In June, a working group at Japan's Internal Affairs Ministry declined to endorse a blanket age-based social media ban for children, saying it was "not desirable." Although the group’s report is not yet final, its rejection of a blanket ban suggests a willingness to consider alternative approaches to protecting children online.
As Human Rights Watch said in our response, online safety measures should respect children's rights and, consistent with international human rights law, any restrictions on those rights should be lawful, necessary, and proportionate. A blanket ban fails that test.
The draft report proposes several safeguards, including requiring platform operators to conduct and publish risk assessments and protection measures, establishing an external mechanism to review those measures, and implementing default-on protections.
However, the report frames its recommendations as risk management measures rather than measures to protect children’s rights. A children’s rights approach starts by recognizing that children are entitled to a full range of rights guaranteed under the United Nations Convention on the Rights of the Child, which Japan ratified in 1994. The working group should ground its recommendations on the convention and Committee on the Rights of the Child’s General Comment No. 25 on the digital environment.
The government should also be more ambitious in addressing gaps in protecting children's data. Rather than relying solely on technical solutions that may be outdated as digital technologies evolve, policymakers should propose future-proof solutions.
Human Rights Watch research on educational technology products—including applications recommended by Japan’s Education Ministry —found that the vast majority of these products secretly surveilled children and sent their data to third parties for behavioral advertising.
The government should either amend the Act on the Protection of Personal Information to include comprehensive protections for children’s data or enact a new child data protection law with effective implementation, enforcement mechanisms, and adequate resources.
Such legislation should require companies to apply the most protective privacy and safety settings by default. Such settings should also include disabling recommendation algorithms, infinite scroll, and push notifications. Strong data protection safeguards could also help mitigate the privacy and human rights risk associated with collecting and processing children’s data for age verification purposes.
By placing children's rights and data protection at the center of this policy process, Japan has an opportunity to create a stronger model for protecting children online.