Legal Protection of Children's Personal Data in the Digital Era

The article examines the relevance of personal data protection, in particular of children, in the context of the rapid development of the Internet and the information sphere. The author analyzes the principles and peculiarities of legal regulation of children's personal data protection as defined by the UN Convention and the Law of Ukraine "On Protection of Childhood". The author assesses the impact of the Data Protection Regulation on Ukrainian legislation and the need for harmonization with European standards for the full protection of children's personal data. Comparison of the provisions of the Regulation with the national legislation reveals significant differences, in particular, the absence of separate regulation of children's personal data and the principles of processing such data. The author expresses a position on the need to harmonize Ukrainian legislation with European standards as an important component of effective personal data protection. The author also analyzes the provisions of the Draft Law No. 8153 "On Personal Data Protection" and concludes that the Draft Law is aimed at establishing compliance with European standards, expanding the principles of data processing and establishing new consent requirements. Important changes relate to terminology, processing rules, protection of children's data, financial responsibility and other aspects, however, the issue of protection of children's personal data as a separate category has not been given due attention. The author concludes that today the issue of personal data protection, in particular of children, is regulated by numerous international and national legal acts. At the same time, it is noted that the EU Regulation provides for special protection of children's rights, which is different from the Law of Ukraine "On Personal Data Protection", and Draft Law No. 8153 leaves aside the issue of protection of personal data of a child specifically. As a result, it is noted that in order to reduce risks, it is necessary to take into account the principles of the Regulation in national legislation, in particular transparency and limitation of settings. It is also important to raise the legal culture of citizens in the field of personal data protection, contributing to the improvement of the regulatory environment.

This research focuses on legal certainty regarding the formulation of children's personal data in the PDP Law and legal protection efforts for children's personal data on social media. This research is a normative legal research with a concept and statutory approach. The results of the study show that the formulation of children's personal data in positive law actually creates legal uncertainty so that it has an impact on the implementation of legal protection related to children's personal data requiring further regulations and guidelines. Legal protection efforts for children's personal data on social media can be carried out preventively and repressively. Preventively, legal protection for children's personal data on social media is carried out by involving the role of parents, society, and the state through the establishment of special institutions that provide an understanding of the importance for children to protect and understand the benefits of personal data. Repressively, legal protection for children's personal data on social media is carried out by prioritizing the aspect of compensation if the child's personal data is misused which harms the child's personality and is oriented towards criminal sanctions as determined in laws and regulations.

Current challenges and the future of legal protection of personal data: under the influence of digitalization development

Background: Personal data is the most fundamental right for everyone including children. Children are the most vulnerable subjects when it comes to the processing of personal data, it is because they do not have awareness and understanding of the risks of misuse of personal data. Regulations regarding the protection of children's personal data in Indonesia are already contained in the draft of personal data protection law but with very limited guidance. Through this comparative study, researchers wanted to compare the United State's COPPA(Children's Online Privacy Protection Act) with the Children and GDPR by the United Kingdom. Both of these regulations are very detailed in regulating the protection of children's personal data. This study will provide a clearer picture of children’s privacy protection regulations so that it can be used as a reference for Indonesia's draft of personal data protection law in regard to the rights of children's privacy. Method: This comparative research uses qualitative descriptive methods with library research and approach. Result: There are fundamental differences regarding the form of guidance, the definition of child, the perpetrator processing of the child's personal data, and things that are included in the child's personal data. Conclusion: The application of children's personal data protection is adjusted to the values and cultures of the country.

The collection of materials of the scientific and methodological seminar "Protection of children's personal data in the digital age" (May 29, 2025, Kyiv) highlights the current theoretical, legal and applied problems of the formation and development of the information society, the protection of information rights, freedoms and security of the child, the privacy of their life and personal data in the context of the requirements of the legislation of the European Union and the European integration of Ukraine. It also considers a number of legal, ethical and technical aspects of protecting children's personal data in the digital environment, the formation of skills for the safe use of digital technologies in the educational process, as well as the implementation of effective practices for ensuring children's information security in the context of the digitalization of education. The publication is intended for specialists, experts and scientists, scientific and pedagogical workers, representatives of state authorities and local governments, the private sector and civil society, as well as higher education applicants. The abstracts of the reports are submitted in the author's edition.

The digital era has had a significant impact on various aspects of life, including from the perspective of national civil law. The use of digital technology and the internet has given rise to various new sectors such as e-commerce, e-education, and e-health, which have encouraged the creation of new challenges in the civil law system, especially regarding the protection of personal data, electronic contracts, and online business transactions. In the context of civil law, the protection of personal rights and personal data is an important issue, considering the increasingly widespread collection and use of personal data. Apart from that, the development of e-commerce and e-government requires regulations that are able to protect consumer rights, as well as ensure the security of data and transactions in the digital world. This article analyzes the challenges and opportunities that arise in protecting personal data in the digital era as well as the importance of adaptive regulatory updates to face rapid technological advances. This research uses a normative approach with descriptive analysis. Researchers focus on national civil regulations relevant to personal data protection in the digital era, including the Personal Data Protection Law (UU PDP). The goal to be achieved is in order to know, understand; What is the Role of National Civil Law Regulations in the Digital Era? Barriers and Opportunities in Protecting Personal Data. The results of this research are that this research contributes to the understanding of personal data protection regulations in Indonesia and how civil law can adapt in the context of the digital era. The results of this research also enrich legal literature related to legal challenges in the digital era and provide new views regarding the implementation of regulations in the technology sector.

The digital era has had a significant impact on various aspects of life, including from the perspective of national civil law. The use of digital technology and the internet has given rise to various new sectors such as e-commerce, e-education, and e-health, which have encouraged the creation of new challenges in the civil law system, especially regarding the protection of personal data, electronic contracts, and online business transactions. In the context of civil law, the protection of personal rights and personal data is an important issue, considering the increasingly widespread collection and use of personal data. Apart from that, the development of e-commerce and e-government requires regulations that are able to protect consumer rights, as well as ensure the security of data and transactions in the digital world. This article analyzes the challenges and opportunities that arise in protecting personal data in the digital era as well as the importance of adaptive regulatory updates to face rapid technological advances. This research uses a normative approach with descriptive analysis. Researchers focus on national civil regulations relevant to personal data protection in the digital era, including the Personal Data Protection Law (UU PDP). The goal to be achieved is in order to know, understand; What is the Role of National Civil Law Regulations in the Digital Era? Barriers and Opportunities in Protecting Personal Data. The results of this research are that this research contributes to the understanding of personal data protection regulations in Indonesia and how civil law can adapt in the context of the digital era. The results of this research also enrich legal literature related to legal challenges in the digital era and provide new views regarding the implementation of regulations in the technology sector.

The issue of personal data protection has been one of the focal points of attention in recent decades. This is because the protection of personal data is a form of realizing the right to privacy as a fundamental human right. Personal data refers to information about a specific individual’s characteristics that serves as a means of their identification. Personal data protection in Bosnia and Herzegovina is regulated by the Law on Personal Data Protection. This law governs the principles of personal data processing, the obligations of data controllers and processors, the rights of data subjects, as well as sanctions for violations of the law. Since 2016, the protection of personal data in the European Union has been regulated by the General Data Protection Regulation (GDPR), which has significantly improved the system for protecting personal data. A particularly significant category of personal data is personal health data, which includes identification and identifying information about an individual’s health and medical condition, their medical diagnosis, prognosis, and treatment, as well as information about substances that can identify that individual. Data related to an individual’s health is a crucial and potentially vulnerable aspect of their life. These are the most intimate data about an individual, the unauthorized and unjustified disclosure of which can subject them to shame, ridicule, and stigmatization, causing them significant, primarily non-material, harm. Misuse of patient information not only violates their privacy but also undermines their dignity. Therefore, personal health data can only be processed for health-related purposes, i.e., for the benefit of the individual and society as a whole. Laws regulating patients’ rights in the Federation of Bosnia and Herzegovina (the Law on Healthcare and the Law on the Rights, Obligations, and Responsibilities of Patients) guarantee patients the right to confidentiality of information and privacy, the right to data secrecy, and the right to access their medical records. The provisions of these laws significantly meet the standards for the protection of personal health data. However, in order to improve the situation in this area, there is a need to harmonize the provisions of the general data protection law, which is subsidiarily applied in the protection of personal health data, with the provisions of the General Data Protection Regulation.

The article highlights the legal concerns surrounding the protection of minors' personal data. The writers have conducted an original study of the sources regulating civil and labor relations in the field of acquiring and using personal data. The expansion and use of information technology and online communications can potentially lead to the violation of personal rights by the owners of personal data, both in workplace settings and in the daily lives of ordinary residents. The purpose of this article is to highlight issues concerning the collection, storage, use, and dissemination of the personal data of a minor, as well as to develop methods to protect the personal data of a child based on a comprehensive analysis of international acts, Ukrainian legislation, unique literature, and case law materials pertaining to the protection of personal data of a minor. Based on the analysis of national legislation and case law of the European Union, the author concludes that the right to personal data protection is one of the forms of realization of the right to respect for private and family life. The obligation to protect person's rights to processing and storage of his or her private information is a negative obligation on the part of both the State and the owners of personal data. The article addresses current difficulties concerning the security of children' personal data under current civil and medical legislation in Ukraine and other countries. The provisions of the General Data Protection Regulation, the California Consumer Privacy Act, and Ukraine's "On Personal Data Protection" Law are compared. Possible steps to establish further protection of children's personal data during collection and processing, whether utilizing websites, video games, online purchases, and so on, are proposed. The paper concludes that state functions should be executed without necessitating individuals' consent for the collection of personal data. Personal data processing should be carried out within the framework and on the basis of Ukrainian laws and regulations, taking into account international conventions in this area. The analysis of methods for safeguarding children's personal data enabled the identification of supplementary avenues for data protection. These include acquiring copies of personal data by both children and their parents, rectifying inaccuracies, completing incomplete data, exercising the 'right to be forgotten' and the 'right to erasure' of personal data, invalidating transactions, and seeking compensation for material and moral damages arising from the unlawful use of personal data

The article is devoted to the study of the organizational and legal mechanism of personal data protection. The concept of "personal data protection" is developed in detail in domestic jurisprudence. The law regulates legal relations related to the protection and processing of personal data, with the aim of protecting the fundamental rights and freedoms of a person and a citizen, and, first of all, the right to non-interference in personal life, in connection with the processing of personal data. However, the rapid development of information technologies, the digitization of society forces us to improve the organizational and legal mechanism of personal data protection every time, to search for more effective and reliable methods and means of their protection. The actual legal basis for the protection of personal data can be found in the Constitution of Ukraine, the Criminal Code of Ukraine, the Civil Code of Ukraine, the Law of Ukraine "On the Protection of Personal Data", decisions of the Constitutional Court of Ukraine, international legal acts, consent to the mandatory use of which was given by the Verkhovna Rada of Ukraine. It is substantiated that it is the state that acts as the guarantor of the protection of a person's personal data - its task is to create an organizational and legal mechanism that would effectively protect human rights related to personal data, etc. The organizational component of the personal data protection mechanism covers the vertical of state bodies and services, which, in accordance with the powers assigned to them, carry out personal data protection activities. On the basis of the conducted research, we came to the conclusion that the organizational and legal mechanism for the protection of personal data is a set of legal norms and a complex of preventive measures carried out by relevant state bodies and services aimed at protecting personal data, stopping offenses, applying coercion to offenders and restoring violated human rights related to personal data.

Privacy as a legal concept is an unavoidable part of a modern democratic society and is recognized as one of the fundamental human rights of every citizen. The right to privacy and the protection of personal data are guaranteed by international human rights documents. In librarianship, the right to privacy and protection of personal data is also guaranteed in the documents of international library associations, which clearly emphasize that librarians are obliged in their work to protect the privacy and personal data of their users. Privacy and personal data are increasingly difficult to protect today, as access to data is simpler and easier due to the use of different and new information technologies, electronic communication, social networks, electronic databases, etc. Personal rights are guaranteed by international documents on protection of personal data and protected by national personal data protection laws. The main objectives of the paper are: to problematize the definition of the concept of privacy from several perspectives; problematize the importance of the right to privacy and protection of personal data in the context of the library profession; provide an overview of significant international documents in the field of human rights which also guarantee the right to privacy and protection of personal data; make a review of important international documents guaranteeing the right to protection and confidentiality of personal data; and finally, the paper will provide an overview of documents of international library associations that in their texts indicate the importance of privacy and protection of personal data in the library business.

La actividad cotidiana de cualquier persona deja hoy “rastro digital”. Esto obliga a plantear: ?Que ocurre con nuestro “rastro digital” cuando morimos? ?Puede la persona prever algo al respecto? El hecho de que en el “rastro digital” puedan verse involucrados tanto aspectos de caracter neta­mente personal como patrimonial, determina que la aproximacion al “rastro digital” dejado por la per­sona al fallecer pueda hacerse: o bien desde una perspectiva eminentemente patrimonial-sucesoria, de la gestion y/o el destino del patrimonio digital; o bien desde una perspectiva eminentemente personal, de la proteccion post mortem de la intimidad/privacidad y/o de los datos personales tanto del fallecido como de terceros. Este doble enfoque se refleja en la practica y tambien en la legislacion comparada, europea y norteamericana. Mas concretamente, es esta una materia en la que confluyen cuestiones de Derecho de sucesiones, de Derecho contractual y de Derecho de la persona –en particular, relativas a la proteccion de datos personales y a la proteccion de la intimidad/privacidad postuma y de terceros–. Asi, por lo que respecta al punto de vista patrimonial, si bien en principio no es posible hablar de la “heren­cia digital” como algo distinto de la “herencia analogica”, ello no obsta a que deban tenerse en cuenta ciertas especificidades que rodean y/o afectan a ciertos “bienes digitales”, en algun caso tributarias del Derecho de contratos. En este contexto, la persona puede ordenar sus “voluntades digitales”, previendo disposiciones sucesorias (nombrando “sucesores digitales”) y/o no sucesorias (ya sea designando “albacea/s digital/ es” o bien quien va a poder actuar en relacion a la proteccion de sus datos personales y/o al ejercicio de las acciones de proteccion civil del honor, la intimidad o la imagen). Por lo que respecta a la legislacion espanola, la Ley catalana 10/2017, de 27 de junio, de las volun­tades digitales, adopta una perspectiva esencialmente patrimonial, previendo la posibilidad de designar un “albacea digital” para que actue ante los prestadores de servicios digitales con los que el causante tenga cuentas activas. El hecho de que la norma catalana se muestre plenamente respetuosa con el con­tenido del contrato suscrito entre el usuario fallecido y el prestador de servicios contrasta con las solu­ciones adoptadas al respecto en otros ordenamientos. Por otra parte, la regla por defecto de no acceso al “contenido” de las cuentas y archivos digitales, salvo que el causante lo haya establecido o se obtenga autorizacion judicial, aproxima la Ley catalana a lo previsto en otros sistemas. En la Ley Organica 3/2018, de 5 de diciembre, de Proteccion de Datos Personales y garantia de los derechos digitales, confluyen tanto el enfoque personal –de la proteccion de datos de las personas fallecidas–, como el patrimonial –relativo a los “contenidos digitales”– (en el mal llamado “testamento digital”). Esta ley parte de la regla de acceso por defecto a los contenidos digitales o a los datos perso­nales del fallecido, y establece una legitimacion muy amplia en cuanto a facultades y demasiado extensa en cuanto a personas legitimadas, sin establecer prelacion alguna entre ellas. Esto, que puede generar problemas en la practica, contrasta con lo previsto en la Ley catalana y en otras legislaciones de nuestro entorno. La Ley Organica 3/2018 se revela, asi, mas como una ley de desproteccion de datos y de con­tenidos digitales, que no de proteccion de los mismos.

The popularity of social media attracts many people to participate in various activities every day. Social media usually comes in the form of audio, graphics, video text and animations that provide convenience to its users to disseminate and access information quickly amd easily. Without realizing it, parents often show off their children's personal data in their parents' and children's accounts, usually for personal or business purposes. The purpose of this study is to examine more about the efforts made by parents to protect children's data privacy on Instagram social media accounts. This study uses the meta-analysis method of the literature study on previous studies. In this study, we want to see how the role of digital literacy in protecting children's personal data is and how to conceptualize children's self-protection digital literacy on social media. The findings of this study with the concept, threats, recommendations regarding the importance of digital literacy for personal data protection and conceptual integration can be used as a reference in further research. The protection of children's personal data is important to thwart the threat of cyber crime, violence and online extortion. It can also be one of the guarantees for children’s good growth and development because the data will not be misused by other parties for financial gain or to threaten children.

The rapid development of digital technology has changed people's lifestyles, including children as active users of the internet. However, behind these benefits, there are threats to children's privacy, especially in the context of misuse of personal data by digital platforms. This research aims to examine the effectiveness of Law Number 27 of 2022 concerning Personal Data Protection in ensuring the security of children's data on the TikTok platform. Using a normative legal approach, this study analyzes legislative provisions and legal principles related to the protection of child data. The results of the study show that although child data has been recognized as specific data that requires special protection, implementation in the field still faces various obstacles. Among them are weak age verification, lack of clarity of jurisdiction, low platform transparency, and the lack of technical implementing regulations. These challenges weaken the legal supervision of global platform organizers such as TikTok. Therefore, a derivative policy is needed that clarifies the mechanism of child data protection as well as the establishment of an independent supervisory authority. This research is expected to contribute in strengthening awareness of the importance of children's privacy rights in the digital era.

In the era of society 5.0, high percentage of internet penetration in Indonesia also poses one of the risks, namely related to the misuse of children and person with disabilities's privacy and personal data. Protection of children and person with disabilities's personal data in Indonesia is an urgency that needs to be immediately accommodated in Indonesia regulations. Unfortunately, according the existing regulations, the protection of children's personal data is only found in the Indonesia Personal Data Protection Law and merely regulated in three articles. The problems and challenges in providing legal protection for children and person with disabilities's personal data in Indonesia are in the need for regulations which comprehensively regulate the protection of children's personal data. The Indonesia Personal Data Protection Law can be amended by also including three points, namely: the meaning of special processing, parental and guardian consent, and limitations on the processing of children's personal data.