British children will get the right to know when their parents are spying on them online under a binding code for technology firms, a data watchdog announced on Wednesday.
Companies must tell children if their products include parental controls to limit access or watch over them and offer an "obvious sign" to show when they are being monitored under the new code from the Information Rights Commissioner (ICO).
Digital rights campaigners praised the step as progressive.
"It's very important that a child understands the context of tools being applied to them," said Jim Killock, executive director of the Open Rights Group, a nonprofit.
"This is exactly the sort of area where you can easily have societal overreach with parents being too worried and the rights of a child being severely impacted in the name of child safety," he told the Thomson Reuters Foundation.
The code must be approved by parliament and is expected to be in full force late next year, said the ICO, an independent body with a remit to uphold information rights.
It comes amid growing debate over how much online privacy young children should have, as mummy bloggers build careers using their children's images and families install tracking apps on mobile phones to check up on them.
The ICO said parental controls to monitor internet browsing and tracking tools were valuable in keeping young people safe, but should be balanced against their right to privacy and transparency.
The code, which covers online platforms and apps as well as web-connected products such as smart toys, will also require children's privacy settings are set to high by default and ban moves to nudge children into sharing extra personal data.
"Children's privacy must not be traded in the chase for profit," said information commissioner Elizabeth Denham in a statement.
"In an age when children learn how to use an iPad before they ride a bike, it is right that organisations designing and developing online services do so with the best interests of children in mind."
The ICO said it would act against companies that failed to uphold the 15-point code in full, with powers to punish breaches of data rights with fines of up to €20 million euros ($22.17 million) or 4% of annual turnover in the most serious cases.
($1 = 0.9023 euros)
Source: Reuters (Thomson Reuters Foundation) 22 January, London
Reporting: Sonia Elks