Abstract
Today, increasing children’s use of smart phones and the development of ‘smart toys’ has led to an increase in various risks to children’s personal data. The data subject’s consent plays an important role in protecting personal data under the current data protection law. However, children’s ability to consent to the processing of their personal data is generally considered to be insufficient. Therefore, it is necessary to consider how to obtain the consent to the processing of children’s personal data. US COPPA and EU GDPR set the age threshold from which children are treated as legally competent to consent and require parental consent with respect to children under that age. It is necessary for Japan to examine the appropriate age threshold from a normative perspective. Moreover, the appropriate mechanisms for age verification and obtaining parental consent should be examined from a practical perspective.
