Teen Privacy Online Social Networking, Privacy Policies and Security Risks: How to protect your personal information online.
Brought to you by . . .
Intel and the International Association of Privacy Professionals proudly join in the celebration of Data Privacy Day 2008. We encourage all students to learn as much as possible about how to use the Internet and its many communication and ecommerce tools as safely as possible in ways that protect the privacy of your personal information.
Online Privacy for Teens
Online Privacy: Why It is Important Social Networking You Can’t Get Something for Nothing Know the Basics: Disclosure of Personal Information and Networking Behavior It Isn’t All About Common Sense Think About Tomorrow When You Act Today Privacy Policies and How to Read Them Security Risks Sources and Resources
Online Privacy: Why Itâ€™s Important
Teens and young adults among most knowledgeable and creative users of the Internet Personal Information (PII)
Name, address, phone numbers, birth date, social security number, credit card numbers, photos, shopping history
Technology Increases Risk of Inadvertent Sharing
Data Privacy Day 2008
28 January 2008 United States and 27 European countries celebrating Data Privacy Day Raising awareness about data privacy, protection of personal information, and online safety 5
Privacy: What Is it?
Privacy is the right or opportunity to decide who has access to your personal information and how that information should be used. Knowledge is power. When you go online, KNOW:
Who has access to your personal information? How will your information be used? Is that okay with you?
Social Networking: What Is It? Facebook,
MySpace, Friendster, and other social networking sites Creating personal profiles Interacting with other people online You can interact with school friends, people from your city, people you work with, people from your region, people in a particular â€œnetwork,â€? or people all over the world 8
Data Protection and Privacy in Social Networks: The Main Ideas
You usually canâ€™t get something for nothing
Know the Basics: Disclosure of Personal Information and Networking Behavior
It isnâ€™t all about common sense Think about tomorrow when you are acting today
You Canâ€™t Get Something for Nothing: The Cost of Networking You can participate in many social networks for free. BUT . . . you must provide personal information to participate. Who can benefit from that information? How do they use your information? How can you protect your privacy?
Who can benefit from your Personal Information?
Web Site Operators
Make money by advertising. The more users they attract, the bigger the audience, the more valuable the ad space, the greater the ad revenue.
Companies that want to sell you things
Want to advertise and sell you their products Want to know about you and your brand loyalties, preferences and interests May want to track and tell your â€œfriendsâ€? about items you purchase as another form of advertising 11
Who Else Could Access your Personal Information?
Current and Future Employers
May want to know more about you than just your grades and test scores. Your profile may be a good resource. May want to know what kind of person you really are â€“ beyond your resume and interview.
Parents Sexual predators and pedophiles
Know the Basics Disclosure of Personal Information and Social Networking Behavior
Basic Guidelines for disclosure of personally identifiable information:
Be sparing with personal information. If you network socially, provide only that information you need to provide to network effectively.
Basic Guidelines for disclosure of personally identifiable information
If you have a username, avoid including your actual name or birth date. Never share your password with anyone. In a profile, generally speaking, do not provide your last name, your phone numbers, home address, date of birth, school or team name, or travel plans. Do not provide your social security number, family financial information, bank or credit card numbers.
Exceptions to basic guidelines:
Birth Date: You may be required to provide your birth date to sign up for a social network or other online service because federal law prohibits the collection of information from children under 13 years old. Arrange your privacy settings so the birth date is not visible on your profile. If you want to display your birthday, show the day of the month but not your birth year.
Exceptions to basic guidelines: School
Name: Although you generally should not provide your school name online, some sites feature school-specific networks, and the name of the network will reveal your school online. Limiting your social networking participation to a school group, as opposed to the world at large, may provide an extra degree of protection and privacy for you. 17
Back to the Basics:
Use Privacy Settings!
Only share the information you are comfortable sharing. Limit your audience.
Default settings usually allow sharing. Take affirmative steps to limit disclosure.
Adjusting privacy settings can be a multi-step process: Access
the Privacy Settings page on the social network of your choice and learn how to protect the privacy of your information. Some sites offer you the ability to set different privacy settings for different parts of your profile page.
Privacy Settings are not Foolproof
Maintaining privacy requires diligence and maintenance. Learn about the privacy settings of each site you use. If you donâ€™t understand the options, contact the site and ask. Regardless of the settings you use, privacy settings are not foolproof. You should always continue to be cautious about information about yourself you place online regardless of how restricted you believe your audience is. 20
Basics of On-line Social Networking Behavior: The Number One Rule Unless
you would be willing to attach something to a college application or resume, share it with your parents, your grandparents, current or future employers, don’t post it. If you wouldn’t put it on a poster and hang it on your locker or your dorm room door, don’t post it. 21
Basics of Behavior (cont.): Blogging, Journals, The Wall
When you journal or blog online, these entries are archived, or saved, and the content of these entries can be searched.
Some blogging sites offer you the ability to choose which subscribers can see what you have written, and some allow you to block any anonymous replies.
Think about why and how you are using your profile page. If you are blogging about your daily activities or your social life, be extremely cautious what personal information you provide about yourself and others in those contexts.
Basics of Behavior (cont.): “Friends”
Don’t invite people to be your friends on-line if you do not know them in the real world. If you must accept a “friend” that you do not know, do so cautiously, recognizing that often people are not who they claim to be.
Basics of Behavior (cont): Photos
Do not post images of yourself that you wouldn’t want to share with grandparents, colleges, and future employers. Don’t post images of other people that they wouldn’t post of themselves. If possible, ask permission before posting an image of someone else on your site. Always honor any individual’s request to remove a specific photo of him or her from your page. 24
Basics of Behavior (cont.): Avoiding Risky Behavior
Sex -- Just don’t talk about it on the Internet, particularly with people you do not know.
Never agree to meet someone in person that you “met” on the Internet. 25
Other Ways to Protect your Privacy Use
services with age and identity verification systems Use services that allow you to report inappropriate content Look for sites with privacy seals like TRUSTe and the Better Business Bureau
More Ways to Protect your Privacy
Talk with a parent, older sibling, or other adult you trust about your Internet use. Educate your parents about technologies that are new to them. Check out any safety tips provided by the site you are using. Use online resources to find additional safety and privacy information. ALWAYS KNOW how your information is being used and stored by others. 27
It’s not just common sense.
“Don’t get in a car with someone you don’t know.” “Don’t open your door to a stranger.” But . . . Don’t talk to strangers? Isn’t that the whole point for some users? Common sense only takes you so far. Some technological understanding is helpful.
you put something on the Internet, it is difficult if not impossible to take it back. Search engines and browsers cache websites, allowing photos, videos and text to be retrieved long after the website has been deleted.
Caching and Public Computers
Caching also raises issues you should be aware of when you use computers in public libraries or other public spaces.
Web browsers cache sites that you have visited.
Web browsers can also cache temporary internet files, cookies, info that you enter into websites and address bars as well as passwords.
Think About Tomorrow When You are Acting Today
Do you know how much money it costs to remove a tattoo? Hundreds or thousands of dollars, depending on the size and quality of the tattoo.
This doesn’t mean you should never get a tattoo – it just means you should be well aware of the costs and consequences associated with making such a decision, now and in the future, before you do it.
Social networking and blogging online are the same –
information and images can be extremely difficult if not impossible to take back. Even when you delete information from your profile or site, older versions are still accessible to others.
Think About Tomorrow (cont.) Do
not jeopardize the privacy of others.
Treat others the way you would want to be treated online. Respect the privacy and personal information of others. Donâ€™t identify others on your page in a way they would not identify themselves or post photos they would not post.
Many websites have privacy policies or statements. Main function: to describe what personal information they will collect, whether they share it, how they will use it, and how they will secure it. 33
Privacy Policies should provide: Notice Choice
Exactly what information they collect and how they use it You should be given a choice about the collection and use of your information The ability to access your information maintained by the site and the opportunity to correct inaccurate information Reasonable security measures to protect your information from loss, misuse, or alteration 34
Privacy Policies (cont.)
The language can be confusing. Look for:
Whether the site will sell or share your information with third parties The chance to optout of practices you do not like 35
BUT . . . .
Always keep in mind that a policy is merely a policy. Because the policy is essentially the measure of your rights on the site in which you are participating, pay careful attention to the ways in which the policy limits the siteâ€™s exposure and accountability. Look for a web seal that lets you know the site takes its policy and your privacy seriously. 36
Security Risks Passwords, File-Sharing, Spyware, Phishing and Updating
Protecting your personal information: Passwords
Keep your passwords in a secure place. Do not share passwords. Experts suggest: the strongest passwords have at least 8 characters and include numbers and symbols as well as letters. Do not use your personal information, your login name, or adjacent keys on the keyboard as passwords. Change your password every 90 days or so. Use a different password for every online account you access (or at least a good variety).
File-sharing software Avoid
down-loading file-sharing software. If you use this software be extremely careful about the information you share in order to protect your personal information. Read end user agreements, understand whether you are allowing spyware to be installed on your machine, and understand the risks of free downloads. 40
Spyware is a program that can be installed on your computer from a remote location to steal your personal or financial information or to monitor your online transactions to capture that information.
Install antispyware software to detect and remove these spyware programs. 41
A phishing scam is one designed to elicit your personal information (username, password, account information) on a fake website. When you receive a suspicious email, do not click on a link provided and provide personal information.
you receive a suspicious email, go to your browser, contact the company, and ask whether it is trying to reach you or if there is a problem with your account. Use anti-phishing software.
Automatic Updates As
a final note, automatically updating your computer helps ensure that your computer is protected against the latest threats.
Sources and Resources The foregoing information was drawn largely from information found in a number of articles and on websites concerned about online safety and data protection. These sources and resources will provide additional, helpful information for you if you are interested in learning more about any of the privacy issues discussed today. Please visit www.privacyassociation.org for a full list of sources and resources, along with links to educational videos about data protection and online safety.
Creative Commons License This work is licensed under the Creative Commons Attribution 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/ Or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Any use of these materials requires attribution to the IAPP and Intel. 48