertainty.

The Institute works closely in several ways with self-regulatory bodies, NGOs and providers to examine the practical consequences of these regulations for minors, parents as well as for providers, especially with a view to the possibilities of empowerment and communicative participation of children, as they have been included in the UN Convention on the Rights of the Child.
Photo by Siarhei Plashchynski on Unsplash
show more

Project Description

Works related to ‘GDPR and Growing Up in Digital Media Environments’ include the following projects:
  • Members of the institute took part in workshops with providers of websites for children or child-specific apps and games, which initially focused on general questions concerning the coming into force of the GDPR. In the course of the workshops, those regulations were identified that cause the greatest difficulties for providers in understanding or implementing them, such as the concept of personal data within the meaning of the GDPR, range of the budget exception, scope of application of legal permissions, requirements for consent, implementation of parental consent, obligations to provide information and documentation among others.
  • For media pedagogical information and information services, the Institute conducted a two-day workshop together with the German Association for Voluntary Self-Regulation of Digital Media Service Providers (FSM), The State Media Authority of Rhineland-Palatinate (LMK) and klicksafe.de on the GDPR’s entry into force, during which employees were able to actively learn how to implement exemplary provider obligations with regard to their own services.
  • In cooperation with the Hans-Bredow-Institut, the German Association for Voluntary Self-Regulation of Digital Media Service Providers (FSM), has published the brochure "Kinderseiten und DSGVO: Das geht gut! [Websites for Children and the GDPR: That Works Well!“]" for child-specific online services such as websites and apps for children, which explains the individual legal requirements of the GDPR to the providers in a practical and understandable way using an interactive checklist and refers to examples, templates and other sources of help on the internet.
  • Especially for digital counselling and prevention services, the parental consent requirement entails great legal uncertainty. The GDPR states in recital 38 that such centres do not require parental consent to the processing of children’s data. However, as a recital, this requirement is not legally binding and art. 8 (1) GDPR does not seem to provide for any corresponding exceptions. A parental consent requirement, however, can lead to inhibitions in the use of such offers by minors. Members of the institute work closely with German Digital Opportunities Foundation, the German Children’s Fund and addiction advice services (e.g. Sucht.Hamburg) to identify and prioritise practical problems and to discuss possible implementation of the GDPR requirements in accordance with the law.
  • Dr. Stephan Dreyer is co-editor of the 2018 issue of “merz Wissenschaft”. The issue with the topic “Kinder|Medien|Rechte – Komplexe Anforderungen an Zugang, Schutz und Teilhabe im Medienalltag Heranwachsender [Children|Media|Rights – Complex Requirements for Access, Protection and Participation in the Everyday Media Life of Adolescents]“ will be published in December 2018. The issue focuses on the question of how children's rights to be guaranteed in a digitally networked world look specifically in everyday media practice. It also examines how these rights can be implemented on a political and practical level, and how they can be accompanied socially and legally. Data protection law in the context of media education and media use of children is an intersection of protection and participation that plays a central role in many of the articles.

Project Information


Duration: 2018-2019

Research programme:
RP3 - Knowledge for the Media Society

Third party

Contact person

Dr. Stephan Dreyer
Senior Researcher Media Law & Media Governance

Dr. Stephan Dreyer

Leibniz-Institut für Medienforschung │ Hans-Bredow-Institut (HBI)
Rothenbaumchaussee 36
20148 Hamburg

Tel. +49 (0)40 45 02 17 - 33
Fax +49 (0)40 45 02 17 - 77

Send Email



Subscribe to our newsletter and receive the Institute's latest news via email.