Editorial: Children's Voices on Privacy Management and Data Responsibilization

Contemporary children live in datafied societies in which they navigate and use technological innovations that drive on their personal information. Instructing privacy literacy is often presented as a key solution to help children manage their personal data responsibly. While there is agreement on the empowering potential of privacy literacy for children, there are also concerns over the burden that this responsibility places on them and their capacity for resilience. Children are key stakeholders in this debate. Nonetheless, we rarely hear their voices on issues related to their online privacy and data responsibilization. The articles included in this thematic issue account for this limitation by amplifying the voices of children, looking into the practices of parents and exploring the role of the tools being used.


Introduction
Children spend substantial amounts of time in online environments (Demeulenaere, Boudry, Vanwynsberghe, & De Bonte, 2020). These environments offer children various opportunities to play, interact and develop their selves. However, because they also bring new risks, it is important to safeguard children's rights when interacting with them. In this context of protecting children's rights online, the notion of children's privacy has come under scrutiny. When children navigate and experience online environments, they leave behind personal information. It is often assumed that one needs to develop privacy literacy, which can be understood as a constellation of certain awarenesses, skills and attitudes that help them to manage their personal information responsibly (Trepte et al., 2015).
While there appears to be agreement on the empowering potential of privacy literacy for children, scholars have lately voiced their concerns over the burden that this responsibility places on audiences (De Wolf & Joye, 2019;Livingstone, 2019). Privacy literacy assumes that children themselves are capable of managing their own privacy online. Society, however, can also play a role in mitigating such data responsibilization. By pointing towards the responsibilities of service providers and other stakeholders, society might be able to provide some relief to children from the burden to be cognizant, literate and responsible for their personal information. While this new perspective suggests a balance between child empowerment and protection, it appears difficult to obtain in our contemporary neoliberal society.
Given that children are key stakeholders in the debate over their online privacy, it is surprising that we know little about their opinions, perceptions and experiences (Stoilova, Nandagiri, & Livingstone, 2019). This is unfortunate, as their stories may inform about the narratives that they learn and (re-)produce regarding the responsibilities of the different actors involved. These narratives, in turn, can inform about the social position of children in contemporary digital societies. The purpose of this special section is to amplify the voices of children with regard to privacy management and data responsabilization. The articles collected in this volume cover a broad spectrum of issues, topics, theoretical frameworks and methods that are oriented towards the lifeworld of children. Combined, the theoretical and empirical studies illustrate the complex interplay between children's practices, perceptions and opinions on the one hand and the conglomerate in which they find themselves on the other.

Amplifying the Voices of Children
The first four articles in this thematic issue amplify children's voices on privacy management and data responsibilization. Although privacy is generally considered as a basic human right (cf. Warren & Brandeis, 1890) enabling people to determine how and to what extent they disclose information to, and withdraw it from others (cf. Westin, 1967), research shows that privacy is experienced and felt differently depending on one's relative position within society (Marwick & boyd, 2018). If we truly want to hear the voices of children, it is therefore necessary to take into account their relative position within the household, in which they are often highly dependent on their parents or legal guardians. Such an analysis can inform about children's relative position in not only the household, but also in general society, and how that position shapes the meanings assigned to privacy and personal data, above and beyond children's cognitive abilities and individual skill sets.
Laurien Desimpelaere, Liselot Hudders, and Dieneke Van de Sompel (2020) present such an analysis in their article "Children's and Parents' Perceptions of Online Commercial Data Practices: A Qualitative Study." Their article delves into the coping strategies and perceptions of children (aged 8-11) towards implicit and explicit forms of data collection for advertising purposes, interviewing both children and their parents. Although parents in their study express a certain level of knowledge with regard to data collection for advertising purposes and third-party usage, they mainly worry about 'stranger danger.' Children appear less cognizant about implicit data collection practices, but employ a variety of privacy coping strategies nonetheless (e.g., refraining from providing any personal details, or seeking parental guidance). Reproducing the perceptions and concerns of their parents, they formalized such strategies being mainly worried about malevolent parties. Desimpelaere et al. (2020) further demonstrate how parents and children care about privacy, but lack a full comprehension of various ways data are processed and used.
In "Strengthening Children's Privacy Literacy through Contextual Integrity" Priya Kumar, Mega Subramanian, Jessica Vitak, Tamara Clegg, and Marshini Chetty (2020) employ Nissembaum's contextual integrity framework to develop a new model of privacy literacy. Rather than focusing on factual or declarative ('knowing that') and procedural ('knowing how') knowledge, they instead "articulate privacy literacy as the practice of enacting appropriate information flows within sociotechnical systems" (p. 175). Drawing on interviews with 30 families (including 40 children), they validate their model by applying it to children's password management practices in an educational, family and friendship context. The results illustrate how password management practices differ between these contexts and how ascribing secrecy to passwords ("don't ever share your password with anyone") is not the most fitting transmission principle. Rather, passwords are shared with friends and family on the basis of trust. Kumar et al. (2020) therefore argue that-rather than merely memorizing and following rules that do not necessarily align with their practices-families need to "connect rules to norms and discuss rules in terms of contextually appropriate information flows" (p. 181) in order to allow children to grow, gain experience and develop privacy norms.
Using a context-sensitive ecological perspective, "Navigating Onlife Privacy: A Family Environment Perspective on Children's Moral Principles" by Joke Bauwens, Katleen Gabriels, and Lien Mostmans (2020) present findings of a focused ethnographic study with 10 socially privileged families in Flanders. Bauwens et al. (2020) treat the everyday family context as the primary realm of moral experience, in which children learn various principles to navigate 'onlife' privacy. They develop a theoretical lens that considers how individual, cultural and interpersonal moral values shape the process of concealing and revealing, and apply this lens in their inquiry of how families negotiate privacy. Based on participant observations and ethnographic interviews, the authors find that privacy is presented and established as a cornerstone of the household. While 'stranger danger' also informs the privacy practices of these families, Bauwens et al. (2020) found children to be morally motivated, as they "articulated a strong sense of co-responsibility in keeping their family safe" (p. 192). Interestingly, parents and children also expressed moral superiority when discussing the disclosing practices of other households.
In "Digital by Default: Children's Capacity to Understand and Manage Online Data and Privacy" Mariya Stoilova, Sonia Livingstone, and Rishita Nandagiri (2020) conducted group interviews with children and teens (age 11-16) to explore how they understand privacy in an interpersonal, institutional and commercial con-text. Using a contextual framework, the findings indicate that children employ many different privacy management strategies in interpersonal contexts and are familiar with the networked nature of the online environment. Even more significant, children first learn about interpersonal privacy and then "extend interpersonal assumptions to institutional and commercial contexts" (p. 200). However, they indicate how little agency and control they have in institutional and especially commercial contexts.
The above four articles are indicative of a paradigm shift in privacy research in the last two decades to not only focus on individual characteristics but also include interpersonal and contextual aspects of privacy (Bazarova & Masur, 2020;Nissenbaum, 2010;Stoilova et al., 2019;Trepte, 2020). This paradigm shift has now also made its way in privacy research on children. A question that remains, however, is how this shift can lead to a better protection of children's rights, as "neither a universalist approach centred on individual control nor a highly contextual approach to privacy is practical when it comes to protecting children's privacy in the current commercialized digital environment" (Stoilova et al., 2020, p. 198). In that context, a relevant observation that the above studies share is that children may show interest, but are not necessarily cognizant about commercial privacy. This means that parents have an important role in educating children and negotiating privacy norms. As the second set of articles in this thematic issue show, this parental mediation of privacy comes with its own challenges, as parental practices can generate risks for children's privacy.

Intimate Surveillance and Sharenting
While the rise of dataveillance (van Dijck, 2014) evokes widespread academic and public attention, lesser attention seems to go out to practices of surveillance in intimate relationships. In the context of children's privacy, the notion of intimate surveillance as coined by Leaver (2015) is especially valuable. Leaver defines intimate surveillance "as the purposeful and routinely wellintentioned surveillance of young people by parents, guardians, friends, and so forth" (Leaver, 2015, p. 153). Although caregivers often frame intimate surveillance as a care practice (Balmford, Hjorth, & Richardson, in press), the fifth and sixth articles in this thematic issue suggest its implications for child privacy can be profound.
First, in "'The Kids Hate It, but We Love It!'-Parents' Reviews of Circle," Davide Cino, Giovanna Mascheroni, and Ellen Wartella (2020) explore parental perceptions of intimate child surveillance by analyzing the discourse in 154 online reviews of the popular screen-time management and parental control device Circle. The reviews suggest that Circle users promote a restrictive form of parental mediation, by equating responsible parenting with controlling and monitoring your children. Paradoxically, while some parents describe Circle as a technology that temporarily reliefs them from the bur-den of 'intensive parenting' (cf. Lim, 2019), their use of the technology reproduces the very notion of the responsible parent as an ideal. As such, few reviews raised concerns about children's privacy, let alone critiqued the lack of children's agency.
Second, in "Privacy and Digital Data of Children with Disabilities: Scenes from Social Media Sharenting," Gerard Goggin and Katie Ellis (2020) argue that sharenting, a practice where parents share personal information about their children in social media, can be especially problematic in the context of the privacy of children with disabilities. Prior research shows that, overall, parents have the best interests of their children in mind when engaging in sharenting (e.g., showing that they are committed parents, or developing a digital family photo-album; Blum-Ross & Livingstone, 2017). However, the agency of children in this process is often limited (Ouvrein & Verswijfel, 2019). This is especially the case for people with disabilities, who often need to disclose personal information in exchange for obtaining care or receive accommodations. Paradoxically, "children with disability are rarely considered the owners of their private information. From their parents, to charity organizations to medical discourse writ large, the private lives of children with disability are considered public domain" (Goggin & Ellis, 2020, p. 221). Hence, personal information needs to be shared and is considered public. This observation perfectly illustrates how added layers of complexity further limit the agency of children with disabilities on top of general structural restraints of children. As the final article in this thematic issue shows, this issue cannot be solved simply by involving children in technology and privacy design.

Designing Technologies with and for Children
In "Designing Technologies with and for Youth: Traps of Privacy by Design," Bieke Zaman (2020) argues that involving children in privacy design is an important step towards protecting their rights. In her critical sociotechnical reflection of the field, she identifies three traps to participatory design research with children: relying on guidelines that assign limited decision power to children, approaching children as consumers rather than citizens, and creating conditions that are actually superficial or misleading rather than empowering. These traps have profound implications for privacy-by-design efforts, and require a design agenda that rethinks traditional notions of participatory design. This agenda, Zaman (2020) argues, should move beyond making the 'right' design choices to mitigate risk or harm by also addressing the unique experiences and meaning-making processes of children living in a data-driven society.
Together, the seven articles in this thematic issue highlight the importance of adopting a holistic and contextual perspective, as it is impossible to discuss children's privacy without acknowledging the role and the practices of parents and other persons in their lives, as well as the broader context of a datafied culture in which attention is commodified. As such, we hope that this thematic issue takes the debate on children's privacy and data responsibilization one step further. On a final note, we would like to highlight how the empirical studies included in this thematic issue mainly focus on privacy and data responsibilization with regard to social media and smartphones. The emergence of The Internet of Things (IoT) further enables interconnections between people and objects, also leading to ambient and ubiquitous devices within households. Smart speakers, thermostats, personal assistants, cameras, and other such technologies permeate Western households and are becoming a central feature of the 'networked family.' Evidently, always-listening or always-watching speakers, screens and cameras raise significant privacy challenges on multiple fronts for all household members, including children. Indeed, much remains to be investigated to further understand privacy among children, stimulate empowerment and mitigate responsibilization.