Upload
tomasztopa
View
4.163
Download
4
Embed Size (px)
DESCRIPTION
The presentation entitled “Social Networking, Privacy Policies, and Security Risks: How to Protect Your Personal Information Online” was specifically created for teens between 7th and 12th grades. The materials discuss ways that teenagers can negotiate social networking sites while protecting their personal information, instruction on privacy policies (how to read them, and what they mean), and how to deal with a variety of security risks like spyware and phishing.Created by IAPP and Intel. Licensed under Creative Commons Attribution 3.0 Unported
Citation preview
Teen Privacy Online
Social Networking, Privacy Policies
and Security Risks: How to protect
your personal information online.
2
Brought to you by . . .
� Intel and the International Association of Privacy Professionalsproudly join in the celebration of Data Privacy Day 2008. We encourage all students to learn as much as possible about how touse the Internet and its many communication and ecommerce tools as safely as possible in ways that protect the privacy of your personal information.
3
Online Privacy for Teens
� Online Privacy: Why It is Important
� Social Networking
� You Can’t Get Something for Nothing
� Know the Basics: Disclosure of Personal Information and Networking Behavior
� It Isn’t All About Common Sense
� Think About Tomorrow When You Act Today
� Privacy Policies and How to Read Them
� Security Risks
� Sources and Resources
4
Online Privacy: Why It’s Important
� Teens and young adults among most knowledgeable and creative users of the Internet
� Personal Information (PII)
� Name, address, phone numbers, birth date, social security number, credit card numbers, photos, shopping history
� Technology Increases Risk of Inadvertent Sharing
5
Data Privacy Day 2008
� 28 January 2008
� United States and 27 European countries celebrating Data Privacy Day
� Raising awareness about data privacy, protection of personal information, and online safety
6
Privacy: What Is it?
� Privacy is the right or opportunity to decide
who has access to your personal information
and how that information should be used.
� Knowledge is power.
� When you go online, KNOW:
� Who has access to your personal information?
� How will your information be used?
� Is that okay with you?
7
Social Networking
8
Social Networking: What Is It?
� Facebook, MySpace, Friendster, and other social networking sites
� Creating personal profiles
� Interacting with other people online
� You can interact with school friends, people from your city, people you work with, people from your region, people in a particular “network,” or people all over the world
9
Data Protection and Privacy in
Social Networks: The Main Ideas
� You usually can’t get something for nothing
� Know the Basics: Disclosure of Personal Information and Networking Behavior
� It isn’t all about common sense
� Think about tomorrow when you are acting today
10
You Can’t Get Something for
Nothing: The Cost of Networking
You can participate in many social
networks for free. BUT . . .
you must provide personal information to
participate.
Who can benefit from that information?
How do they use your information?
How can you protect your privacy?
11
Who can benefit from your Personal
Information?
� Web Site Operators
� Make money by advertising. The more users they
attract, the bigger the audience, the more valuable
the ad space, the greater the ad revenue.
� Companies that want to sell you things
� Want to advertise and sell you their products
� Want to know about you and your brand loyalties,
preferences and interests
� May want to track and tell your “friends” about items
you purchase as another form of advertising
12
Who Else Could Access your
Personal Information?
� Colleges
� May want to know more about you than just your
grades and test scores. Your profile may be a
good resource.
� Current and Future Employers
� May want to know what kind of person you really
are – beyond your resume and interview.
� Parents
� Sexual predators and pedophiles
Know the Basics
Disclosure of Personal Information
and Social Networking Behavior
14
Basic Guidelines for disclosure of
personally identifiable information:
� Be sparing with
personal
information. If you
network socially,
provide only that
information you need
to provide to network
effectively.
15
Basic Guidelines for disclosure of
personally identifiable information
� If you have a username, avoid including your
actual name or birth date. Never share your
password with anyone.
� In a profile, generally speaking, do not provide
your last name, your phone numbers, home
address, date of birth, school or team name, or
travel plans. Do not provide your social
security number, family financial information,
bank or credit card numbers.
16
Exceptions to basic guidelines:
� Birth Date: You may be required to provide
your birth date to sign up for a social network
or other online service because federal law
prohibits the collection of information from
children under 13 years old.
� Arrange your privacy settings so the birth date
is not visible on your profile. If you want to
display your birthday, show the day of the
month but not your birth year.
17
Exceptions to basic guidelines:
� School Name: Although you generally
should not provide your school name
online, some sites feature school-specific
networks, and the name of the network
will reveal your school online.
Limiting your social networking participation to
a school group, as opposed to the world at
large, may provide an extra degree of
protection and privacy for you.
18
Back to the Basics:
� Use Privacy Settings!
� Only share the
information you are
comfortable sharing.
� Limit your audience.
� Default settings usually
allow sharing. Take
affirmative steps to limit
disclosure.
19
Adjusting privacy settings can be a
multi-step process:
� Access the Privacy Settings page on the
social network of your choice and learn
how to protect the privacy of your
information.
� Some sites offer you the ability to set
different privacy settings for different
parts of your profile page.
20
Privacy Settings are not Foolproof
� Maintaining privacy requires diligence and maintenance.
� Learn about the privacy settings of each site you use. If you don’t understand the options, contact the site and ask.
� Regardless of the settings you use, privacy settings are not foolproof. You should always continue to be cautious about information about yourself you place online regardless of how restricted you believe your audience is.
21
Basics of On-line Social Networking
Behavior: The Number One Rule
� Unless you would be willing to attach
something to a college application or
resume, share it with your parents, your
grandparents, current or future
employers, don’t post it. If you wouldn’t
put it on a poster and hang it on your
locker or your dorm room door, don’t
post it.
22
Basics of Behavior (cont.): Blogging,
Journals, The Wall
� When you journal or blog online, these entries are archived, or saved, and the content of these entries can be searched. � Some blogging sites offer you the ability to choose which subscribers can see what you have written, and some allow you to block any anonymous replies.
� Think about why and how you are using your profile page. If you are blogging about your daily activities or your social life, be extremely cautious what personal information you provide about yourself and others in those contexts.
23
Basics of Behavior (cont.):
“Friends”
� Don’t invite people to be
your friends on-line if
you do not know them in
the real world.
� If you must accept a
“friend” that you do not
know, do so cautiously,
recognizing that often
people are not who they
claim to be.
24
Basics of Behavior (cont): Photos
� Do not post images of yourself that you wouldn’t want to share with grandparents, colleges, and future employers.
� Don’t post images of other people that they wouldn’t post of themselves.
� If possible, ask permission before posting an image of someone else on your site.
� Always honor any individual’s request to remove a specific photo of him or her from your page.
25
Basics of Behavior (cont.):
Avoiding Risky Behavior
� Sex -- Just don’t talk about it on the Internet, particularly with people you do not know.
� Never agree to meet someone in person that you “met” on the Internet.
26
Other Ways to Protect your Privacy
� Use services with age and identity
verification systems
� Use services that allow you to report
inappropriate content
� Look for sites with privacy seals like
TRUSTe and the Better Business
Bureau
27
More Ways to Protect your Privacy
� Talk with a parent, older sibling, or other adult
you trust about your Internet use.
� Educate your parents about technologies that
are new to them.
� Check out any safety tips provided by the site
you are using. Use online resources to find
additional safety and privacy information.
� ALWAYS KNOW how your information is
being used and stored by others.
28
It’s not just common sense.
� “Don’t get in a car with someone you don’t know.”
� “Don’t open your door to a stranger.”
� But . . . Don’t talk to strangers? Isn’t that the whole point for some users?
� Common sense only takes you so far. Some technological understanding is helpful.
29
Caching
� If you put something on the Internet, it is
difficult if not impossible to take it back.
� Search engines and browsers cache
websites, allowing photos, videos and
text to be retrieved long after the website
has been deleted.
30
Caching and Public Computers
� Caching also raises issues you should be aware of when you use computers in public libraries or other public spaces.
� Web browsers cache sites that you have visited.
� Web browsers can also cache temporary internet files, cookies, info that you enter into websites and address bars as well as passwords.
31
Think About Tomorrow When You
are Acting Today
� Do you know how much money it costs to remove a tattoo? Hundreds or thousands of dollars, depending on the size and quality of the tattoo.
� This doesn’t mean you should never get a tattoo – it just means you should be well aware of the costs and consequences associated with making such a decision, now and in the future, before you do it.
� Social networking and blogging online are the same –� information and images can be
extremely difficult if not impossible to take back. Even when you delete information from your profile or site, older versions are still accessible to others.
32
Think About Tomorrow (cont.)
� Do not jeopardize the privacy of others.
� Treat others the way you would want to be
treated online.
� Respect the privacy and personal
information of others.
� Don’t identify others on your page in a way
they would not identify themselves or post
photos they would not post.
33
Privacy Policies
� Many websites have privacy policies or statements.
� Main function: to describe what personal information they will collect, whether they share it, how they will use it, and how they will secure it.
34
Privacy Policies should provide:
Reasonable security measures to
protect your information from loss,
misuse, or alteration
Security
The ability to access your information
maintained by the site and the
opportunity to correct inaccurate
information
Access
You should be given a choice about
the collection and use of your
information
Choice
Exactly what information they collect
and how they use it
Notice
35
Privacy Policies (cont.)
� The language can be
confusing.
� Look for:
� Whether the site will
sell or share your
information with
third parties
� The chance to opt-
out of practices you
do not like
36
BUT . . . .
� Always keep in mind that a policy is merely a
policy.
� Because the policy is essentially the measure
of your rights on the site in which you are
participating, pay careful attention to the ways
in which the policy limits the site’s exposure
and accountability.
� Look for a web seal that lets you know the site
takes its policy and your privacy seriously.
37
Recap:
� Find the privacy
policy and read it.
� But always continue
to act cautiously
online with your
personal information
regardless of a
policy’s
representations.
Security Risks
Passwords, File-Sharing, Spyware,
Phishing and Updating
39
Protecting your personal
information: Passwords
� Keep your passwords in a secure place.
� Do not share passwords.
� Experts suggest: the strongest passwords have at least 8 characters and include numbers and symbols as well as letters.
� Do not use your personal information, your login name, or adjacent keys on the keyboard as passwords.
� Change your password every 90 days or so.
� Use a different password for every online account you access (or at least a good variety).
40
File-sharing software
� Avoid down-loading file-sharing software.
� If you use this software be extremely careful about the information you share in order to protect your personal information.
� Read end user agreements, understand whether you are allowing spyware to be installed on your machine, and understand the risks of free downloads.
41
Spyware
� Spyware is a program that can be installed on your computer from a remote location to steal your personal or financial information or to monitor your online transactions to capture that information.
� Install antispyware software to detect and remove these spyware programs.
42
Phishing
� A phishing scam is one designed to elicit your personal information (username, password, account information) on a fake website.
� When you receive a suspicious email, do not click on a link provided and provide personal information.
43
Phishing Protection
�When you receive a suspicious email, go
to your browser, contact the company,
and ask whether it is trying to reach you
or if there is a problem with your
account.
� Use anti-phishing software.
44
Automatic Updates
� As a final note, automatically updating
your computer helps ensure that your
computer is protected against the latest
threats.
45
Sources and Resources
The foregoing information was drawn largely from information found in a number of articles and on websites concerned about online safety and data protection. These sources and resources will provide additional, helpful information for you if you are interested in learning more about any of the privacy issues discussed today.
Please visit www.privacyassociation.org for a full list of sources and resources, along with links to educational videos about data protection and online safety.
46
Sponsors
.
47
Sponsors
48
Creative Commons License
This work is licensed under the Creative
Commons Attribution 3.0 Unported License. To
view a copy of this license, visit
http://creativecommons.org/licenses/by/3.0/
Or send a letter to Creative Commons, 171
Second Street, Suite 300, San Francisco,
California, 94105, USA.
Any use of these materials requires attribution to
the IAPP and Intel.
49
Thank you!