teen privacy online social networking, privacy policies and security risks: how to protect your...
TRANSCRIPT
Teen Privacy Online
Social Networking, Privacy Policies and Security Risks: How to protect your personal information online.
2
Brought to you by . . .
Intel and the International Association of Privacy Professionals proudly join in the celebration of Data Privacy Day 2008. We encourage all students to learn as much as possible about how to use the Internet and its many communication and ecommerce tools as safely as possible in ways that protect the privacy of your personal information.
3
Online Privacy for Teens
Online Privacy: Why It is Important
Social Networking You Can’t Get Something for
Nothing Know the Basics: Disclosure
of Personal Information and Networking Behavior
It Isn’t All About Common Sense
Think About Tomorrow When You Act Today
Privacy Policies and How to Read Them
Security Risks Sources and Resources
4
Online Privacy: Why It’s Important
Teens and young adults among most knowledgeable and creative users of the Internet
Personal Information (PII) Name, address, phone
numbers, birth date, social security number, credit card numbers, photos, shopping history
Technology Increases Risk of Inadvertent Sharing
5
Privacy: What Is it?
Privacy is the right or opportunity to decide who has access to your personal information and how that information should be used.
Knowledge is power. When you go online, KNOW:
Who has access to your personal information? How will your information be used? Is that okay with you?
6
Social Networking
7
Social Networking: What Is It?
Facebook, MySpace, Friendster, and other social networking sites
Creating personal profilesInteracting with other people onlineYou can interact with school friends,
people from your city, people you work with, people from your region, people in a particular “network,” or people all over the world
8
Data Protection and Privacy in Social Networks: The Main Ideas
You usually can’t get something for nothing
Know the Basics: Disclosure of Personal Information and Networking Behavior
It isn’t all about common sense
Think about tomorrow when you are acting today
9
You Can’t Get Something for Nothing: The Cost of Networking
You can participate in many social networks for free. BUT . . .
you must provide personal information to participate.
Who can benefit from that information?
How do they use your information?
How can you protect your privacy?
10
Who can benefit from your Personal Information?
Web Site Operators Make money by advertising. The more users they
attract, the bigger the audience, the more valuable the ad space, the greater the ad revenue.
Companies that want to sell you things Want to advertise and sell you their products Want to know about you and your brand loyalties,
preferences and interests May want to track and tell your “friends” about items
you purchase as another form of advertising
11
Who Else Could Access your Personal Information?
Colleges May want to know more about you than just your
grades and test scores. Your profile may be a good resource.
Current and Future Employers May want to know what kind of person you really
are – beyond your resume and interview.
Parents Sexual predators and pedophiles
Know the Basics
Disclosure of Personal Information and Social Networking Behavior
13
Basic Guidelines for disclosure of personally identifiable information:
Be sparing with personal information. If you network socially, provide only that information you need to provide to network effectively.
14
Basic Guidelines for disclosure of personally identifiable information
If you have a username, avoid including your actual name or birth date. Never share your password with anyone.
In a profile, generally speaking, do not provide your last name, your phone numbers, home address, date of birth, school or team name, or travel plans. Do not provide your social security number, family financial information, bank or credit card numbers.
15
Exceptions to basic guidelines:
Birth Date: You may be required to provide your birth date to sign up for a social network or other online service because federal law prohibits the collection of information from children under 13 years old.
Arrange your privacy settings so the birth date is not visible on your profile. If you want to display your birthday, show the day of the month but not your birth year.
16
Exceptions to basic guidelines:
School Name: Although you generally should not provide your school name online, some sites feature school-specific networks, and the name of the network will reveal your school online.Limiting your social networking participation to
a school group, as opposed to the world at large, may provide an extra degree of protection and privacy for you.
17
Back to the Basics:
Use Privacy Settings! Only share the
information you are comfortable sharing.
Limit your audience.
Default settings usually allow sharing. Take affirmative steps to limit disclosure.
18
Adjusting privacy settings can be a multi-step process:
Access the Privacy Settings page on the social network of your choice and learn how to protect the privacy of your information.
Some sites offer you the ability to set different privacy settings for different parts of your profile page.
19
Privacy Settings are not Foolproof
Maintaining privacy requires diligence and maintenance.
Learn about the privacy settings of each site you use. If you don’t understand the options, contact the site and ask.
Regardless of the settings you use, privacy settings are not foolproof. You should always continue to be cautious about information about yourself you place online regardless of how restricted you believe your audience is.
20
Basics of On-line Social Networking Behavior: The Number One Rule
Unless you would be willing to attach something to a college application or resume, share it with your parents, your grandparents, current or future employers, don’t post it. If you wouldn’t put it on a poster and hang it on your locker or your dorm room door, don’t post it.
21
Basics of Behavior (cont.): Blogging, Journals, The Wall
When you journal or blog online, these entries are archived, or saved, and the content of these entries can be searched. Some blogging sites offer you the ability to choose which
subscribers can see what you have written, and some allow you to block any anonymous replies.
Think about why and how you are using your profile page. If you are blogging about your daily activities or your social life, be extremely cautious what personal information you provide about yourself and others in those contexts.
22
Basics of Behavior (cont.):“Friends”
Don’t invite people to be your friends on-line if you do not know them in the real world.
If you must accept a “friend” that you do not know, do so cautiously, recognizing that often people are not who they claim to be.
23
Basics of Behavior (cont): Photos
Do not post images of yourself that you wouldn’t want to share with grandparents, colleges, and future employers.
Don’t post images of other people that they wouldn’t post of themselves.
If possible, ask permission before posting an image of someone else on your site.
Always honor any individual’s request to remove a specific photo of him or her from your page.
24
Basics of Behavior (cont.): Avoiding Risky Behavior
Sex -- Just don’t talk about it on the Internet, particularly with people you do not know.
Never agree to meet
someone in person that you “met” on the Internet.
25
Other Ways to Protect your Privacy
Use services with age and identity verification systems
Use services that allow you to report inappropriate content
Look for sites with privacy seals like TRUSTe and the Better Business Bureau
26
More Ways to Protect your Privacy
Talk with a parent, older sibling, or other adult you trust about your Internet use.
Educate your parents about technologies that are new to them.
Check out any safety tips provided by the site you are using. Use online resources to find additional safety and privacy information.
ALWAYS KNOW how your information is being used and stored by others.
27
It’s not just common sense.
“Don’t get in a car with someone you don’t know.”
“Don’t open your door to a stranger.”
But . . . Don’t talk to strangers? Isn’t that the whole point for some users?
Common sense only takes you so far. Some technological understanding is helpful.
28
Caching
If you put something on the Internet, it is difficult if not impossible to take it back.
Search engines and browsers cache websites, allowing photos, videos and text to be retrieved long after the website has been deleted.
29
Caching and Public Computers
Caching also raises issues you should be aware of when you use computers in public libraries or other public spaces.
Web browsers cache sites that you have visited.
Web browsers can also cache temporary internet files, cookies, info that you enter into websites and address bars as well as passwords.
30
Think About Tomorrow When You are Acting Today
Do you know how much money it costs to remove a tattoo? Hundreds or thousands of dollars, depending on the size and quality of the tattoo.
This doesn’t mean you should never
get a tattoo – it just means you should be well aware of the costs and consequences associated with making such a decision, now and in the future, before you do it.
Social networking and blogging online are the same –
information and images can be extremely difficult if not impossible to take back. Even when you delete information from your profile or site, older versions are still accessible to others.
31
Think About Tomorrow (cont.)
Do not jeopardize the privacy of others.Treat others the way you would want to be
treated online.Respect the privacy and personal
information of others.Don’t identify others on your page in a way
they would not identify themselves or post photos they would not post.
32
Privacy Policies
Many websites have privacy policies or statements.
Main function: to describe what personal information they will collect, whether they share it, how they will use it, and how they will secure it.
33
Privacy Policies should provide:
Notice Exactly what information they collect and how they use it
Choice You should be given a choice about the collection and use of your information
Access The ability to access your information maintained by the site and the opportunity to correct inaccurate information
Security Reasonable security measures to protect your information from loss, misuse, or alteration
34
Privacy Policies (cont.)
The language can be confusing.
Look for: Whether the site will
sell or share your information with third parties
The chance to opt-out of practices you do not like
35
BUT . . . .
Always keep in mind that a policy is merely a policy.
Because the policy is essentially the measure of your rights on the site in which you are participating, pay careful attention to the ways in which the policy limits the site’s exposure and accountability.
Look for a web seal that lets you know the site takes its policy and your privacy seriously.
36
Recap:
Find the privacy policy and read it.
But always continue to act cautiously online with your personal information regardless of a policy’s representations.
Security Risks
Passwords, File-Sharing, Spyware, Phishing and Updating
38
Protecting your personal information: Passwords
Keep your passwords in a secure place. Do not share passwords. Experts suggest: the strongest passwords have at
least 8 characters and include numbers and symbols as well as letters.
Do not use your personal information, your login name, or adjacent keys on the keyboard as passwords.
Change your password every 90 days or so. Use a different password for every online account
you access (or at least a good variety).
39
File-sharing software
Avoid down-loading file-sharing software. If you use this software be extremely
careful about the information you share in order to protect your personal information.
Read end user agreements, understand whether you are allowing spyware to be installed on your machine, and understand the risks of free downloads.
40
Spyware
Spyware is a program that can be installed on your computer from a remote location to steal your personal or financial information or to monitor your online transactions to capture that information.
Install antispyware software to detect and remove these spyware programs.
41
Phishing
A phishing scam is one designed to elicit your personal information (username, password, account information) on a fake website.
When you receive a suspicious email, do not click on a link provided and provide personal information.
42
Phishing Protection
When you receive a suspicious email, go to your browser, contact the company, and ask whether it is trying to reach you or if there is a problem with your account.
Use anti-phishing software.
43
Automatic Updates
As a final note, automatically updating your computer helps ensure that your computer is protected against the latest threats.
44
Sponsors
.
45
Sponsors
46
Creative Commons License
This work is licensed under the Creative Commons Attribution 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/
Or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA.
Any use of these materials requires attribution to the IAPP and Intel.