Surveying minors or under-age participants

Although our technology is capable of analyzing young faces, due to the varied regional legalities around both surveying and recording minors our recommendation is to not conduct facial coding tests on minors.

As a general rule, we recommend only testing on participants who are 18 years of age or older.

If it's absolutely necessary to conduct facial coding on minors, then it is extremely important that you familiarise yourself with the intended market's local laws regarding testing on minors. This is to ensure your own legal protection as well as ours. 

 

Testing on minors in the US: 

Illinois and California have stricter laws regarding testing on minors in comparison to the other states. We, therefore, recommend following Illinois law regardless of which US state you are testing in in order to guarantee the legality of your tests. 

Applicable Laws:

  • Children's Online Privacy Protection Act (COPPA) is a federal regulation issued and enforced by the FTC concerning children’s privacy. The Rule applies to operators of commercial websites and online services (including mobile apps and IoT devices) directed to children under 13 that collect, use, or disclose personal information from children. 
    • No processing for anyone under 13 years of age without verifiable parental consent -
    • Illinois is an exception, only as of 18 and California as of 16

Testing on minors in the EU: 

The minimum age requiring parental consent changes per country. As with the US, we would recommend following the strictest country's laws in order to guarantee legality. 

Applicable Laws:

  • General Data Protection Regulation (GDPR) EU
    • The minimum age for surveys varies by country (see chart below)
    • For children under the minimum age, Parental Consent is required
    • Data Controller must reasonably verify Parental Consent

Testing on minors in Australia:

Australia regulates data privacy and protection through a mix of federal, state, and territory laws. Most states and territories in Australia (except Western Australia and South Australia) have their own data protection legislation applicable to state government agencies and private businesses that interact with state government agencies. 

The Privacy Act 1988 (Privacy Act) protects an individual’s personal information regardless of their age.

The Privacy Act doesn’t specify an age after which an individual can make their own private decision. For their consent to be valid, an individual must have the capacity to consent.

As a general rule, an individual under the age of 18 has the capacity to consent if they have the maturity to understand what’s being proposed. If they lack maturity it may be appropriate for a parent or guardian to consent on their behalf.

 

Testing on minors in Japan:

If a person who is a minor does not have the ability to properly assess the consequence of consenting to the processing of personal information, it is necessary to obtain consent from a person who has parental authority or is the legal representative, etc. (Guidelines (General Rules), 2-12).

If the data subject is a minor, a legal representative may make a request for disclosure, correction, or suspension of use, etc. (Article 32, Paragraph 3, and Article 11, Item 1 of the Cabinet Order). 

An individual at the age of 18 and over are able to share their data online while taking Realeyes tests.

Current GDPR Enactment Status by EU Member State

Country

Age of Consent

Act/Law/DPA Directive

Enacted

Enactment Date

Austria

14

Austrian Data Protection Act 2018

Yes

2018.05.25

Belgium

13

Act of 30 July 2018 regarding the protection of individuals with respect to the processing of personal data (GDPR Implementation Act)

Yes

2018.09.05

Bulgaria

14

Bulgarian Personal Data Protection Act

Not Yet

NA

Croatia

16

The Act Implementing the General Data Protection Regulation (Cro. Zakon o provedbi Opće uredbe o zaštiti podataka)

Yes

2018.05.15

Cyprus

14

Law Protecting Natural Persons Regarding the Processing of their Personal Data and the Free Movement of such Data (No. 125(1) of 2018)

Yes

2018.07.31

Czech Republic

15

Draft law on the Processing of Personal Data (Zákon o zpracování osobních údajů; see Materiál in the section Přílohy)

Not Yet

NA

Denmark

13

Danish Data Protection Act

Yes

2019.010

Estonia

14

Estonia Personal Data Protection Act

Not Yet

NA

Finland

13

Act on Data Protection (1050/2018)

Yes

2019.01.01

France

15

Loi n°2018-493 on the protection of personal data

Yes

2018.06.21

Germany

16

Federal Data Protection Act

Yes

2017.06.30

Greece

15

Draft Law on the Protection of Personal Data (Νόμοσ για την Προςταςύα Δεδομϋνων Προςωπικού Φαρακτόρα)

Not Yet

NA

Hungary

16

Hungarian Data Protection Act (Act CXII of 2011 on the Right of Informational Self-Determination and on Freedom of Information)

Yes

2018.07.26

Ireland

16

Data Protection Act 2018 (Part 3, Ch. 1. Sec. 29)

Yes

2018.12.17

Italy

14

Delegation Act Law no. 163 of 25 October 2017 and Parere sullo schema di decreto legislativo recante disposizioni per l'adeguamento della normativa nazionale alle disposizioni del Regolamento (UE) 2016/679 - 22 maggio 2018

Yes

2018.09.19

Latvia

13

Law on Personal Data Processing (Likumprojekts. Personas datu apstrādes likums)

Yes

2018.07.05

Lithuania

13

Lithuanian Law on Legal Protection of Personal Data (Asmens duomenų teisinės apsaugos įstatymas)

Yes

 

Luxembourg

16

Luxembourg n°7184

Yes

2018.08.20

Malta

13

Malta Data Protection Act. and Processing of Child's Personal Data in relation to the Offer of Information Society Services (S.L. 586.11)

Yes

2018.06.01

Netherlands

16

GDPR Implementation Bill (Uitvoeringswet Algemene verordening gegevensbescherming, UAVG)

Yes

2018.05.22

Poland

16

Polish Personal Data Protection Act

Yes

2018.05.10

Portugal

13

Law proposal n.º 120/XIII for the implementation of the GDPR

Not Yet

NA

Romania

16

Pl-x no. 167/03.04.2018`

Yes

2018.07.26

Slovakia

16

Act on Data Protection (No. 122/2013 Coll.)

Yes

2018.05.25

Slovenia

14

Personal Data Protection Act – ZVOP-2

Not Yet

NA

Spain

14

Organic Law 3/2018 on the Protection of Personal Data and the Guarantee of Digital Rights

Not Yet

2018.12.06

Sweden

13

Data Protection Act 2018:218 paragraph 2:3

Yes

2018.04.18

The United Kingdom* (Non-EU member state as of 2021)

13

Data Protection Act 2018 (Ch. 2, Sec. 9)

Yes

2018.05.23

*There is a provision for Scotland to set a different age.

Testing on minors worldwide: 

Please carefully check the local laws of the applicable markets. 

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.