아동ㆍ청소년의 개인정보 보호에 관한 비교법적 검토

As advanced intelligent information technologies such as artificial intelligence (AI), Internet of Things (IoT), and platform algorithms penetrate deeply into our daily lives, the protection of personal information of children and adolescents is emerging as a key agenda that requires constitutional discussion beyond technical regulations in individual fields. Children and adolescents, the generation most closely exposed to the digital environment, carry out education, communication, and play in online spaces, but in the process, they are placed in a structural environment in which vast amounts of personal information are continuously collected, combined, analyzed, and predicted. This paper examines the regulatory frameworks governing the protection of children’s personal data in major jurisdictions, including the European Union (EU), the United Kingdom, and the United States, with particular emphasis on emerging digital environments shaped by platform services, artificial intelligence, and algorithmic data processing. The EU’s General Data Protection Regulation (GDPR) identifies children as data subjects requiring enhanced safeguards and establishes explicit obligations such as restrictions on profiling, strengthened transparency duties, and child-appropriate design requirements. The United Kingdom further institutionalizes a developmental approach through the Age-Appropriate Design Code, which mandates risk-mitigating default settings, data minimization, and service-design principles tailored to children’s cognitive maturity. In the United States, a sector-specific legislative framework—represented by COPPA and California’s child-centered statutes—reinforces strict controls on age verification, commercial data use, and algorithmic practices. By analyzing these comparative legal models, this study demonstrates that Korea’s regulatory regime must move beyond incremental adjustments to protective provisions and instead develop a comprehensive normative architecture that foregrounds the protection of fundamental rights in digital environments. The findings underscore the need for differentiated, developmentally attuned safeguards, enhanced platform obligations, and an integrated statutory framework capable of responding to the evolving risks that children and adolescents face in data-driven societies. This study advances a normative perspective that children and adolescents in the digital society must be reconceptualized not as passive objects of protection, but as active and autonomous data subjects. Such a framework requires establishing a legal order that ensures the constitutional values of human dignity, informational self-determination, and the best interests of the child are not undermined amid rapid technological developments. The analysis presented in this paper is intended to contribute both academically and policy-wise by offering foundational insights for future legislative reforms and regulatory design aimed at safeguarding children’s rights in an increasingly data-driven environment.