French law mandating parent controls on device apps takes effect

The ‘Studer’ law applies to manufacturers of connected electronic devices sold on or after 13 July. It is aimed at making it easier for parents to control how their children use devices and at protecting children’s physical and mental health, by erecting barriers to pornographic material, hateful or violent content, and criminal, terrorist and paedophile networks.

Paris-based technology law expert Annabelle Richard of Pinsent Masons said the initiative is part of a wider drive by policymakers across Europe to enhance protections for children online.

“This is a controversial law that is now enforceable, despite the fact there is a legal challenge raised against it by a French industry body representing video game publishers before the French courts,” Richard said.

“Protecting children from online harm is a common concern across Europe and is reflected in legal requirements in legislation like the EU Digital Services Act (DSA), both the EU and UK General Data Protection Regulation (GDPR) and the UK’s Online Safety Act. However, the new Studer law goes further on parental controls than has been required elsewhere to-date – though similar legislation will become fully effective in Italy in September and could also be followed by other new laws in Germany and Spain that are in the pipeline,” she said.

“Device manufacturers, like other technology companies, would prefer a more harmonised approach to child protection measures, because having to adapt products and services to local market requirements creates both technical challenges and added cost,” Richard added.

The Studer law imposes restrictions on data processing which go beyond GDPR requirements – such as by prohibiting the use of data collected by parental controls from being used for "profiling". Richard said, though, those restrictions could be viewed as excessive and as preventing parental control systems from being operated in an optimal way, highlighting how the use of data from parent controls for profiling could be used in a positive way to enhance child safety online.

Richard added that it is unclear how device manufacturers will in practice be able to meet their legal obligations to control access to all unsuitable apps, given that users could choose to download apps from third party app stores rather than from the app stores they operate. She said manufacturers will also be reliant on the accuracy of content classification undertaken by independent bodies to be able to apply controls on app downloads and access appropriately.

“The text that is supposed to specify how the law should be implemented leaves a lot of uncertainties and margin for interpretation,” Richard said.