One of the running themes of the post-GDPR world is the need to protect children. They’re automatically considered to be vulnerable in EDPB and ICO guidance, there are specifics around consent (though it’s not as specific as you might think) and multiple European regulators have identified the protection of children and their rights as a priority, including our own esteemed Commissioner.

So it’s a bit odd that the UK GDPR itself, even after a couple of significant revisions (one post-Brexit, the other via the Data (Use and Access) Act, doesn’t say that much about children. It certainly contains limited requirements and restrictions. On this unashamedly short session, I’m going to take you through what the specific elements and references are. As I admit on the session, there’s loads to think about overall, but in terms of specifics, it’s pretty easy to cover.