Section 4

International Standards & Frameworks

The global frameworks shaping child online protection — from UN treaties and ITU guidelines to IEEE technical standards and OECD policy recommendations.

7 Articles Policymakers Tech Companies

The Standards Landscape

Multiple overlapping frameworks guide child online protection globally. Understanding how they interact helps organizations choose the right approach for their context — and identify where to start.

Government Policymakers

ITU Child Online Protection (COP) Guidelines

The International Telecommunication Union's Child Online Protection Guidelines represent the most comprehensive global framework for national-level COP strategy — with dedicated guideline sets for children, parents and educators, industry, and policymakers. This deep dive traces the framework's evolution from its 2009 origins through the 2020 update and the 2025 Global Principles of Protection, currently under development. Covers ITU's National COP Assessment methodology (deployed in 13 countries to date), the COP Indicators framework used to benchmark national maturity, and the extensive training library available in all 6 UN official languages — making ITU COP guidelines the entry point for policymakers in countries without existing frameworks.

10 min read
Policymakers

WePROTECT Model National Response (MNR)

The WePROTECT Global Alliance's Model National Response is the most widely adopted structured framework for building a comprehensive national child online protection system. Used by 42+ governments as their primary planning reference, the MNR organizes national action across six essential domains: legislation and policy, prevention and awareness, law enforcement capability, private sector engagement, data and research, and victim identification and support. The associated four-phase Maturity Model (Building → Enhancement → Integration → Maturity) gives governments a clear benchmark to assess current capacity gaps and prioritize investments. Includes analysis of the Global Threat Assessment findings and how the MNR has been adapted for different regional and resource contexts, from the UK to Rwanda to Indonesia.

8 min read
Tech companies

IEEE 2089 — Age Appropriate Digital Services Framework

IEEE Standard 2089 represents a landmark in the technical standardization of child-safe digital services — the first internationally recognized technical standard for age appropriate design, building on the 5Rights Foundation's Child Rights by Design Principles. The 2089-2021 standard establishes requirements for digital services likely to be accessed by children, while the 2089.1-2024 companion standard (developed with significant Indonesian government input) specifically addresses age verification and assurance mechanisms — including the AVID certification scheme for age assurance products. With Indonesia mandating IEEE 2089 compliance for electronic system operators (2025), this is no longer a voluntary best-practice framework but an emerging compliance requirement in key markets.

7 min read
Policymakers Researchers

OECD Recommendations and Research

The OECD has emerged as a central evidence-gathering and policy-recommendation body for child online protection across its 38 member economies. This article covers three landmark publications: "Towards Digital Safety by Design for Children" (2024) — the first OECD report to systematically map safety-by-design implementation across jurisdictions, identifying eight core components now referenced in EU and UK regulatory guidance; the Recommendation on Children in the Digital Environment, which established the OECD's normative position on children's rights in the digital context; and "How's Life for Children in the Digital Age?" (2025), the most comprehensive comparative wellbeing data set covering children across OECD countries, showing significant divergence in both online risk exposure and protective infrastructure between member states.

7 min read
Tech companies Policymakers

UNICEF Guidelines for Industry

UNICEF's industry-facing guidance translates the UNCRC into operational tools that digital companies can apply directly to product development, risk assessment, and governance. The centerpiece is the Digital Child Rights Impact Assessment (D-CRIA) Toolbox — a structured methodology for companies to identify, assess, and mitigate the child rights impacts of their products and services. Now cross-referenced in EU DSA Commission guidance as a recognized methodology for conducting fundamental rights impact assessments. Also covers UNICEF's Children's Online Privacy and Freedom of Expression guidelines, the Best Interests of the Child framework for platform decision-making, and how D-CRIA outputs are increasingly expected by investors and regulators as evidence of responsible practice.

6 min read
Tech companies Designers

5Rights Child Rights by Design Principles

The 5Rights Foundation's Child Rights by Design Principles have had an outsized influence on the global child online protection architecture, shaping three of the most consequential frameworks in the space: the UK Age Appropriate Design Code (whose 15 legally binding standards directly reflect 5Rights principles), IEEE Standard 2089 (which cites 5Rights as its foundational normative framework), and UNCRC General Comment 25 (which incorporated 5Rights' language on children's participation in digital spaces). This article explains all five rights — to remove, to know, to safety and support, to informed and conscious use, and to digital literacy — and provides specific, implementable design guidance for each. Essential reading for product managers, UX designers, and compliance teams building or auditing services that children will use.

6 min read
All Decision-makers

Comparative Overview — Which Framework Should You Follow?

With seven major international frameworks, overlapping standards, and rapidly evolving regulatory requirements across 10+ jurisdictions, knowing where to start is one of the most common challenges for organizations beginning their child safety journey. This decision-tree guide cuts through the complexity: government agencies in lower-income countries should start with ITU COP and WePROTECT MNR; tech companies in the EU/UK face mandatory compliance with DSA and OSA but can use IEEE 2089 and 5Rights to exceed those requirements; NGOs and researchers will find the OECD and UNICEF frameworks most directly applicable. Includes a side-by-side comparison matrix covering applicability, binding vs. voluntary status, stakeholder target, complexity of implementation, and the regulatory regimes that reference each framework.

8 min read