Professor Steeves is the expert in this area, so I hate to take a different position. But I have to say that we've seen an attempt to try to target kids, from a privacy perspective, in the United States, with COPPA, the Children's Online Privacy Protection Act, which sought to have specific protections, and, essentially, parental oversight and consent for kids under 13. This legislation is a joke.
My kids are actually similar in age to yours, although I have one more. They're in this world as well. The notion that a company would say, “Hold on a second, we're not going to collect any of that information until we get your parents' consent. We're not going to collect anything at all...”.
The truth is, there are peer pressures. There's a desire to be there. Frankly, there's an awful lot of good that comes from this environment as well.
The idea that we can set specific rules that say that they're simply not going to collect or that they're going to get stronger consent we've seen for almost 10 years. There was a legislative attempt in the United States. I think it fails miserably, because the kids are smart enough to know that they can get around it if they want, and the companies will just look the other way as they know that it's happening.
From my perspective on these issues, we need tough standards that are enforceable. We need real order-making power from the Privacy Commissioner's perspective, with the potential for penalities when people overstep. And it would apply to all.