Published in: Background

Media literacy and data protection in children play important roles in learning how to safely use digital media in everyday life. Especially nowadays, there is no getting around digital media for children. Rather, in times of home schooling and childcare, digital media have become opportunities and open up new possibilities. However, there is often little time between home office and home schooling or childcare to deal fully with media literacy and data protection for children. In the current blog post we would like to offer parents, teachers or school officials a source of inspiration and go into more detail on how they can improve data protection for children through media literacy. This blog post was written with the pedagogical support of a pedagogue (24) from Leipzig and therefore deals with pedagogical / psychological aspects as well as data protection and technical conditions.

Media literacy and data protection for children
(c) Chuck Underwood / Pixabay

Children and media – The opportunities of using media offers

Children today are born into a media world. It is difficult to control children's internet activity if there are no regulated media use or data protection measures in place. Parents have a responsibility to their children to create a secure basis for the use of digital media. However, teachers and school officials also face important decisions related to student digital security, especially during times of pandemic. for example, you have to make the right choice of technology (software).

The fact is: Children should be able to handle digital media safely before they can use the Internet independently. This requires important foundations that consist of media literacy and data protection and that are laid by important decisions by parents and teachers. This includes, for example, education about the opportunities and risks of digital media, clear and age-appropriate regulations for the use and device safety of digital media

First of all, it is important to know what media literacy actually means and what data protection has to do with it.

Media competence means: developing the ability to use media for one's own purposes. This includes that children know how to use digital opportunities, but are also aware of the risks. What does this have to do with data protection? A lot of. Just as children learn from their parents not to go with strangers, media literacy also includes knowing how to protect personal data and carefully handling the information that remains on the Internet.

There are endless possibilities and opportunities to link digital media with educational topics in order to expand the learning experience of children using e-learning and children's apps. Classes, group work and lectures in school or handicrafts, exercise games and reading days in kindergarten - everything that usually takes place on site can now take place digitally. Thanks to a wide range of e-learning and video conference tools, pupils can connect with their class or kindergarten children who are not in emergency care can take part in everyday kindergarten life.

But digital media for entertainment and exchange are also gaining in importance in the private sphere, especially in times of social distancing. With the help of the wide range of learning apps, children's search engines or age-appropriate software, children can strengthen their interests, learn languages, search for inspiration and answers, get creative, or get in touch with friends and family. The opportunities are endless, but therefore caution is advised

Opportunities and risks are inextricably linked: When children take advantage of digital opportunities, they also take risks. If parents or teachers want to avoid taking risks, they are limiting the many options one has with digital media. The right balance is the solution! Because: Risks can be contained considerably through a high level of data protection and media literacy.

Contain risks through data protection and media literacy in children

If children - from a certain age - are aware of the risks involved in using digital media, they are mostly aware of how their personal information is handled. But that alone is not enough to contain the potential risks. Further measures for media literacy and data protection are decisive here. The following points explain the risks and how parents or teachers can manage to contain these risks in their children through media literacy and data protection:

Risk 1: Developmental disorder due to intensive use of the media in early childhood

A 2 - 3 year old child does not yet understand what to do with a smartphone and could rather feel overwhelmed or be flooded with stimuli. At this age it is much more important to encourage the child's creativity and imagination and to adapt employment opportunities to them, e.g. painting, coloring or kneading.

The solution: adapt media usage to age, interest and level of development

The use of digital media should not begin until children are able to understand the medium. This mostly depends on the child himself, his interests and the individual level of development. In kindergarten and elementary school age, children understand the different types of media and are increasingly interested in things, the digital events: online games, photography, drawing, etc. From here, parents can make a major contribution to media literacy. For example to show the children digital opportunities and how that use purposefully and to build a safe basis for handling with digitale media- using a combination of regulated media consumption and device safety.

Risk 2: Addictive behavior through excessive use of digital media

If there is no time regulation for the use of digital media or if there is no established media competence, addictive behavior can develop. Children then mainly use digital media to combat boredom or to escape reality.

The solution: agree on clear rules for use

The child should develop the ability to use media for their own purposes and to deal with them responsibly. For example, the child should understand why they want to use digital media. In order to regulate media use, it usually helps to agree on clear, age-appropriate rules for use right from the start, i. h.: Set media times and only make digital media freely available from a certain age. When parents are interested in what children do with digital media, it becomes easier to determine the right level of media use. This can significantly reduce the risk of addictive behavior.

Risk 3: Confrontation with unsuitable content

Once children are on the internet or on social media, the risk of data abuse, cyberbullying or inappropriate content (violence, pornography, extremism, etc.) increases.

The solution: limit Internet access according to age

Websites at risk of development lurk everywhere in the dimensions of the digital world. Children should be protected from problematic content. Before children can use the Internet, it is also important to take protective measures appropriate to their age. There are special children's apps for smartphones and various youth protection filters (protection software) or authorizations can be set up for the browser. In addition, it should be ensured that children only use tested e-learning software or children's search engines. In terms of social media, these are usually not suitable until the age of 16 as these services do not provide adequate security measures for younger users.

Risk 4: Cyber attacks by opening dangerous websites or links

Cyber criminals use various phishing methods to spread their malware on personal devices. Just one click on an infected link or a prepared website is enough to load a Trojan onto a digital medium.

The solution: limit Internet access according to age

It is very difficult for children to tell if this is a secure website or a confidential link. In this case, Internet access should therefore also be restricted according to age. For example, by setting a corresponding child protection (browser authorization, child mode, etc.) on the respective device, which protects against such websites, links or tempting advertising. As a further protective measure, it should be ensured that the respective device is up to date. This means regular updates and security updates for e-learning software, operating systems or anti-virus products. This gives attackers no chance of gaining unauthorized access through possible security gaps through outdated systems.

Before a child owns their own digital media such as smartphone, tablet or laptop, they should be aware of the risk of phishing and know that one should only open unknown links or websites with great caution.

You can read here how you can protect yourself against phishing attacks with the smallest of measures:

Risk 5: Data misuse through weak passwords and insecure websites

A password that consists of upper and lower case letters and numbers and has 6 digits can be cracked with a botnet from normal PCs in 3.25 minutes, while supercomputers only need 19 seconds.

The solution: set secure passwords and consider the security of the website

Parents and their child should define a secure password with 12 digits and a combination of upper and lower case letters, numbers and special characters. It should be noted that the login page is encrypted using SSL. Every website that requests personal data must be encrypted using SSL. Secure websites can be identified by a lock symbol on the left in the browser address line. If this symbol is not available, no personal data should be entered on this website.

If a child already has their own accounts, they should make sure that they use a different password for each account. It is also important that the password is changed regularly (every 3 months). You can find out more about password security here:

Risk 6: Data protection gaps in e-learning software or apps

Some e-learning software providers process personal data via a server that is located outside the EU. This raises questions of data protection law, because it is then not always certain whether the children's data will be treated in accordance with the GDPR. This could give third parties access to personal data and disseminate them. Insecure servers could also be a target for cyber criminals.

The Solution: consider the server location and the security of the data center when choosing e-learning software or apps

Eine DSGVO konforme Verarbeitung von Daten kann nur gewährleistet werden, wenn Daten über einen Server in einem Rechenzentrum in Deutschland oder der EU verarbeitet werden. Für einen hohen Datenschutzstandard ist also von Vorteil, dass sich der Server der verwendeten E-Learning Software oder App immer innerhalb der EU befindet. Lehrer*innen oder Eltern sollten sich vor der Nutzung informieren, welche Daten der Kinder gespeichert werden und der App oder E-Learning Software entsprechende Zugriffsrechte erteilen. Für Kinder, die freien Zugang zu digitalen Medien haben und bereits Informationen in das Internet eingeben, sollte ein achtsamer Umgang mit persönlichen Informationen Voraussetzung für die Internetnutzung sein. Zudem ist es wichtig, dass ein hoher Sicherheitsstandard im Rechenzentrum gegeben ist, damit Cyberkriminellen keine Angriffsfläche gegeben wird. Einen Hinweis auf Sicherheits- und Qualitätskriterien kann beispielsweise eine aktuelle TÜV-Zertifizierung geben.

In any case, it is recommended that schools pay attention to what e-learning software they use - but also that parents ask critically if the school uses applications that do not meet high security criteria. For example, teachers or parents could ask themselves: Which server is the children's data on? Where is this server located, in which country etc.? Which data are saved? This is especially important as the students themselves are not yet aware of such issues.

Secure and GDPR-compliant examples of e-learning software and video conference tools can be found here:

Each of us is aware of how quickly one can get lost in the vastness of the media cosmos. Without knowing it, confidential data ends up where we have no control over it. Nobody would let their children go to school alone if they hadn't even walked the school with the child. This should also be the case when dealing with digital media. Children should learn to use digital media consciously before they get lost in the media cosmos.

Summary - How to use digital media responsibly in accordance with data protection:

  • Use digital media based on age and level of development 
  • Educate children about opportunities and risks
  • Stay in touch and be the contact person for digital media
  • Adjust device security according to age (browser authorizations, password protection, child safety)
  • Create secure data protection basis for use (GDPR-compliant software, children's apps, SSL-encrypted websites)
  • Agree on clear rules for use according to age (media free times, etc.) 

We hope the blog post served as an inspiration for you to use digital media more carefully and to protect your children's privacy.

Do you have any other tips for using digital media safely for children? Then we would be happy if you email us at [email protected].