Singapore: Adopted PDPC Advisory Guidelines on the PDPA for Children's Personal Data in the Digital Environment

On 28 March 2024, the Personal Data Protection Commission (PDPC) adopted the Advisory Guidelines on the Personal Data Protection Act (PDPA) for Children's Personal Data in the Digital Environment. These guidelines provide comprehensive measures to ensure the protection of children's personal data in the digital space. The scope of the guidelines covers any online product or service likely to be accessed by children, including social media platforms, educational technology (EdTech), online games, and smart devices, and requires organisations to adopt age-appropriate communication strategies. The consent protocols outlined require organisations to obtain valid consent from children between the ages of 13 and 17 and mandate parental consent for children below 13. The guidelines provide reasonable purposes for collecting, using, and disclosing children's personal data. Organisations are encouraged to conduct Data Protection Impact Assessments (DPIAs) to ensure accountability and to identify and mitigate potential risks to children's personal data.