Post in our forum for parents, teens - You! - at ConnectSafely.org.

Friday, April 18, 2008

UK government's guidelines for social sites

As I mentioned last week, two milestone documents out of the UK have just been released, one a 200-page report requested by Prime Minister Gordon Brown and called "The Byron Review," and the other a set of guidelines for social-networking-service best practices issued by the Home Office itself . Both have worldwide relevance not just because they're about a worldwide medium that's universally popular with youth but also one that allows for ever increasing interaction, social action, and collaborative media-producing and -sharing on an international level. I took a look at the Byron report last week. This week:

UK Home Office's guidance for social-networking sites


The guidelines are surprisingly digestible for a document coming from a government. The actual "Recommendations for Good Practice" are only about eight pages long (see p. 24), and they also come in convenient checklist form (p. 60). The whole report can be downloaded here.

1. Positives

Congrats in order. Everyone involved in these guidelines should be congratulated for the milestone the document represents. Consensus-building on this subject among commercial services, government agencies, child-online-safety advocates, and law enforcement in a medium still so little understood - the social Web - has proven to be difficult in my own country.

Based on solid research. For a practical understanding of a teen's-eye-view of Net use, don't miss "Children's Use of the Internet," p. 14, based on the research of Sonia Livingstone and colleagues (she is a social psychology professor at the London School of Economics & Political Science). Showing the difficulty of reaching child-online-safety consensus, she writes that "views on young people's development are often polarised." On the one hand, "children are seen as vulnerable, undergoing a crucial but fragile process of cognitive and social development to which technology poses a risk by introducing potential harms into the social conditions for development and necessitating, in turn, a protectionist regulatory environment." The other view holds that "children are competent and creative agents in their own right, whose ‘media-savvy’ skills tend to be underestimated by the adults around them, with the consequence that society may fail to provide a sufficiently rich environment for them." I agree with her that "finding a position that recognises both characteristics is important." [See also "Children and the Internet," Appendix B, p. 46, which is just over 4 pages in length, and all the great footnotes and appendix material referring to great work from many researchers.]

Something for everybody. The full document covers a lot of ground for audiences with all degrees of understanding - from defining social networking to considering why it's popular with youth to covering online bullying, self-harm, sexual exploitation, Webcams, and where criminal law comes in.

"Disinhibition" understood. Guideline 9.4 reflects what we know of this online condition that allows "space" between bully and victim as a contributing factor to cyberbullying. It suggests that sites inform users that they are not as anonymous as they may think and employ IP address and identifying technology to track users. I'd go further and recommend that sites explain to users in their online-safety pages, in as much detail as feasible (without giving information away to malicious hackers), how their real-life identities can be found. It's the kind of meaty information that's meaningful to adolescents and shows respect for their intelligence. [To great effect, a school in Philadelphia brought in a computer-forensics police officer to demonstrate the lack of real anonymity to an entire student body.]

Practical. The guidance reflects an understanding that a narrow focus on social networking is impractical as young people's self-expression and socializing flow freely from offline to online and back and among multiple devices that can increasingly be used anywhere.

Not just social networking. In spotlighting chatrooms and Webcams as trouble spots, the guidance reflects the understanding that young people's socializing flows freely from device to device and between various technologies - as both technology and kids develop - and social sites aren't the only place where socializing happens for good or bad. For example, this significant finding about Webcams: "Recent research conducted in Holland by the My Child Online Foundation in 2006, involving 10,900 participants between the ages of 13 and 19, reveals that 47% of girls who responded to the survey, said they had received unwanted requests to do something sexual in front of a webcam – although only 2% actually did so."

Adding "teeth": Because teens' profiles usually reflect a major investment of time and emotion on their part, it's important to have consequences for violations of Terms of Service, so this is good: "Provide warnings to users about uploading photos to their profile, for example: ‘Photos may not contain nudity, violent or offensive material, or copyrighted images. If you violate these terms, your account may be deleted'" (5.3 on p. 27).

2. Neutrals and negatives

A bit of irony. Based on where young Britons do most of their social networking (MySpace, Bebo, and Facebook), there's a certain irony to the fact that another government's guidelines are aimed largely at a group of companies based in the US. That's not to say this is true in countries where English isn't the primary language (though California-based Orkut, Hi5, and Friendster are huge in Brazil, Thailand, and the Philippines, respectively), but safety on the social Web clearly has to be an international effort going forward.

Only the beginning. The guidelines are a great base to build on but don't indicate an understanding of the full range of abuse in social sites, where it comes from or actually occurs, and how hard it is to control - for example, how abuse reports can themselves be abuse ("prank" abuse reports that themselves are harassment of a user by the person "reporting" the abuse) and how some content cannot be moderated or pre-viewed by the service provider because it's from malicious hackers or in third-party sites marketing x-rated content (see "Mother-son digital divide bridged" below). The guidelines need to go further in acknowledging that the users themselves are not the only source of some of the inappropriate content in social-networking sites. Increasingly, third parties are finding ways to socially engineer or hack their messages, images, and software code into users' profiles, blogs, bulletins, and IMs in social-networking sites.

"He said, she said." The term "imposter profile" doesn't come up in the guidance, and this is a huge problem for the social sites, which - if responsible enough to take on the task - have to figure out if a profile is fact or fiction (even basic, non-abusive profiles created by people about themselves have plenty of fiction in them) and if the person behind it is real, fictitious, or malicious. How bad it makes its subject look can be one measure, but that sort of analysis is usually pretty subjective, and chasing down facts is at best time-consuming, if not impossible when the site involves millions of profiles. Even in a court of law, when the accused and the victim are physically present, it's hard to distinguish fact from fiction. Society has not even begun to understand the complexities of coping with online harassment.

Privacy not all good. The premise that privacy in social-networking sites for children is good seems to be unqualified. To say it isn't always sounds like heresy, when we constantly hear "don't post personal info online," but it's only mostly good because privacy tools can also be a barrier to parents', researchers', and law enforcement's efforts to monitor children's activities. Too, posting personal information online is a fact of life for teenagers, and research released over a year ago suggested a new approach to this subject (see this article in the Archive of Pediatrics).

More on mobiles needed. Best-practice thinking obviously needs to match the fluidity and mobility of young people's socializing in terms of devices, technologies, and location. Under "GPS and Location Services," the guidance says that mobile "customers are very sensitive about giving away their location. Only those services that carefully respect customers’ rights to protect their privacy will be successful." This is not necessarily true about teenage customers. Given where adolescents are in their brain development (acknowledged on p. 15 of the guidance under "US Perspective" but also treated thoroughly in the Byron Review - see this), special care will need to be given to how minors use GPS technology for socializing with their friends.

In the "back office." The guidance is light on addressing what needs to happen in social-networking sites' customer-service departments after abuse reports come in - response time, how various types of reports are responded to, proportion of customer-service staff devoted to youth protection, what gets elevated to law enforcement, etc. This needs to be looked at more closely going forward.

Related links

  • Proposed UK law: The other part of this work by the Home Office is a new law that would require convicted sex offenders to provide their email addresses to law enforcement, "who will take these and send them to social-networking sites for blacklisting," iBLS.com reports. Failure to comply could result in five years' imprisonment if Parliament passes the law.
  • Under the minimum: Just about half (49%) of the UK's 8-to-17-year-olds have an online profile, and some 27% of 8-to-11-year-olds (all below the minimum age of every social site I know of) who are aware of social networking sites and have Net access have an online profile, according to a just-released study by Ofcom, Britain's communications and broadcasting regulator cited by inthenews.co.uk.
  • "Home Office calls for better security on social networking sites" in the Times of London
  • "Social networks: Will the government crack down?" from the BBC
  • "Facebook, MySpace to carry 999 link" in The Telegraph
  • "Social networking safety plan unveiled" in The Guardian
  • "Pedophiles forced to register email addresses" at VNUNET.com
  • "Children flock to social networks" from the BBC.

    Labels: , ,

  • Mother-son digital divide bridged

    A recent discussion in ConnectSafely.org that illustrates what's still missing in best-practice guidance: dealing with the third-party code and hacks that, increasingly, are jeopardizing users' computers (and maybe sometimes their relationships with their parents!). This exchange also illustrates how parents' tech illiteracy can widen the parent-child digital divide referred to in the Byron report (see Part 1 last week). Parents need to know that the links and inappropriate content and messages they sometimes see in their children's profiles and blogs aren't necessarily created and shared by their kids.....

    The mother, "WorriedMum," posted this in the forum:

    "I am writing this because yesterday I have seen on my 13-year-old son's Hi5 page. Under the 'about me' section there is a link to [a site called] 'sexplaycam' with a picture of a naked woman. I went to the site and saw that you have to register to become a member of, now I am worried my son has joined this site. I asked my son if he'd put the link there and he said he had no idea it was there and went on his profile and deleted it. I know it is awful, but I am still suspicious. I also have Hi5, and the 'about me' parts, etc., can only be filled in by the person who owns the profile, right? But he swears he didn't know it was there and it must have been put there by someone else. So anyone out there with technical knowledge, please tell me if this kind of thing is possible."

    We forwarded this question to our contact at Hi5, who explained:

    "This was a spam attack on Hi5 members. A hacker inserted malicious code into profiles that either were 'phished' for email and password or clicked a link on a spam profile. We patched the vulnerability last Wednesday and will be cleaning out the innocent member profiles."

    WorriedMum's response: "Thank you so much everyone for your help. I'm sure you can understand that at first it looked very bad to me, but I didn't want to accuse my son or tell him off before I was sure. Good thing I didn't now. Thanks again."

    Labels: ,

    Thursday, April 17, 2008

    Former bullies help fight bullying

    Here's a concept: Have former bullies star in a film to educate teens about bullying. That's the idea behind "The Stories of Us," a 25-minute film that's fiction but looks more like a documentary to some educators, who are showing it in American schools, the Chicago Tribune reports. Teens wrote, acted in, and produced it. One of them, McKenzie Bonnett, was bullied in 5th grade and then - when her parents were getting a divorce and she feared a brother would be deployed in Iraq - she started bullying other girls, she told the Trib. Another US anti-bullying education film starring teens is "Adina's Deck," created by Stanford University graduate student Debbie Heimowitz (see this item). In the UK, a film called "Let's Fight It Together" produced by Childnet International is picking up steam in Britain. In Australia, Brainstorm Productions presents live performances in elementary, middle, and secondary schools about bullying, aggression, harassment, and similar topics.

    Labels:

    Love-sick teen not convicted

    For posting comments such as "I love you," "we need to be together," and "I will never stop trying to talk to you" in a 14-year-old girl's MySpace profile, an 18-year-old man was charged by New York state prosecutors with "aggravated harassment and endangering the welfare of a child," a Wired News blog reports. But a New York City criminal court disagreed with the charge. In his ruling, Judge Michael Gerstein wrote that, "when teenagers fall in love, as song lyrics and studies show, they are more likely to exhibit almost manic behaviors, take risks, act compulsively, and sometimes pursue, with reckless abandon, the objects of their affection. While the actions of a love-struck teenager may well be foolish, reckless, or otherwise acts which might not be expected from a mature adult, they are not, without more, elevated to crimes." Internet law blogger Declan McCullagh added that the New York law also violates the First Amendment, which "protects against even annoying speech," and New York State's constitution.

    Labels:

    Wednesday, April 16, 2008

    Computer security sea change & youth

    You know that old argument about Mac vs. PC security? Well, it really is an old argument now. Computer security really isn't about what operating system your computer has anymore. Now it's really about 1) what browser you use and where you go online, and 2) how smart you are (or your child is) about protecting passwords and financial information online (social engineering), CNET reports. "Lots of people who may already be nervous around computers often just do whatever the computer [or email or Web site] tells them to do," CNET says. That's called social engineering. But children, who are most definitely not nervous around computers, can be gullible too when they get messages like "check out this video" or "click here to find out how to start your modeling career." For adults, it's also tempting to click somewhere to "update their bank account information." There are also event-oriented and seasonal scams, e.g., the Olympics and filing tax returns. "The problem for the security industry is that even if Microsoft, Mozilla, Apple, and Opera all make the most secure browser ever, it still won't prevent things like phishing scams [such as the above]. Along with skepticism about advertising, gossip, and flattery in emails, IMs, and social sites, children need to be alerted to casual messages like the above that may really seem like they're from friends or acquaintances. Knowing how social engineering works can go a long way toward protecting both children and computers (both of which contain large amounts of confidential information!).

    Labels:

    Tuesday, April 15, 2008

    New tech helps detect child porn

    The long-suffering image analysts at the National Center for Missing & Exploited Children must have one of the hardest, most emotionally draining jobs there is. Fortunately, it just got a little easier with the help of image-detection technology developed by Google, ConnectSafely.com co-director Larry Magid reports at CBSNEWS.com. The software eases dependence on an analyst's memory by scanning and detecting patterns that the analyst highlights in a photo - "a calendar on the wall, a logo on a T-shirt, a prominent tattoo or perhaps the pattern of the carpet" - in a database of child-abuse images. What's so sophisticated about this technology, apparently, is its flexibility. It "will work even if the images are modified, if a photo has been changed from color to black and white, or if the pattern is at a different angle or position in the photo or video. It can also pick out a single pattern in a video, even if it's a compilation of many shorter videos."

    Labels: ,

    Monday, April 14, 2008

    We're all becoming Net-trained info-gatherers

    Apparently we're all becoming the rapid-fire, uncritical information hunter-gatherers we had thought only our children were. Yes, they're the digital natives but, according to a new study out of the UK, the Internet is "training" all of us to approach information this way, which may mean we all have to work extra hard now to think more critically and analytically. A just-released longitudinal study from University College London found that, "although young people demonstrate an apparent ease and familiarity with computers, they rely heavily on search engines, view rather than read and do not possess the critical and analytical skills to assess the information that they find on the Web," its press release. Titled "Information Behaviour of the Researcher of the Future," the study also found that the research behaviors "commonly associated with younger users – impatience in search and navigation and zero tolerance for any delay in satisfying their information needs – are now becoming the norm for all age groups." A longitudinal study tracks its subject over a period of time, and this was a "virtual longitudinal study" - see p. 6 of its pdf version for an explanation. This one was commissioned by the British Library and the Joint Information Systems Committee to get a handle on "the changing needs of researchers and other users." Thanks to tech educator Anne Bubnic in for pointing this study out.

    Labels: , ,