WhatsApp has revealed that it’s planning to raise the minimum age for users in Europe from 13 to 16, in order to comply with new EU rules around data protection.
The General Data Protection Regulation (GDPR), which comes into force in May, will change the way businesses can use data, raising the bar consent-wise. One of the rules is that 16 will become the minimum age at which a person can join an online service without the consent of their parents or guardian.
However, it’s hard not to see this as another case of a tech company paying lip service to the law given that WhatsApp has not revealed how it will maintain the new age controls, which is clearly the most important aspect of its new rule. Facebook already bars under-13s from signing up (although founder Mark Zuckerberg has in the past bemoaned this restriction), but it’s well known that a large portion of Facebook users haven’t quite reached their 13th birthday. They simply pretend that they have, because there are no immediate consequences for doing so, apart from maybe a slight twinge of guilt.
And it’s not difficult to work out why this is happening – there is no major obstacle to simply ignoring the age limit. The social network requires no proof of age, so any kid who can access the internet and doesn’t feel any qualms about lying to a website can jump right in to the fun of Facebook.
There is nothing to suggest that this won’t happen with WhatsApp. The company, which is owned by Facebook, could of course demand proof of age. However, it’s unlikely the service will embrace an onerous sign-up process that risks putting off prospective users before they’ve even downloaded the app.
If we’ve learnt one thing from the Cambridge Analytica saga it’s that the way to make a tech firm take action is to hit it where it hurts – in the financials.
Facebook’s market value was slashed by tens of billions in wake of the “data breach” revelations, with the stock suffering its biggest drop in four years as it struggled to contain the crisis. This is what prompted the group to bring out the big guns, namely Mark Zuckerberg himself making an unprecedented appearance before US politicians in spite of his traditionally extremely carefully managed public presence.
If teenagers find a way to get around WhatsApp’s age requirement, which they surely will because the messaging service doesn’t seem to be putting up any actual barriers to this happening, will the company be forced to cough up? The flimsy nod to compliance that was announced this week is a sign that WhatsApp isn’t taking the new rules seriously.
We may just have to wait for the financial implications of failing to live up to GDPR requirements to become clear to see what real action the company can take. According to the legislation, fines will go up to either €20m (£17.5m), or 4 per cent of annual global turnover – for a company like Facebook, the sums would be astronomical. Hopefully it won’t take too many costly crackdowns by the EU to encourage tech firms to set out a clear cut way in which they plan to take GDPR seriously.