The Indian government's upcoming bill on data protection might seek to lower age of consent to access content on the Internet without parental control from the earlier-sanctioned 18 years, according to an Indian Express report.
The change the Indian government is trying to bring about with this law is along the lines of legal standards in several European countries and also the United States.
How have India's previous data protection laws defined a child?
Over the years, India has brought several changes to its data protection policy, with the earliest coming in the 2019 Data Protection Bill. This bill was made in accordance with the Justice Srikrishna Committee report, that had defined anyone below 18 as a child.
This bill was referred to a Parliamentary Joint Committee, which concluded that anyone in the age range of 13-16 should be identified as a child.
Then came the Digital Personal Data Protection Bill, 2022. In this bill as well, people under the age of 18 were defined as children.
In the new data protection bill, a child has been defined as an “individual who has not completed the age of eighteen years or such lower age as the Central Government may notify”.
How does the world define who is a child?
The EU’s General Data Protection Regulation (GDPR) defines anyone who age is lower than 13 as a child.
USA’s Children’s Online Privacy Protection Act (COPPA) has also defined anyone who is under the age of 13 as a child. In the US, in order to process someone's personal data, one has to take the permission of the former's parents if the individual is under the age of 13.
Australia's 1988 Privacy Act does not define the age of who should be considered an adult. Instead, vis-a-vis data protection issues, it considers consent to be valid only if the individual has the 'capacity to consent'.
According to the legislation, a company handling the personal information of a person under the age of 18 must evaluate each individual's capacity to give informed permission. According to Australian law, a person who is younger than 18 has the competence to consent if they are mature enough to comprehend the proposal. It may be appropriate for a parent or guardian to consent on their behalf if they lack maturity.
China’s Personal Information Protection Law (PIPL), meanwhile, states that permission is required to handle data of anyone who is younger than 14.