European Data Protection Board: Align Age Verification With GDPR Principles
The EU needs a consistent approach to age assurance, the European Data Protection Board (EDPB) said in a statement Wednesday after its Feb. 9 plenary. It set out specific guidance and high-level principles arising from the General Data Protection Regulation (GDPR) that it said should be considered when personal data is processed in the context of age verification.
Sign up for a free preview to unlock the rest of this article
The board said it prioritized requirements around GDPR principles such as lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, confidentiality, integrity and accountability. The statement focuses on the principles applicable to different online use cases, such as when a law sets a minimum age for buying products or using services that might harm children, or when there's a duty of care to protect children, such as by ensuring that services are offered in an age-appropriate way.
The EDPB also decided at the plenary to broaden the scope of its ChatGPT task force to include AI enforcement and create a quick-response team to deal with urgent sensitive matters (see 2502110003).