Protecting kids identities online is a challenge
15 February, 2016
category: Digital ID, Government
Children growing up in post-1950s America have been raised with the mantra, “Don’t talk to strangers.”
But digital age kids need to know much more than the traditional perils of taking candy from someone they don’t know. The Internet has made it tricky to protect the identities of children, and this creates real dangers that extend from the online to offline world.
Through instant sharing practices, children’s personal information can fall into the wrong hands within milliseconds. The rise of Big Data has put children in the crosshairs of private-sector data miners who target them even in schools. And the anonymous nature of the Internet has helped breed issues such as cyber bullying.
Thankfully, there are initiatives taking shape to keep children safe online and protect their identities. But doing so requires striking a delicate balance between allowing children to maintain a level of anonymity from other users while still enabling sites to know just enough about their identity to protect them from abusers.
Kelli Emerick, executive director of the Secure ID Coalition, a federal lobbying group for the identity industry, says that identity verification and authentication is critical to protecting children online. “A lot of the problems in the kid space comes down to the ability to be anonymous,” she says.
Laws dictate that websites and online applications need to have parental consent in order to gather any personal information from children, but figuring out a way to both obtain and verify that consent has proven difficult.
Internet privacy and security lawyer Parry Aftab says regulators and companies have been taking a harder look at how to better protect children’s identities online, but they are still confounded by the issue. Aftab is a founder in the field of cyber law and consults with the children’s Internet industry through her firm WiredTrust.
Regulators and companies are taking a harder look at how to protect kids’ identities online, but they are still confounded.
Aftab says that once kids are identified online, it’s easier for predators or even peers to blackmail them into doing other things. “Sextortion,” cyber bullying, cyber stalking and trolling are among the risks kids face.
Aftab cited a case involving inner-city kids in which a girl became jealous and tried to provoke gang attacks against another girl she knew. “Our kids are at risk offline far more than ever before,” Aftab says.
Children can also naively give out just enough credential information about themselves to allow someone to steal their identity. For example, they might be tricked into providing a Social Security number to play a game, and someone could take that information and open up credit cards in that child’s name.
Parents can suffer the consequences of their children’s online behavior, too. A child might, for example, make a comment about a parent leaving their job, unintentionally tip off a friend whose dad employs that person, and ultimately cost the parent their job.
More commonly, however, kids can ruin their own reputations online for years to come. The more identifiable they share, the longer that reputation will live with them online. “When they grow up and run for president, people will know they really did inhale,” Aftab says.
Understanding COPPA
One of the primary regulations governing the use of children’s information online is the Children’s Online Privacy Protection Act (COPPA). Congress enacted the law in 1998, requiring the Federal Trade Commission to issue and enforce regulations concerning the online privacy of children under the age of 13.
The goal of COPPA is to put parents in control over what information commercial websites and apps can collect from children online. Moreover, it requires that website operators obtain verifiable parental consent before gathering any personally identifiable information from a child.
Since COPPA took effect, there’s been some confusion among website operators in the marketplace regarding how to comply with the law. This stems from the fact that COPPA’s rules vary based on a website’s primary audience and the critical question of whether a site is directed toward children in the first place.
If it’s a site such as Facebook that’s directed toward a general audience, the site can turn away any users who say they are under the age of 13 and avoid the need to obtain parental consent. Conversely, a site run by a toy company or a kids’ television channel would face more scrutiny.
Failure to comply with COPPA can result in fines of up to $16,000 per violation, according to the FTC.