Although any user can fall victim to any network
threat, regardless of their age, children and teenagers are especially
susceptible to dangers that threaten to take advantage of their innocence.
Needless to say, the protection of youngsters on the internet is a real
challenge.
At WeLiveSecurity, we have dealt with some of the
main threats affecting chidlren and young people who use new technologies –
mainly around the internet – such as grooming and cyberbullying. Despite a number of initiatives aimed at counteracting
these type of threats/risks, we still have a long way to go before we will
get to a safe digital environment.
The minimum age necessary to use internet
services
One of the most important aspects we have to
consider when it comes to safety is determining the right age (and the required
age) for children to be able to start using all the various online services –
such as social networks – especially seeing as some of the most popular tools
were not developed with child users in mind (many require children to be at
least 13 before they can sign up).
Other services, such as email, also prohibit children
under the age of 13 from creating an account. However, in both cases we see
that no mechanisms have been put in place to enable the user’s age to be
verified, given that any date of birth can be used to fulfill the requirements.
Additionally, the checks used can be easily sidestepped.
The main reason why children under 13 are not
allowed to have an email address or a social network profile is the law
protecting child privacy, commonly known as COPPA (Children’s Online Privacy Protection Act), which
companies have to comply with.
When we are talking about the collection of
personal data from children under the age of 13, this law grants control to the
parents, while defining what websites and online services operators must do to
protect online child privacy and safety. For example, companies that comply
with the COPPA law must include certain clauses in their privacy policies and
obtain the consent of parents to collect information on
minors.
Additional restriction mechanisms for minors
Although this initial restriction can be dismissed
as an effective measure to limit children from creating an email or social
networking account, there are additional mechanisms which can prevent the minor
from continuing to use any service. For example, Facebook has a form to report that
a minor under the age of 13 is using the website.
In an exercise undertaken by the ESET Investigation
Laboratory, we reported a minor’s profile to check whether this process
actually works and to find out how effective it is. Despite sending off the
information correctly, at the time of writing we have received no response to
our report.
On top of this, the methods and criteria used to
determine whether a profile actually is that of a minor are not specified, as
it states that “If the reported child’s age is not reasonably verifiable as
under 13, then we may not be able to take action on the account”.
This method may ultimately be somewhat ineffective,
as the profile has to be checked, and the criteria used for this may be
subjective in order to determine whether or not the profile should be
blocked.
So what is the right age to use online
services?
Although there is no conclusive response to this
question, and it is ultimately difficult to answer, the reality is that minors
cannot be denied access to technology. Children live and breathe this
environment as “digital natives”. Excluding them from the digital world could
prove to be a disadvantage for their development.
We are becoming increasingly dependent on
technology and the trend is for us to be online more often than not, as well as
interacting with new technological developments. So depriving children and
young people from the benefits that technology has to offer would seem to be a
backward step. We therefore need to ensure that minors are able to use
online services under adequate supervision from their parents and
teachers, further protected with the use of suitable safety tools, such
as parental controls, as well as adherence to good practices.
There is a sizable set of efforts and
initiatives that should be taken into consideration over the coming years
if we want our children to be able to enjoy a safe digital environment. Why?
Because although dangers do exist and will always be there, it is clear that
protection is in the hands of responsible adults. It is their job to
understand the threats that are there, and above all how to protect and care
for children, while using technology responsibly and safely and with
full awareness.