The scale of data collected on children is staggering, largely invisible, and inherently harmful. Every click, pause and swipe contributes to a profile that shapes what children see, what they are sold, and how long they remain online. Children’s information, including, at times their live location, is often exposed. This is not just about advertising; it is about influence, exposure and harm. Data and privacy remain critical, and often overlooked, components of effective child protection frameworks.
In this interactive Policy Lab, participants will work in small groups to examine legislation and policy frameworks, drawing on insights from the development of the Australian Children’s Online Privacy Code. Together, we will explore how data protection intersects with online safety, and where current approaches fall short.
Grounded in a child rights approach, the session moves from analysis to action, identifying gaps and generating practical policy solutions to strengthen child protection in digital environments.
1) Yanti Kusumawardhani, Representative on Children’s Rights, ASEAN Commission on the Promotion and Protection of the Rights of Women and Children
2) Muhamad Nuzul, Online Safety Lead, ChildFund Australia;
3) Rys Farthing, Director of Children’s Policy, Reset.Tech; Professorial Research Fellow, University of Canberra;
4) Representative, Attorney-General’s Department (confirmation pending)
1) To analyse how child-centred data privacy policy can strengthen child protection in digital environments, drawing on global frameworks and Australia’s Children’s Online Privacy Code;
2) To translate insights from policy and practice into practical approaches for embedding child rights and participation in privacy regulation;
3) To co-develop actionable policy and implementation recommendations to address gaps in accountability, cross-border governance, and protection of children’s data
The session is designed as an interactive Policy Lab rather than a traditional panel. Using an interactive, mixed‑format methodology session hosts will move participants from shared understanding to collaborative problem‑solving.
The session will begin with a short, moderated fireside chat with presenters to ground participants. This will include:
1) A global landscape review of privacy regulation from a child rights and protection perspective from Reset.Tech;
2) A discussion on embedding children’s voices from ChildFund; and
3) An analysis of how regionalism can strengthen the protection of children's data in increasingly globalised digital ecosystems from the ASEAN Commission on the Promotion and Protection of the Rights of Women and Children ; and;
4) A focused discussion on the co-design process of the Australian Children’s Privacy Codes and their early implementation insights as a critical case study from the Attorney-General’s Department .
Participants will then transition into facilitated small group policy labs that deliberately mix civil society, policy actors and practitioners; facilitated by child protection and online safety experts . Working in cross-sector groups, participants will address targeted policy challenges such as accountability mechanisms, cross-border enforcement, and embedding child participation. They will work hands-on to identify current gaps in national and regional child online privacy policy and to co-design practical, forward-looking solutions informed by child and youth participation, technological realities and regulatory constraints. Each group will produce 2–3 concrete policy or implementation recommendations, which will be synthesised into a collective output during the session. The session prioritises dialogue over presentation and peer learning over consensus‑building.
