This article analyses child data protection on the Internet and in the context of modern technology. Article discusses Problems of legal regulation in Lithuania and other European Union countries. The protection of children’s data faces the following challenges: 1) how and what form the consent, which is obligatory under the GDPR, of the child to the processing of his or her data should be provided; 2) the issue of parents’ virtual consent to process their child’s data; 3) processing of the child’s data on the Internet; 4) problematic aspects of facial recognition technologies, examples.