SlideShare une entreprise Scribd logo

Children's fingerprints on the web: How social media puts privacy at risk

Télécharger en tant que PPT, PDF
Jisc
Jisc

Abigail McAlpine is a cyber security researcher who studies children's personally identifiable information (PII) shared on social networking services. Her research focuses on platforms most commonly used by children aged 11-16 according to an Ofcom report. She has a PhD from the Secure Societies Institute at the University of Huddersfield. Her background was previously in business and marketing. Social networking services collect large amounts of PII from children, which they encourage users to share through various features. However, this sharing of PII online poses risks to children's identity and privacy if their data is breached. PII authentication may not be secure in the long run as more details of people's lives, including children, are

Technologie
1  sur  63
Children's fingerprints on the web - the end of PII Authentication? Abigail McAlpine
Abigail McAlpine Cy b er S ec u rity Researc h er ( Ph D) from the Secure Societies In stitu te at Th e Un iversity of Hu d d ersfield
Children's fingerprints on the web - the end of PII Authentication? Abigail McAlpine
AM Background • Cyber Security Researcher (PhD) from the Secure Societies Institute at the University of Huddersfield • Research on Personally Identifiable Information (PII) of children aged (11-16) on Social Networking Services (SNS) focussing particularly on the most commonly used platforms according to Ofcom’s “Children and parents: media use and attitudes report 2018 • Human-based cyber security research, particularly focusing on the “what” and “where” of sharing online when it comes to children’s information • Research is still in collection, public, parents and children • My background pre-PhD was in business and marketing as a marketing manager
AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/5 Imagine a circle that contains all of human knowledge:
AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/6 By the time you finish elementary school, you know a little:
AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/7 By the time you finish high school, you know a bit more:
AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/8 With a bachelor's degree, you gain a specialty:
AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/9 A master's degree deepens that specialty:
AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/10 Reading research papers takes you to the edge of human knowledge:
AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/11 Once you're at the boundary, you focus:
AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/12 You push at the boundary for a few years:
AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/13 Until one day, the boundary gives way:
AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/14 And, that dent you've made is called a Ph.D.: @mattmight
AM The Secure Societies Institute (SSI) • “Research staff and students from across the seven Schools work collaboratively to address global security challenges as diverse as terrorism, modern slavery, child sexual abuse and cyber crime.” – Prof Rachel Armitage • Nearly 100 staff and post-graduate researchers from The University of Huddersfield working on a variety of inter-disciplinary research projects in the hopes of addressing security topics nationally and internationally. 15https://research.hud.ac.uk/institutes-centres/ssi/welcome/
AM Contents • What is PII? • What PII is collected by SNS? • Marketing vs Security • Ofcom report • Parental awareness • SNS Timeline • Features on SNS • Sharenting • Fraud • Why PII is used • Actions for tech/users 16
AMWhat is Personal Identifiable Information (PII)? • Personal data is information that relates to an identified or identifiable individual. • What identifies an individual could be as simple as a name or a number or could include other identifiers such as an IP address or a cookie identifier, or other factors. • If it is possible to identify an individual directly from the information you are processing, then that information may be personal data. • https://ico.org.uk
AM What is PII? • Even if an individual is identified or identifiable, directly or indirectly, from the data you are processing, it is not personal data unless it ‘relates to’ the individual. • When considering whether information ‘relates to’ an individual, you need to take into account a range of factors, including the content of the information, the purpose or purposes for which you are processing it and the likely impact or effect of that processing on the individual. • It is possible that the same information is personal data for one controller’s purposes but is not personal data for the purposes of another controller. 18
AM What are SNS? • SNS – Social Networking Services • These include Facebook, Twitter, Instagram and more • Discord/Slack other messaging services Add a footer 19
Children's fingerprints on the web - the end of PII Authentication? Who is the girl on the left?
AM Marketing potential • We can guess her age is probably between 11-14 (Wider guess of 10-16) • We can reasonably articulate an idea of her assigned gender • We can see her uniform – idea of location, confirmation of age group • We can see she has her own phone – she seems very attached
AM In marketing this would be seen as rich data – worth investing time and money into… • With this information we could curate a customer persona, we could adjust marketing, we could curate a timeline of potential sales funnels to pitch. • This information is still very valuable to us • We don’t need to know her identity 22
AM In security • There’s potential to use this information in future fact finding to collate a bigger picture of her identity • Basic OSINT (Open-source intelligence) tools can track her and build on the information provided • It’s the potential of future information that will cause issues to her identity 23
AM Ultimately • The ability and tools to collate more information about an individual (regardless of age) exist in both marketing and cyber security industries • The skills to take the information we have and turn into viable information are already in the room, a lot of the tools and methods to do so are very established, be it in technology or simply observing an individual • These cases will always exist, it is justifiable for the existence of data collection around children online for marketing purposes – whether directly through children’s use, or through a third party or parent’s use or purchasing data points. 24
AM The real issue.. • Some of the largest datasets on children in the world are owned by Social Networking Services (SNS) • They have this information, it’s usually attached to an identity. • Encouragement of PII sharing, location data, connecting with more users, spending more time on the platforms 25
Looking at the numbers 26
AM Ofcom Report (12-15) • 83% of 12-15 year olds have their own smartphone • 50% of 12-15 year olds have their own tablet • 99% of 12-15 year olds go online for 20 ½ hours per week • 69% have a social media profile 27Children and parents: Media use and attitudes report 2018
AM Ofcom Report (8-11) • 35% of 8-11 year olds have their own smartphone • 50% of 8-11 year olds have their own tablet • 93% of 8-11 year olds go online for 13 ½ hours per week • 18% of 8-11 year olds have a social media profile 28Children and parents: Media use and attitudes report 2018
What happens when children’s data is breached online?
AM Privacy Pin-Ups • “We take your privacy and security seriously.” • “Your privacy matters to us.” 30
AM Huge changes in Facebook • Encrypted end-to-end messages through the messenger app • 18.4 million reports of child sexual abuse worldwide in 2018, a staggering 12 million trace back to Facebook Messenger. • Reducing Permanence – deleting long term information as standard (undefined) March 2019 • Right to be forgotten/ The right to erasure – GDPR 2018. Doesn’t limit the sharing of information primarily • Suspension of tens of thousands of applications (69,000) in Sept 2019 made by about 400 developments 31
AMParental Awareness of Minimum Age Requirement (13) • Facebook 32% • Instagram 28% • Snapchat 15% 32Ofcom Children and parents: Media use and attitudes report 2018
AM Children lie about their age • EU Kids Online conducted studies between 2011 and 2014 in 22 different countries • 1 in 4 of the 9-to-10-year-olds and 1 in 2 of the 11-to-12-year-olds were using Facebook already • 4 in 10 gave a false age. 33
AM How many children on SNS? • In 2011 there was an estimated 20 million minors use Facebook, according to Consumer Reports; 7.5 million of these are under 13. • These estimates are no longer in date and the possibility of establishing an accurate number has been significantly decreased as more children lie to get past age verification systems 34
AM If we take everything at face value Removing potential FUD (Fear, Uncertainty and Doubt) – lets say: • Social networking services care about your privacy • Physical information gathering/safety will always be an issue • We can’t control children lying about their age to interact on social media 35
Building a timeline of SNS S oc ial Networkin g S er vic es
AM Timeline A timeline of SNS as we know it today; • 1997: First SNS – “Six Degrees” and AOL Messenger • 1999: MSN Messenger and Yahoo Messenger Launch • 2001: Six Degrees Shuts Down • 2002: Friendster launches • 2003: LinkedIn and Myspace launch • 2004: Facebook launches • 2005: Reddit, Bebo, YouTube launch • 2006: Twitter Launches, Facebook releases newsfeed feature 37
AM Timeline A timeline of SNS as we know it today; • 2010: Pinterest and Instagram launch • 2012: Snapchat Launches Facebook acquires Instagram Facebook releases newsfeed feature (2006) 38
AM Features of SNS Some examples of features that have rolled out in the last 20 years or so. Some in real time/ some pre-emptive. • Location data • Event tagging • Friend tagging • Facial recognition features (photo tagging) • Messenger • Announcements • Life Events 39
AM Who knows what this is? 40https://www.telegraph.co.uk/technology/0/snapchat-map-do-use-safe-children/
AM Snapchat Map • SnapMap was a feature automatically rolled out in a June 2017 Snapchat update that tagged users location on a map in real time to all their “friends” on Snapchat • Snapchat had already established a young user group, there was a reward system in place for snapchat streaks resulting in points for users, the more “friends” users made, the more streaks could be established, the points could be gained • There were different settings for how users could find each other – some transparently – public/private profiles. Others, including how you could find friends such as the apps access to your contacts, have become better communicated over time. 41
AM Snapchat Issues • SnapLion (IOS and Android) a play on (LEO) and “Law Enforcement Officer” • SnapLion’s purpose is to extract data from user accounts in the aid of legal processes and investigation • It’s essentially a backdoor exploit to the application • Vice (May 2019) had internal emails discussing staff abusing and circulating the images/account communications 42
AM TikTok • Is one of the worlds most downloaded applications, one of the top 10 globally • TikTok stated users must be over 13 but asked for no proof • Known previously as Musically, utilised Snapchats successful model and Vine’s demise to carve a niche for themselves with younger users. • Public profiles by default – public comments by default • If the profile was public the application had an open messaging feature which resulted in children receiving private messages from strangers 43
AMSNS are targeting children with marketing • We know this because of the tailored products and services they are marketing towards their users based on data collection and analysis • They are rolling out features without any care or consideration for children’s/users safety 44
AM Childrens Sharing • Children are sharing more content about themselves than ever before to bigger audiences • They are more vulnerable to peer pressure at various ages • Some of children have more understanding of SNS than their parents or educators 45
This is just children’s sharing
AM Parents Sharing • “Sharenting” – is the term being used for parents who share a lot of information about their children online • Some parents have been over-sharers from the beginning with no prompts • However, the introduction of Facebook and features such as the newsfeed, announcements, timeline, memories have prompted users to share more about their lives and their children • A lot of the PII information required can be found about users independently, but control of the sharing about third parties who haven’t necessarily consented to the sharing of the information still accumulate 47
AM Fraud - Trends • The theft of personal and financial data through social engineering and data breaches was a major contributor to fraud losses in 2018. • The stolen data is used to commit fraud both directly and indirectly. • www.ukfinance.org.uk • Recession/Economic turmoil 48
AM Fraud - Trends • In 2009, it was announced that fraud had increased threefold in the previous year as a result of the recession • Cases through British court alone accounted for more than £1.1bn worth of fraud • April 2018, a report in America (Javelin Strategy & Research) on child fraud reported that more than 1 million children were victims of identity theft or fraud in 2017. • Two-thirds of those victims were age 7 or younger. • Six in 10 child victims personally know the perpetrator. 49
AM Why is PII used? CIA Triad • Confidentiality through preventing access by unauthorized users. • Integrity from validating that your data is trustworthy and accurate. • Availability by ensuring data is available when needed. 50 www.ibm.com
AM Why is this used? • The 3 A’s of cyber security • Authentication, Authorization, and Accounting (AAA) Authentication, authorization, and accounting (AAA) is a term for a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These combined processes are considered important for effective network management and security. - searchsecurity.techtarget.com 51
AM Facebook’s Timeline is 13 years old • In 3 years time – children who have had every significant moment of their life shared online – nearly all potential PII authentication answer. 16 years old and old enough for a debit account/card • In 5 years time - children who have had every significant moment of their life shared online – nearly all potential PII authentication answers. 18 years old and old enough for lines of credit, many products pushed in their direction will be highly likely to be targeted at low credit • Most will be venturing into the professional world, with everything associated with it, including loans, linkedin profiles, historic social media profiles 52
Potential for the perfect storm
AM PII used as authentication? • SMS and/or Email Based 2FA: Whether the site offered a SMS (text message) or email based 2FA. Sites that offered this method earned 1 point. • Software Token 2FA: Whether the site allowed you to perform 2FA using a software authenticator. Popular software authenticators include Authy, Google Authenticator, or Microsoft Authenticator. Sites that offered this method earned 1 point. • Hardware Token 2FA: Whether the site allowed you to use a hardware token to perform 2FA. Popular hardware tokens include YubiKey and Google Titan. Sites that used this method earned 3 points. 54
AM Is 2FA/MFA a fix? 55 Researcher Piotr Duszyński published a tool called Modlishka (Polish: “Mantis”) capable of automating the phishing of one-time passcodes (OTPs) sent by SMS or generated using authentication apps. Jan 2019
AM Is Biometric Authentication a fix? • There have already been a significant number of data breaches since the mass introduction of biometric authentication • Biostar 2 lost more than a million files • OPM lost 20 million • Facial recognition is more of a gimmick than a security feature, not enough research completed 56
AM Fingerprints and Biometrics • Major breach found in biometrics system used by banks, UK police and defence firms - Fingerprints, facial recognition data and other personal information lost in the data breach from Biostar 2 (Owned by Suprema) – August 2019 • Fingerprint data is stored locally in hash on mobile devices for IOS and most Android in Trusted Execution Environment (TEE). • Facial recognition is not secure, nor tested enough on BAME users – it shouldn’t be used as a security feature 57
Considering everything discussed
AM Right to forget • Doesn’t mean that other users will forget • Doesn’t mean that children are protected online • Doesn’t mean that children’s information is not being shared • Doesn’t educate users/parents/children about the dangers of oversharing PII online • Doesn’t fix the problem 59
AM Potential actions for tech • Moving away from the PII Authentication Model – especially as a bypass/back up for password loss • Tackle education of users around the availability of this information • Attempt to limit the scope of the issue – through historic deletion on SNS (this probably won’t happen) • We change the infrastructure of how we secure accounts – if these security questions are to remain then there should be additional steps involved to reset a password or gain access to an account • We attempt to tackle this in a way that doesn’t cause additional issues – i.e Netflix asking for photos of passports through email to confirm identity 60
AM Steps moving forward for users • Change answers to PII Questions on SNS – use like new passwords, ideally 3 word combinations with number/symbol contributions and upper and lower case i.e R3dR1dingH00d! • Use passwords specific to the SNS service you’re using • 91% of people know reusing passwords is poor practice, 59% reuse their passwords everywhere – at home and at work – training is necessary - Change Email password to something unique • MFA/2FA set up where possible 61
Thank You Abigail McAlpine Twitter @abigailmcalpine
Any questions? Abigail McAlpine Twitter @abigailmcalpine

Recommandé

Online abuse and safeguarding in higher education
Online abuse and safeguarding in higher educationOnline abuse and safeguarding in higher education
Online abuse and safeguarding in higher educationJisc
 
Runshaw College and the journey towards ISO 27001
Runshaw College and the journey towards ISO 27001Runshaw College and the journey towards ISO 27001
Runshaw College and the journey towards ISO 27001Jisc
 
The challenge of security awareness
The challenge of security awarenessThe challenge of security awareness
The challenge of security awarenessJisc
 
The importance of authenticity in cyber security training and education
The importance of authenticity in cyber security training and educationThe importance of authenticity in cyber security training and education
The importance of authenticity in cyber security training and educationJisc
 
Iowa Bullying Prevention
Iowa Bullying Prevention Iowa Bullying Prevention
Iowa Bullying Prevention emilyensign
 
Ethics in Cyber Space
Ethics in Cyber SpaceEthics in Cyber Space
Ethics in Cyber SpaceMuhammad Rawaha Saleem
 
Teaching digital citizenship in a not so-digital setting
Teaching digital citizenship in a not so-digital settingTeaching digital citizenship in a not so-digital setting
Teaching digital citizenship in a not so-digital settingSanta Clara County Office of Education
 
Teaching Johnny Not to Fall for Phish, for ISSA 2011 in Pittsburgh on Feb2011
Teaching Johnny Not to Fall for Phish, for ISSA 2011 in Pittsburgh on Feb2011Teaching Johnny Not to Fall for Phish, for ISSA 2011 in Pittsburgh on Feb2011
Teaching Johnny Not to Fall for Phish, for ISSA 2011 in Pittsburgh on Feb2011Jason Hong
 

Recommandé

Online abuse and safeguarding in higher education
Online abuse and safeguarding in higher educationOnline abuse and safeguarding in higher education
Online abuse and safeguarding in higher educationJisc
 
Runshaw College and the journey towards ISO 27001
Runshaw College and the journey towards ISO 27001Runshaw College and the journey towards ISO 27001
Runshaw College and the journey towards ISO 27001Jisc
 
The challenge of security awareness
The challenge of security awarenessThe challenge of security awareness
The challenge of security awarenessJisc
 
The importance of authenticity in cyber security training and education
The importance of authenticity in cyber security training and educationThe importance of authenticity in cyber security training and education
The importance of authenticity in cyber security training and educationJisc
 
Iowa Bullying Prevention
Iowa Bullying Prevention Iowa Bullying Prevention
Iowa Bullying Prevention emilyensign
 
Ethics in Cyber Space
Ethics in Cyber SpaceEthics in Cyber Space
Ethics in Cyber SpaceMuhammad Rawaha Saleem
 
Teaching digital citizenship in a not so-digital setting
Teaching digital citizenship in a not so-digital settingTeaching digital citizenship in a not so-digital setting
Teaching digital citizenship in a not so-digital settingSanta Clara County Office of Education
 
Teaching Johnny Not to Fall for Phish, for ISSA 2011 in Pittsburgh on Feb2011
Teaching Johnny Not to Fall for Phish, for ISSA 2011 in Pittsburgh on Feb2011Teaching Johnny Not to Fall for Phish, for ISSA 2011 in Pittsburgh on Feb2011
Teaching Johnny Not to Fall for Phish, for ISSA 2011 in Pittsburgh on Feb2011Jason Hong
 
Internet Ethics Issues and Action in the United States
Internet Ethics Issues and Action in the United StatesInternet Ethics Issues and Action in the United States
Internet Ethics Issues and Action in the United StatesMichael Zimmer
 
Globalcompose.com sample essay paper on cyber ethics
Globalcompose.com sample essay paper on cyber ethicsGlobalcompose.com sample essay paper on cyber ethics
Globalcompose.com sample essay paper on cyber ethicsAcademic Research Paper Writing Services
 
Ruth Hammond - Saftguarding Children in a Digital World
Ruth Hammond - Saftguarding Children in a Digital WorldRuth Hammond - Saftguarding Children in a Digital World
Ruth Hammond - Saftguarding Children in a Digital WorldNaace Naace
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeBen Rothke
 
NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014emilyensign
 
Social Media for School Districts - OTA 15
Social Media for School Districts - OTA 15Social Media for School Districts - OTA 15
Social Media for School Districts - OTA 15Diana Benner
 
C3 Presentation - Oct 2015
C3 Presentation - Oct 2015C3 Presentation - Oct 2015
C3 Presentation - Oct 2015emilyensign
 
Potential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - MimecastPotential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - MimecastJisc
 
Shannon Morris PDLM presentation
Shannon Morris PDLM presentationShannon Morris PDLM presentation
Shannon Morris PDLM presentationshannoncmorris
 
International comparison of the state of Internet safety for children and youth
International comparison of the state of Internet safety for children and youthInternational comparison of the state of Internet safety for children and youth
International comparison of the state of Internet safety for children and youthThinkB4UClick
 
Bridgewater College Cyber Security Presentation
Bridgewater College Cyber Security PresentationBridgewater College Cyber Security Presentation
Bridgewater College Cyber Security PresentationTom Huskerson
 
Naughty or nice: Ethical concerns for technology
Naughty or nice: Ethical concerns for technologyNaughty or nice: Ethical concerns for technology
Naughty or nice: Ethical concerns for technologyJohan Koren
 
Internet privacy ethics and online security
Internet privacy ethics and online securityInternet privacy ethics and online security
Internet privacy ethics and online securityPaul Berryman
 
2010 09 27 e-safety master ver3
2010 09 27 e-safety master ver32010 09 27 e-safety master ver3
2010 09 27 e-safety master ver3Joy Rosario
 
Naughty or nice 2003 version
Naughty or nice 2003 versionNaughty or nice 2003 version
Naughty or nice 2003 versionJohan Koren
 
e-Safety Primary
e-Safety Primarye-Safety Primary
e-Safety Primarykturvey
 
Education Privacy
Education Privacy Education Privacy
Education Privacy emilyensign
 
Cyberspace and cyberethics and social networking
Cyberspace and cyberethics and social networkingCyberspace and cyberethics and social networking
Cyberspace and cyberethics and social networkingYUSRA FERNANDO
 
Mobile Devices in Education
Mobile Devices in EducationMobile Devices in Education
Mobile Devices in EducationMonica Martinez
 
Cyber ethics
Cyber ethicsCyber ethics
Cyber ethicsGeoffrey Lowe
 
Social Media for Families
Social Media for FamiliesSocial Media for Families
Social Media for FamiliesNicastro Consultants
 
BEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette ElementaryBEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette Elementaryemilyensign
 

Contenu connexe

Tendances

Internet Ethics Issues and Action in the United States
Internet Ethics Issues and Action in the United StatesInternet Ethics Issues and Action in the United States
Internet Ethics Issues and Action in the United StatesMichael Zimmer
 
Ruth Hammond - Saftguarding Children in a Digital World
Ruth Hammond - Saftguarding Children in a Digital WorldRuth Hammond - Saftguarding Children in a Digital World
Ruth Hammond - Saftguarding Children in a Digital WorldNaace Naace
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeBen Rothke
 
NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014emilyensign
 
Social Media for School Districts - OTA 15
Social Media for School Districts - OTA 15Social Media for School Districts - OTA 15
Social Media for School Districts - OTA 15Diana Benner
 
C3 Presentation - Oct 2015
C3 Presentation - Oct 2015C3 Presentation - Oct 2015
C3 Presentation - Oct 2015emilyensign
 
Potential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - MimecastPotential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - MimecastJisc
 
Shannon Morris PDLM presentation
Shannon Morris PDLM presentationShannon Morris PDLM presentation
Shannon Morris PDLM presentationshannoncmorris
 
International comparison of the state of Internet safety for children and youth
International comparison of the state of Internet safety for children and youthInternational comparison of the state of Internet safety for children and youth
International comparison of the state of Internet safety for children and youthThinkB4UClick
 
Bridgewater College Cyber Security Presentation
Bridgewater College Cyber Security PresentationBridgewater College Cyber Security Presentation
Bridgewater College Cyber Security PresentationTom Huskerson
 
Naughty or nice: Ethical concerns for technology
Naughty or nice: Ethical concerns for technologyNaughty or nice: Ethical concerns for technology
Naughty or nice: Ethical concerns for technologyJohan Koren
 
Internet privacy ethics and online security
Internet privacy ethics and online securityInternet privacy ethics and online security
Internet privacy ethics and online securityPaul Berryman
 
2010 09 27 e-safety master ver3
2010 09 27 e-safety master ver32010 09 27 e-safety master ver3
2010 09 27 e-safety master ver3Joy Rosario
 
Naughty or nice 2003 version
Naughty or nice 2003 versionNaughty or nice 2003 version
Naughty or nice 2003 versionJohan Koren
 
e-Safety Primary
e-Safety Primarye-Safety Primary
e-Safety Primarykturvey
 
Education Privacy
Education Privacy Education Privacy
Education Privacy emilyensign
 
Cyberspace and cyberethics and social networking
Cyberspace and cyberethics and social networkingCyberspace and cyberethics and social networking
Cyberspace and cyberethics and social networkingYUSRA FERNANDO
 
Mobile Devices in Education
Mobile Devices in EducationMobile Devices in Education
Mobile Devices in EducationMonica Martinez
 

Tendances (20)

Internet Ethics Issues and Action in the United States
Internet Ethics Issues and Action in the United StatesInternet Ethics Issues and Action in the United States
Internet Ethics Issues and Action in the United States
 
Globalcompose.com sample essay paper on cyber ethics
Globalcompose.com sample essay paper on cyber ethicsGlobalcompose.com sample essay paper on cyber ethics
Globalcompose.com sample essay paper on cyber ethics
 
Ruth Hammond - Saftguarding Children in a Digital World
Ruth Hammond - Saftguarding Children in a Digital WorldRuth Hammond - Saftguarding Children in a Digital World
Ruth Hammond - Saftguarding Children in a Digital World
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothke
 
NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014NAESP Conference - July 12, 2014
NAESP Conference - July 12, 2014
 
Social Media for School Districts - OTA 15
Social Media for School Districts - OTA 15Social Media for School Districts - OTA 15
Social Media for School Districts - OTA 15
 
C3 Presentation - Oct 2015
C3 Presentation - Oct 2015C3 Presentation - Oct 2015
C3 Presentation - Oct 2015
 
Potential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - MimecastPotential vulnerabilities to e-learning - Mimecast
Potential vulnerabilities to e-learning - Mimecast
 
Shannon Morris PDLM presentation
Shannon Morris PDLM presentationShannon Morris PDLM presentation
Shannon Morris PDLM presentation
 
International comparison of the state of Internet safety for children and youth
International comparison of the state of Internet safety for children and youthInternational comparison of the state of Internet safety for children and youth
International comparison of the state of Internet safety for children and youth
 
Bridgewater College Cyber Security Presentation
Bridgewater College Cyber Security PresentationBridgewater College Cyber Security Presentation
Bridgewater College Cyber Security Presentation
 
Naughty or nice: Ethical concerns for technology
Naughty or nice: Ethical concerns for technologyNaughty or nice: Ethical concerns for technology
Naughty or nice: Ethical concerns for technology
 
Internet privacy ethics and online security
Internet privacy ethics and online securityInternet privacy ethics and online security
Internet privacy ethics and online security
 
2010 09 27 e-safety master ver3
2010 09 27 e-safety master ver32010 09 27 e-safety master ver3
2010 09 27 e-safety master ver3
 
Naughty or nice 2003 version
Naughty or nice 2003 versionNaughty or nice 2003 version
Naughty or nice 2003 version
 
e-Safety Primary
e-Safety Primarye-Safety Primary
e-Safety Primary
 
Education Privacy
Education Privacy Education Privacy
Education Privacy
 
Cyberspace and cyberethics and social networking
Cyberspace and cyberethics and social networkingCyberspace and cyberethics and social networking
Cyberspace and cyberethics and social networking
 
Mobile Devices in Education
Mobile Devices in EducationMobile Devices in Education
Mobile Devices in Education
 
Cyber ethics
Cyber ethicsCyber ethics
Cyber ethics
 

Similaire à Children's fingerprints on the web: How social media puts privacy at risk

BEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette ElementaryBEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette Elementaryemilyensign
 
DigComp - Konferens om skolans digitalisering, 8 sep, Stockholm
DigComp - Konferens om skolans digitalisering, 8 sep, StockholmDigComp - Konferens om skolans digitalisering, 8 sep, Stockholm
DigComp - Konferens om skolans digitalisering, 8 sep, StockholmRiina Vuorikari
 
Parents in a Digital Age Report
Parents in a Digital Age ReportParents in a Digital Age Report
Parents in a Digital Age ReportHiMama
 
If I Googled You, What Would I Find? Managing your digital footprint - Nicola...
If I Googled You, What Would I Find? Managing your digital footprint - Nicola...If I Googled You, What Would I Find? Managing your digital footprint - Nicola...
If I Googled You, What Would I Find? Managing your digital footprint - Nicola...EDINA, University of Edinburgh
 
Safeguarding Children & Young People Online
Safeguarding Children & Young People OnlineSafeguarding Children & Young People Online
Safeguarding Children & Young People OnlineClaudia Megele
 
CSUN - Youth Driven Information Privacy Education Campaign
CSUN - Youth Driven Information Privacy Education CampaignCSUN - Youth Driven Information Privacy Education Campaign
CSUN - Youth Driven Information Privacy Education CampaignKimberly Gonzalez
 
Safe Internet (Art 203)
Safe Internet (Art 203)Safe Internet (Art 203)
Safe Internet (Art 203)Sumaiya Ismail
 
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...Marcus Leaning
 
“Never go through our chats and phones without our consent!” The emerging i...
“Never go through our chats and phones without our consent!” The emerging i...“Never go through our chats and phones without our consent!” The emerging i...
“Never go through our chats and phones without our consent!” The emerging i...University of Sydney
 
Child online protection a collective responsibillity
Child online protection a collective responsibillityChild online protection a collective responsibillity
Child online protection a collective responsibillitychioma Ibe
 
Social networking boon or a bane
Social networking boon or a baneSocial networking boon or a bane
Social networking boon or a baneAbhishek Sharma
 
Aurora - Social media
Aurora - Social mediaAurora - Social media
Aurora - Social mediaMike North
 
Own Your Own Life (at least online)
Own Your Own Life (at least online)Own Your Own Life (at least online)
Own Your Own Life (at least online)Pat Sine
 
Internet safetypresentationghs
Internet safetypresentationghsInternet safetypresentationghs
Internet safetypresentationghsfkompar
 
Online safety Ofsted 2015
Online safety Ofsted 2015Online safety Ofsted 2015
Online safety Ofsted 2015bellla33
 

Similaire à Children's fingerprints on the web: How social media puts privacy at risk (20)

Social Media for Families
Social Media for FamiliesSocial Media for Families
Social Media for Families
 
BEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette ElementaryBEaPRO Presentation: Lafayette Elementary
BEaPRO Presentation: Lafayette Elementary
 
DigComp - Konferens om skolans digitalisering, 8 sep, Stockholm
DigComp - Konferens om skolans digitalisering, 8 sep, StockholmDigComp - Konferens om skolans digitalisering, 8 sep, Stockholm
DigComp - Konferens om skolans digitalisering, 8 sep, Stockholm
 
Apps and Young Users.pptx
Apps and Young Users.pptxApps and Young Users.pptx
Apps and Young Users.pptx
 
Parents in a Digital Age Report
Parents in a Digital Age ReportParents in a Digital Age Report
Parents in a Digital Age Report
 
If I Googled You, What Would I Find? Managing your digital footprint - Nicola...
If I Googled You, What Would I Find? Managing your digital footprint - Nicola...If I Googled You, What Would I Find? Managing your digital footprint - Nicola...
If I Googled You, What Would I Find? Managing your digital footprint - Nicola...
 
Safeguarding Children & Young People Online
Safeguarding Children & Young People OnlineSafeguarding Children & Young People Online
Safeguarding Children & Young People Online
 
CSUN - Youth Driven Information Privacy Education Campaign
CSUN - Youth Driven Information Privacy Education CampaignCSUN - Youth Driven Information Privacy Education Campaign
CSUN - Youth Driven Information Privacy Education Campaign
 
Social media in social work spaces
Social media in social work spacesSocial media in social work spaces
Social media in social work spaces
 
Facebook
FacebookFacebook
Facebook
 
Safe Internet (Art 203)
Safe Internet (Art 203)Safe Internet (Art 203)
Safe Internet (Art 203)
 
Digital Tattoo: for MOSAIC
Digital Tattoo: for MOSAICDigital Tattoo: for MOSAIC
Digital Tattoo: for MOSAIC
 
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...
Lecture 10 Inferential Data Analysis, Personality Quizes and Fake News...
 
“Never go through our chats and phones without our consent!” The emerging i...
“Never go through our chats and phones without our consent!” The emerging i...“Never go through our chats and phones without our consent!” The emerging i...
“Never go through our chats and phones without our consent!” The emerging i...
 
Child online protection a collective responsibillity
Child online protection a collective responsibillityChild online protection a collective responsibillity
Child online protection a collective responsibillity
 
Social networking boon or a bane
Social networking boon or a baneSocial networking boon or a bane
Social networking boon or a bane
 
Aurora - Social media
Aurora - Social mediaAurora - Social media
Aurora - Social media
 
Own Your Own Life (at least online)
Own Your Own Life (at least online)Own Your Own Life (at least online)
Own Your Own Life (at least online)
 
Internet safetypresentationghs
Internet safetypresentationghsInternet safetypresentationghs
Internet safetypresentationghs
 
Online safety Ofsted 2015
Online safety Ofsted 2015Online safety Ofsted 2015
Online safety Ofsted 2015
 

Plus de Jisc

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptxJisc
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptxJisc
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxJisc
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptxJisc
 

Plus de Jisc (20)

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptx
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptx
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptx
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptx
 

Dernier

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 

Dernier (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 

Children's fingerprints on the web: How social media puts privacy at risk

  • 1. Children's fingerprints on the web - the end of PII Authentication? Abigail McAlpine
  • 2. Abigail McAlpine Cy b er S ec u rity Researc h er ( Ph D) from the Secure Societies In stitu te at Th e Un iversity of Hu d d ersfield
  • 3. Children's fingerprints on the web - the end of PII Authentication? Abigail McAlpine
  • 4. AM Background • Cyber Security Researcher (PhD) from the Secure Societies Institute at the University of Huddersfield • Research on Personally Identifiable Information (PII) of children aged (11-16) on Social Networking Services (SNS) focussing particularly on the most commonly used platforms according to Ofcom’s “Children and parents: media use and attitudes report 2018 • Human-based cyber security research, particularly focusing on the “what” and “where” of sharing online when it comes to children’s information • Research is still in collection, public, parents and children • My background pre-PhD was in business and marketing as a marketing manager
  • 5. AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/5 Imagine a circle that contains all of human knowledge:
  • 6. AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/6 By the time you finish elementary school, you know a little:
  • 7. AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/7 By the time you finish high school, you know a bit more:
  • 8. AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/8 With a bachelor's degree, you gain a specialty:
  • 9. AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/9 A master's degree deepens that specialty:
  • 10. AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/10 Reading research papers takes you to the edge of human knowledge:
  • 11. AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/11 Once you're at the boundary, you focus:
  • 12. AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/12 You push at the boundary for a few years:
  • 13. AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/13 Until one day, the boundary gives way:
  • 14. AM Brief Illustrated Guide to a PhD • http://matt.might.net/articles/phd-school-in-pictures/14 And, that dent you've made is called a Ph.D.: @mattmight
  • 15. AM The Secure Societies Institute (SSI) • “Research staff and students from across the seven Schools work collaboratively to address global security challenges as diverse as terrorism, modern slavery, child sexual abuse and cyber crime.” – Prof Rachel Armitage • Nearly 100 staff and post-graduate researchers from The University of Huddersfield working on a variety of inter-disciplinary research projects in the hopes of addressing security topics nationally and internationally. 15https://research.hud.ac.uk/institutes-centres/ssi/welcome/
  • 16. AM Contents • What is PII? • What PII is collected by SNS? • Marketing vs Security • Ofcom report • Parental awareness • SNS Timeline • Features on SNS • Sharenting • Fraud • Why PII is used • Actions for tech/users 16
  • 17. AMWhat is Personal Identifiable Information (PII)? • Personal data is information that relates to an identified or identifiable individual. • What identifies an individual could be as simple as a name or a number or could include other identifiers such as an IP address or a cookie identifier, or other factors. • If it is possible to identify an individual directly from the information you are processing, then that information may be personal data. • https://ico.org.uk
  • 18. AM What is PII? • Even if an individual is identified or identifiable, directly or indirectly, from the data you are processing, it is not personal data unless it ‘relates to’ the individual. • When considering whether information ‘relates to’ an individual, you need to take into account a range of factors, including the content of the information, the purpose or purposes for which you are processing it and the likely impact or effect of that processing on the individual. • It is possible that the same information is personal data for one controller’s purposes but is not personal data for the purposes of another controller. 18
  • 19. AM What are SNS? • SNS – Social Networking Services • These include Facebook, Twitter, Instagram and more • Discord/Slack other messaging services Add a footer 19
  • 20. Children's fingerprints on the web - the end of PII Authentication? Who is the girl on the left?
  • 21. AM Marketing potential • We can guess her age is probably between 11-14 (Wider guess of 10-16) • We can reasonably articulate an idea of her assigned gender • We can see her uniform – idea of location, confirmation of age group • We can see she has her own phone – she seems very attached
  • 22. AM In marketing this would be seen as rich data – worth investing time and money into… • With this information we could curate a customer persona, we could adjust marketing, we could curate a timeline of potential sales funnels to pitch. • This information is still very valuable to us • We don’t need to know her identity 22
  • 23. AM In security • There’s potential to use this information in future fact finding to collate a bigger picture of her identity • Basic OSINT (Open-source intelligence) tools can track her and build on the information provided • It’s the potential of future information that will cause issues to her identity 23
  • 24. AM Ultimately • The ability and tools to collate more information about an individual (regardless of age) exist in both marketing and cyber security industries • The skills to take the information we have and turn into viable information are already in the room, a lot of the tools and methods to do so are very established, be it in technology or simply observing an individual • These cases will always exist, it is justifiable for the existence of data collection around children online for marketing purposes – whether directly through children’s use, or through a third party or parent’s use or purchasing data points. 24
  • 25. AM The real issue.. • Some of the largest datasets on children in the world are owned by Social Networking Services (SNS) • They have this information, it’s usually attached to an identity. • Encouragement of PII sharing, location data, connecting with more users, spending more time on the platforms 25
  • 26. Looking at the numbers 26
  • 27. AM Ofcom Report (12-15) • 83% of 12-15 year olds have their own smartphone • 50% of 12-15 year olds have their own tablet • 99% of 12-15 year olds go online for 20 ½ hours per week • 69% have a social media profile 27Children and parents: Media use and attitudes report 2018
  • 28. AM Ofcom Report (8-11) • 35% of 8-11 year olds have their own smartphone • 50% of 8-11 year olds have their own tablet • 93% of 8-11 year olds go online for 13 ½ hours per week • 18% of 8-11 year olds have a social media profile 28Children and parents: Media use and attitudes report 2018
  • 29. What happens when children’s data is breached online?
  • 30. AM Privacy Pin-Ups • “We take your privacy and security seriously.” • “Your privacy matters to us.” 30
  • 31. AM Huge changes in Facebook • Encrypted end-to-end messages through the messenger app • 18.4 million reports of child sexual abuse worldwide in 2018, a staggering 12 million trace back to Facebook Messenger. • Reducing Permanence – deleting long term information as standard (undefined) March 2019 • Right to be forgotten/ The right to erasure – GDPR 2018. Doesn’t limit the sharing of information primarily • Suspension of tens of thousands of applications (69,000) in Sept 2019 made by about 400 developments 31
  • 32. AMParental Awareness of Minimum Age Requirement (13) • Facebook 32% • Instagram 28% • Snapchat 15% 32Ofcom Children and parents: Media use and attitudes report 2018
  • 33. AM Children lie about their age • EU Kids Online conducted studies between 2011 and 2014 in 22 different countries • 1 in 4 of the 9-to-10-year-olds and 1 in 2 of the 11-to-12-year-olds were using Facebook already • 4 in 10 gave a false age. 33
  • 34. AM How many children on SNS? • In 2011 there was an estimated 20 million minors use Facebook, according to Consumer Reports; 7.5 million of these are under 13. • These estimates are no longer in date and the possibility of establishing an accurate number has been significantly decreased as more children lie to get past age verification systems 34
  • 35. AM If we take everything at face value Removing potential FUD (Fear, Uncertainty and Doubt) – lets say: • Social networking services care about your privacy • Physical information gathering/safety will always be an issue • We can’t control children lying about their age to interact on social media 35
  • 36. Building a timeline of SNS S oc ial Networkin g S er vic es
  • 37. AM Timeline A timeline of SNS as we know it today; • 1997: First SNS – “Six Degrees” and AOL Messenger • 1999: MSN Messenger and Yahoo Messenger Launch • 2001: Six Degrees Shuts Down • 2002: Friendster launches • 2003: LinkedIn and Myspace launch • 2004: Facebook launches • 2005: Reddit, Bebo, YouTube launch • 2006: Twitter Launches, Facebook releases newsfeed feature 37
  • 38. AM Timeline A timeline of SNS as we know it today; • 2010: Pinterest and Instagram launch • 2012: Snapchat Launches Facebook acquires Instagram Facebook releases newsfeed feature (2006) 38
  • 39. AM Features of SNS Some examples of features that have rolled out in the last 20 years or so. Some in real time/ some pre-emptive. • Location data • Event tagging • Friend tagging • Facial recognition features (photo tagging) • Messenger • Announcements • Life Events 39
  • 40. AM Who knows what this is? 40https://www.telegraph.co.uk/technology/0/snapchat-map-do-use-safe-children/
  • 41. AM Snapchat Map • SnapMap was a feature automatically rolled out in a June 2017 Snapchat update that tagged users location on a map in real time to all their “friends” on Snapchat • Snapchat had already established a young user group, there was a reward system in place for snapchat streaks resulting in points for users, the more “friends” users made, the more streaks could be established, the points could be gained • There were different settings for how users could find each other – some transparently – public/private profiles. Others, including how you could find friends such as the apps access to your contacts, have become better communicated over time. 41
  • 42. AM Snapchat Issues • SnapLion (IOS and Android) a play on (LEO) and “Law Enforcement Officer” • SnapLion’s purpose is to extract data from user accounts in the aid of legal processes and investigation • It’s essentially a backdoor exploit to the application • Vice (May 2019) had internal emails discussing staff abusing and circulating the images/account communications 42
  • 43. AM TikTok • Is one of the worlds most downloaded applications, one of the top 10 globally • TikTok stated users must be over 13 but asked for no proof • Known previously as Musically, utilised Snapchats successful model and Vine’s demise to carve a niche for themselves with younger users. • Public profiles by default – public comments by default • If the profile was public the application had an open messaging feature which resulted in children receiving private messages from strangers 43
  • 44. AMSNS are targeting children with marketing • We know this because of the tailored products and services they are marketing towards their users based on data collection and analysis • They are rolling out features without any care or consideration for children’s/users safety 44
  • 45. AM Childrens Sharing • Children are sharing more content about themselves than ever before to bigger audiences • They are more vulnerable to peer pressure at various ages • Some of children have more understanding of SNS than their parents or educators 45
  • 46. This is just children’s sharing
  • 47. AM Parents Sharing • “Sharenting” – is the term being used for parents who share a lot of information about their children online • Some parents have been over-sharers from the beginning with no prompts • However, the introduction of Facebook and features such as the newsfeed, announcements, timeline, memories have prompted users to share more about their lives and their children • A lot of the PII information required can be found about users independently, but control of the sharing about third parties who haven’t necessarily consented to the sharing of the information still accumulate 47
  • 48. AM Fraud - Trends • The theft of personal and financial data through social engineering and data breaches was a major contributor to fraud losses in 2018. • The stolen data is used to commit fraud both directly and indirectly. • www.ukfinance.org.uk • Recession/Economic turmoil 48
  • 49. AM Fraud - Trends • In 2009, it was announced that fraud had increased threefold in the previous year as a result of the recession • Cases through British court alone accounted for more than £1.1bn worth of fraud • April 2018, a report in America (Javelin Strategy & Research) on child fraud reported that more than 1 million children were victims of identity theft or fraud in 2017. • Two-thirds of those victims were age 7 or younger. • Six in 10 child victims personally know the perpetrator. 49
  • 50. AM Why is PII used? CIA Triad • Confidentiality through preventing access by unauthorized users. • Integrity from validating that your data is trustworthy and accurate. • Availability by ensuring data is available when needed. 50 www.ibm.com
  • 51. AM Why is this used? • The 3 A’s of cyber security • Authentication, Authorization, and Accounting (AAA) Authentication, authorization, and accounting (AAA) is a term for a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These combined processes are considered important for effective network management and security. - searchsecurity.techtarget.com 51
  • 52. AM Facebook’s Timeline is 13 years old • In 3 years time – children who have had every significant moment of their life shared online – nearly all potential PII authentication answer. 16 years old and old enough for a debit account/card • In 5 years time - children who have had every significant moment of their life shared online – nearly all potential PII authentication answers. 18 years old and old enough for lines of credit, many products pushed in their direction will be highly likely to be targeted at low credit • Most will be venturing into the professional world, with everything associated with it, including loans, linkedin profiles, historic social media profiles 52
  • 53. Potential for the perfect storm
  • 54. AM PII used as authentication? • SMS and/or Email Based 2FA: Whether the site offered a SMS (text message) or email based 2FA. Sites that offered this method earned 1 point. • Software Token 2FA: Whether the site allowed you to perform 2FA using a software authenticator. Popular software authenticators include Authy, Google Authenticator, or Microsoft Authenticator. Sites that offered this method earned 1 point. • Hardware Token 2FA: Whether the site allowed you to use a hardware token to perform 2FA. Popular hardware tokens include YubiKey and Google Titan. Sites that used this method earned 3 points. 54
  • 55. AM Is 2FA/MFA a fix? 55 Researcher Piotr Duszyński published a tool called Modlishka (Polish: “Mantis”) capable of automating the phishing of one-time passcodes (OTPs) sent by SMS or generated using authentication apps. Jan 2019
  • 56. AM Is Biometric Authentication a fix? • There have already been a significant number of data breaches since the mass introduction of biometric authentication • Biostar 2 lost more than a million files • OPM lost 20 million • Facial recognition is more of a gimmick than a security feature, not enough research completed 56
  • 57. AM Fingerprints and Biometrics • Major breach found in biometrics system used by banks, UK police and defence firms - Fingerprints, facial recognition data and other personal information lost in the data breach from Biostar 2 (Owned by Suprema) – August 2019 • Fingerprint data is stored locally in hash on mobile devices for IOS and most Android in Trusted Execution Environment (TEE). • Facial recognition is not secure, nor tested enough on BAME users – it shouldn’t be used as a security feature 57
  • 59. AM Right to forget • Doesn’t mean that other users will forget • Doesn’t mean that children are protected online • Doesn’t mean that children’s information is not being shared • Doesn’t educate users/parents/children about the dangers of oversharing PII online • Doesn’t fix the problem 59
  • 60. AM Potential actions for tech • Moving away from the PII Authentication Model – especially as a bypass/back up for password loss • Tackle education of users around the availability of this information • Attempt to limit the scope of the issue – through historic deletion on SNS (this probably won’t happen) • We change the infrastructure of how we secure accounts – if these security questions are to remain then there should be additional steps involved to reset a password or gain access to an account • We attempt to tackle this in a way that doesn’t cause additional issues – i.e Netflix asking for photos of passports through email to confirm identity 60
  • 61. AM Steps moving forward for users • Change answers to PII Questions on SNS – use like new passwords, ideally 3 word combinations with number/symbol contributions and upper and lower case i.e R3dR1dingH00d! • Use passwords specific to the SNS service you’re using • 91% of people know reusing passwords is poor practice, 59% reuse their passwords everywhere – at home and at work – training is necessary - Change Email password to something unique • MFA/2FA set up where possible 61

Notes de l'éditeur

  1. https://www.telegraph.co.uk/technology/0/snapchat-map-do-use-safe-children/