At Consult Hyperion we frequently discuss the implications of financial crime migrating online. You’re less likely to be mugged at the cashpoint but the online environment is of course open to a wider range of attackers, often well hidden, and operating in diverse geographies. Personally, I have little patience with those who cite the ‘Four Horsemen of the Information Apocalypse’: terrorists, drug dealers, kidnappers and child pornographers. It is, therefore, particularly refreshing to see a genuinely practical approach to child protection being promoted by TrustElevate, drawing on opinions expressed by young people themselves.
As Rachel states “the Internet wasn’t designed with children in mind”. Article 8 of the GDPR requires companies to obtain consent prior to processing children’s data. This implies the need to identify age bands for children and create safer spaces for them online. The PAS 1296 code of practice details the policy, quality and technical evaluations required for effective online age verification. This can provide a strong basis for managing financial inclusion, financial education and access to online environments. In the context of Open Banking, it can also be used to link children’s accounts to parental accounts, which already have strong KYC.
In an earlier role for Bebo, Rachel set up their abuse management systems. This highlighted the range of risks that children are exposed to, exacerbated by the tendency for children to exaggerate their age, often by 10 years, on registration. Drawing on this experience, TrustElevate has been working to implement zero knowledge processes based on vectors of trust, using authoritative data sources. This is a powerful means of promoting inclusion, not only for young people but also for adults who are financially excluded due to lack of formal documentation.
Rachel is also on the board of Trust Tiers, which promotes the use of the child rights impact assessment, amongst other initiatives. It provides practical, actionable information to coders in a format which suits their needs. Presenting the risks and harms, along with the means of mitigating those risks in different age bands, it aims to operationalise the duty of care. This is a natural extension of security by design, safety by design and privacy by design, all of which have progressively become standard requirements within the industry.
Investing in the next generation is the most important challenge for our society. Having raised a digital native, I recognise that it’s hard for my generation to fully grasp the implications of online child safety. In my youth, our greatest threats came from people we already knew, or people we met through CB Radio. While we can offer our support, we must be led by young people’s experiences, as technology continues its constant progression.
If you missed the webinar, you can listen to the recording here. We will be hosting further webinars in this series on 2nd December and 13th January but if you can’t wait until then, please contact Rachel O’Connell of TrustElevate for more information.