We’ve all heard about the Facebook fairytales, where two long lost loves reconnect over friend requests and mutual “likes” or the enterprising college grad who snagged a recruiter’s attention via Twitter and landed the job of a lifetime fresh out of school. But for every one of these success stories, there are countless nightmares.
For Lindsay Paris, the horror began when she realized that a stranger who had liked her crimson-haired, 18-month-old son’s photo on Facebook later stole the photo and used it as her homepage image. The perpetrator—a 16-year-old girl—later took down the photo of Paris’ son, but not before noting that she had always wanted a redheaded son of her own. Sounds pretty creepy, but as it turns out, this instance of “digital kidnapping” wasn’t the first or the last. While privacy notices have become fairly ubiquitous in most parts of society, they are still nonexistent online, where children make easy marks.
To remedy the results that can occur from online privacy breaches—ranging from the simply annoying to the downright dangerous—Representative Jared Polis (D-CO) and Representative Luke Messer (R-IN) recently introduced a new bill in Congress that would protect the digital privacy of adolescents.
As the COO of Private.me, a secure hub of online privacy tools that keeps personal data private on the internet, Robert Neivert is an expert in this space, and here, we talk to him about the Student Digital Privacy and Parental Rights Act of 2015 and what parents need to know to keep their kids safe online.
What are the key points of the new bill, and what do parents need to know about it?
The Student Digital Privacy and Parental Rights Act of 2015 is modeled after a California online privacy law for students that already passed. To summarize, for students in aged kindergarten through 12th grade, operators of websites, apps or other services cannot:
- Sell the student’s personal information to third parties, thereby disclosing the student’s personal information to advertisers
- Use personal profile information except for school-related purposes
- Have the ability to download the children’s work
- Sell the information as part of a merger or acquisition as long as the acquiring company also follows these laws
Additionally, companies are allowed to use aggregated information about the children for the purpose of product development, but the app, service or website must also give parents access to the information about their child.
This is a big step forward for the privacy of children. Without this law, or something similar, companies can use the data to target ads, sell services, etc. based on the educational information. This could be very upsetting. Although a targeted ad for math tutoring after a bad math grade might not be so bad, imagine if companies could see your children’s disciplinary records and target ads using those.
Parents need to know to still keep track of this online information, spending the time to check the information and its accuracy. It is a lot easier to correct issues right away, before it propagates.
We mostly think of privacy as an adult issue, but why is it an issue for kids as well?
There are several reasons why it is much worse for children. Cloud data never dies. Ask any child who has been cyber-stalked how terrible it is to have your personal information out there. Without laws like this to protect our children, their entire educational experience would be usable not only for advertising, but for colleges, and future employers. The education system is mandatory; there is no opt-out. Children must use the school systems, so if the data could be reused, what would stop its abuse?
Children are vulnerable to ads and other marketing tactics. They have not been around long enough to ignore ads, or at least take their claims with some suspicion. With educational data, imagine what those ads might be.
Also, any information cannot be deleted once it is out there, so it lives forever, following children throughout their lives. Imagine if every misstep you ever took in life is available to your next employer? This is almost an impossible burden.
What are some of the most common breaches of online privacy related to kids?
The most common issue is actually the kids themselves sharing inappropriate images and information. They fall into a range of categories, but mostly they are:
- Involuntary—where the child’s image is taken without consent, for example, in a bathroom or, perhaps, after a bully had torn their clothing.
- And voluntary—like when friends take inappropriate pictures or share information that is very private, but wait a while to release it (often times after the children fight or disagree on something).
When children over-share on Facebook, Instagram, etc., they don’t realize that the image of them doing something inappropriate will live forever and be held against them for years to come. This is common and increasingly problematic. Cyberbullying is also increasingly common in many forms.
What is the best way for parents to protect their children now, even before the new bill is passed?
Monitor and check your children’s social media accounts. Try to educate them as best you can about the issues of sharing information, and how it can be harmful to them in the future.
Consider family apps on mobile devices such as Life360 that help track and keep families communicating in a private way. Educate kids about ads and media in general so they know how to deal with targeted ads. And be careful who you give their information to; social security numbers are very difficult to change so give it out sparingly.
Educate your children about dealing with cyber stalkers or cyber bullies before it happens. With apps like Secret and Yik Yak that are often used by bullies, there is a significant chance of at least some incidence of it. This means you need to be prepared to help your child deal with the trauma since not all of it is avoidable.
Regarding photos, what do parents and kids need to know before posting them online?
Only post what you would be okay with being public. It is very easy for private sharing to suddenly become public, so only share what is okay if it is fully public. Otherwise don’t share it on a social media site. Use a secure system.
What’s the best way for parents to impress upon their children the need to be vigilant about maintaining their privacy, even though kids are typically more relaxed about these issues?
It is difficult to impress upon kids ideas that might or might not effect them and perhaps not for a long time. The child just has not experienced how negative this is, so it is hard for them. For this reason, we recommend rules early on, and later rely on judgment. So the younger your children are, the more you should just set a clear simple rule to follow.
For example, for very young children, you should have the password to their Facebook page, and you should log them in. Later, once they are better educated, you can let them log in, but you should be on their friends list so you can see what they post. Later still, you can let them remove you from their friends list.
I have also found that making it clear that children have to follow strict rules for now, but that they can earn the right to more freedoms later, seems to help. As they show good judgment you can relax the rules.