Children in Cyberspace: A Resource Guide - Human Rights Magazine, Winter 1999

TABLE OF
CONTENTS
WINTER 1999

Children in Cyberspace: A Resource Guide

By Beth Givens

This article was adapted from Fact Sheet #21, entitled "Children in Cyberspace" written by Beth Givens for the Privacy Rights Clearinghouse and is reprinted here with permission.

Many children are skilled navigators of the vast reaches of cyberspace. It is estimated that nearly 10 million youths are online now, or 14 percent of U.S. children. This figure is expected to reach 42 million by 2002.

The Internet offers children and youth treme

Human Rights

ndous opportunities to explore new ideas, visit foreign lands, meet other children, and participate in challenging games. However, certain aspects of the virtual world can be dangerous and harmful to children. Parents, teachers, and other guardians cannot always be on hand to prevent children and youth from visiting Websites with harmful or objectionable content. Nor can they always be available to discuss with children what they are encountering in the online world.

The words "harmful" and "objectionable" can be interpreted in many ways. Such terms are often used to describe pornography, profanity, and hate speech. They can also be used to describe advertising messages and images that are highly manipulative of children.

This guide discusses both types of content: first, the privacy implications of online marketing; and second, objectionable material such as pornography, profanity, and hate speech. The guide provides resources that can be used by parents, advocates, and practitioners to learn more about the issues—and the potential dangers—that face young Internet users.

Online Marketing to Children

The Center for Media Education (CME) and the Consumer Federation of America (CFA) have jointly proposed a set of guidelines for protecting children's privacy on the Internet, "Guidelines for the Collection and Tracking of Information from Children on the Global Information Infrastructure and in Interactive Media," available at the CME Website, http://www.cme.org/privacy.html. The guidelines include:

(1) Collection limitation. Data collectors may not collect personal information from children, unless it is relevant, necessary, and socially acceptable.

(2) Disclosure. Each data collector must prominently display a privacy statement that discloses what information is being collected or tracked, how it is collected, how it will be used, who is collecting it, and who will use it.

(3) Parental consent. The child must understand that he/she must get parental permission before visiting areas where personal information is collected. The burden is on the collector/tracker to obtain valid parental consent.

(4) Use specification/use limitation. Personal data should not be disclosed, made available, or otherwise used for purposes other than those specified in the disclosure statement.

(5) Data quality and security. Personal data should be protected against loss, unauthorized access, destruction, use, modification, or disclosure.

(6) Parental participation access, correction, and prevention of future use. The data collector must provide access to the information it has collected about the child. It must also allow the parent the ability to correct erroneous data, have data deleted, and/or prevent further use.

Children are already exposed to powerful advertising images when they watch television—clever animated characters, toys that come to life, big-name celebrities and sports figures, bright colors and loud noises—all packaged into action-oriented video segments that entice children and youth to consume products and services, and to convince their parents to acquire those goods for them. In the interactive world of the Internet, such advertising messages can be even more enticing to children and youth.

Advertisers and marketers are increasingly using the Internet to target children and gather personal information from them for marketing purposes. Such information can be obtained by asking children to register in order to visit their favorite cartoon characters or enter a contest. When Websites learn children’s names, ages, and favorite toys, they can pitch customized electronic mail messages to them, perhaps sent by well-known cartoon characters and celebrities. Imagine the thrill children experience when receiving e-mail messages from their fictional heroes. At the same time, imagine the manipulative impact that message has on children who are not yet mature enough to know the difference between fiction and reality.

Websites can also be programmed to invisibly gather information about children’s interests as they "travel" from page to page or site to site. Such transactional data is called the "clickstream." It often triggers the placement of "cookies" on the hard drive of the computer used by the child. Cookies are small text files containing data about the Web user’s interests derived from the clickstream. This data is able to prompt tailored advertising messages to be displayed the next time the site is visited. (For additional information about cookies, see the article on p. 17 and the Privacy Rights Clearinghouse (PRC) Fact sheet 18, "Privacy in Cyberspace," http://www.privacyrights.org/fs/fs18-cyb.htm; see also the Center for Democracy and Technology Website at http://www.cdt.org.)

In short, given the opportunities for data gathering and customized messages on the Internet, the interactive world of cyberspace is a highly seductive and potentially manipulative environment for children.

How have policymakers and consumer advocates responded to the issues of children’s privacy on the Internet?

In July 1997, the Federal Trade Commission’s (FTC) Consumer Protection Bureau issued broad principles that apply to the online collection of information from children. In response to a 1996 complaint from the Center for Media Education against the company KidsCom, the FTC stated that it considers the collection and sale of information from children without due disclosure and parental consent to be an "unfair practice" under Section 5 of the FTC Act. It defines such personally identifiable information as including name, e-mail address, home address, and/or phone number. The FTC further stated that Web operators must disclose the intended uses of information gathered from children at the outset. If they disclose such information to third parties, they must obtain the consent of the parents. (See http://www.ftc.gov/opa/1997/9707/kidscom.htm.)

Choosing the right filtering program Features to look for in blocking software include the following:

blocks "outgoing" transmission of personal information such as name, address, and phone number
limits access by time of day and total amount of connect time
clearly states its criteria for blocking sites, and allows parents to read a list of blocked sites
has user-definable options, allowing customization of blocked sites
allows user to turn software on and off with password control
is updated frequently
blocks image files (JPEG/GIF) and binary downloads likely to contain photos and graphic images
blocks transfer of compressed files (ZIP and SIT) likely to contain adult content
filters offensive language
blocks gopher and FTP (File Transfer Protocol) downloads
blocks "outgoing" transmission of personal information such as name, address, phone number
limits access by time of day and total amount of connect time
blocks Internet Relay Chats (IRCs) and Usenet Newsgroups
works with online service providers like AOL, Prodigy, and Microsoft Network
works with rating systems like Platform for Internet Content Selection (PICS) and Recreational Software Advisory Council (RSACi). Commercial online services also provide parental control mechanisms. To learn about their methods for preventing objectionable content from being accessed by children, contact them at: America Online (AOL): http://www.aol.com; 800/827-6364
CompuServe: http://www.compuserve.com; 800/848-8990
MicroSoft Network (MSN): http://www.msn.com; 800/386-5550
Prodigy: http://www.prodigy.com; 800/776-3449

In August 1998, the FTC settled a case with the popular GeoCities Website concerning GeoCities’ sale of the information it collected from users, including children, to third parties, when its policy stated otherwise. The Web-based company has more than two million subscribers and has built one of the ten most popular sites on the Web. It helps users, many of them children, build their own Webpages and collects personal information in the process. (See http://www.ftc.gov/opa/1998/9808/geocitie.htm.)

The Center for Media Education (CME), a nonprofit children’s advocacy organization based in Washington, D.C. (http://www.cme.org) conducted a survey of thirty-eight popular children’s Websites in 1997. It found that 90 percent collect personally identifiable information; but not a single site attempted to obtain parental consent for disclosing that information. Forty percent of the sites used incentives like free products to encourage children to disclose personal information. One-fourth of the sites sent e-mail messages to the children after they obtained personally identifying information about them.

The FTC conducted its own study by taking a "snapshot" of children’s Websites on one day, December 15, 1997. It obtained similar results: Nearly 90 percent of sites were found to collect information from children. And only 4 percent required parental permission for the information collected. (See http://www.ftc.gov/opa/1997/9712/kids.htm.) The FTC has continued to monitor Websites that target children. In June 1998, it issued its "Report to Congress on Privacy Online" in which it announced the findings of its survey of 1,400 Websites. The FTC found that 89 percent of the 212 child-oriented Websites it visited collect personally identifiable information directly from children, and only half of them disclose their information collection practices. Fewer than 10 percent of these sites provide for some form of parental control over the collection of information from their children. The FTC recommends that legislation be enacted that places "parents in control of the online collection and use of personal identifying information from their children." (See http://www.ftc.gov/opa/1998/9806/privacy2.htm.)

Lawmakers have joined the debate on the privacy implications of marketing to children. In 1998, the Children's Privacy Protection and Parental Empowerment Act was signed into law. It was introduced by Senator Dianne Feinstein and Representative Bob Franks. The law prohibits the sale or purchase of personal information about children without parental consent. It also requires companies to disclose to parents, upon request, the source and content of personal information on file about their children. Information about these bills can be obtained from the Library of Congress’ Website, Thomas, located at http://thomas.loc.gov. These and other privacy-related laws are summarized on the Website of the Electronic Privacy Information Center, http://www.epic.org/privacy/bill_track.html.

The Debate Over Filtering

Data collection practices of child-oriented Websites, discussed above, is but one concern for parents and advocates for children in cyberspace. Another area of concern is children’s access to Websites containing material that may be considered objectionable. Such content includes pornography, obscenity, gratuitous violence, and hate speech.

GET PROACTIVE TO PROTECT CHILDREN'S ONLINE PRIVACY

Go on the offensive to protect children in cyberspace by looking for the privacy policy statement on the Websites visited by children, and by teaching children to do the same.

The FTC is urging commercial Website operators to spell out their information collection practices in privacy policies posted on Websites. You can also look for a privacy "seal of approval," such as TRUSTe (http://www.truste.org), on the first page. This indicates that the Web operator participates in that particular industry initiative. Participants agree to post their privacy policies and submit to audits of their privacy practices in order to display the logo. Other seals of approval are offered by the Council of Better Business Bureaus (http://www.bbbonline.org), and the American Institute of Certified Public Accountants-WebTrust (http://aicpa.org/webtrust/index.htm.)

In the final analysis, there is no substitute for parental involvement in children's exploration of cyberspace. The best way to ensure that children have positive online experiences is for adults to spend time with them and have them show the adults their activities. Further, it may help to establish family rules for online computer use. Among those suggested by the National Center for Missing & Exploited Children (http://www.missingkids.org) are the following:

Tell children never to give out identifying information such as home address, school name, or phone number in chat room discussions and when visiting Websites. They shouldn't even reveal such data in private e-mail unless they know who they are dealing with.
Warn children not to respond to messages or bulletin board items that are threatening, suggestive, demeaning, or otherwise make the child uncomfortable, and to report such messages to an adult.
Set reasonable rules, including time limits, for a child's use of the computer. Watch particularly for excessive use of online services late at night. That could be a tip-off there is a problem.
Try to make online use a family activity. Keeping the computer in a family room rather than the child's bedroom might be wise.
Get to know children's online "friends," much as you try to get to know their other friends. Never permit a child to arrange a face-to-face meeting with another computer user without your attending at least the first meeting.
Explain that people online may not be who they seem to be. Someone purporting to be a 12-year old girl might actually be a 40-year old man.
Learn about the online services a child uses. Find out whether there are ways to block objectionable material. If you are a novice to online use, ask your child to show you what they do online and how to log on to online services. Better yet, take a class and learn to navigate the Internet yourself.

A number of products are available which, when installed in the personal computer, block access to Websites containing objectionable material. Some products also prevent access to the computer during specified hours of the day. Others provide parents a log of the Websites visited by their children. And some prevent access to such Web services as Internet Relay Chat (IRC), discussed further below.

From a privacy perspective, a key feature to look for in "parental control" software is the ability to block the outward transmission of names, addresses, and other personally identifiable information that a child might be prompted to provide when visiting child-oriented Websites.

None of these software programs has been proven entirely effective when put through a set of controlled tests. (See "Is Your Kid Caught in the Web?," Consumer Reports, May 1997, pp. 27-31.) Product testers have found that filtering programs often block access to sites with legitimate nonobscene speech, for example the word "breast," which can be found on the American Cancer Society’s Website pages concerning breast cancer. In addition, reviewers are critical of software products that do not disclose the list of keywords used to block Websites.

Critics of filtering software also object to the secrecy surrounding the names of actual sites blocked. They are concerned about censorship of political, social, and business viewpoints by the software developers, as well as blocking legitimate nonobscene speech. Others think children should be accorded some rights to privacy.

Ratings systems are said to allow more flexibility in the Web selection process than do filtering software products. But ratings systems also have their detractors. Self-rating is likely to introduce bias into the evaluation process; and third-party rating can be abused as well. The sheer volume of Websites to be rated presents another problem, especially for third-party rating. Many sites, if not most, are likely to be unrated. This could result in their being blocked by systems that do not allow unrated sites to be accessed, which in turn prevents sites with legitimate and useful content from being viewed. Like the filtering software products discussed above, the ratings vocabulary can embody the values of the developers. These values are not likely to be appropriate for all users, especially in the increasingly global scope of the Internet.

For more information about the major ratings approaches see:

• Platform for Internet Content Selection: http://www.w3.org

• Recreational Software Advisory Council: http://www.rsac.org

Cyberchats Also Pose Danger to Children

Internet Relay Chat, or IRC, enables a number of individuals to interact with one another in real-time by typing messages onto their keyboards more or less simultaneously. Conversations take place via IRC "channels." Although channels often are dedicated to specific topics, discussions are likely to stray from the course. The number of people per channel is usually around a dozen, but the more popular channels can accommodate hundreds of participants. The commercial online services such as America Online (AOL) also offer chat facilities. In AOL and Microsoft Network, these are called "chat rooms." Additional information about chat services can be found at the IRC Help page, http://www.irchelp.org.

Chat rooms are enormously popular with children. Consumers Union’s (CU) magazine for children, Zillions, found that this Internet service ranked highest by children it surveyed in 1996. The CU survey found that one-third of children reported having problems with other users in chat rooms. The most common problems noted are profanity; asking a participant for his/her password; asking for personal information such as name, address, phone number, and e-mail address; inappropriate advances; and adults visiting chat rooms set aside for children.

Several filtering software programs provide a feature that supposedly prevents children from transmitting their name and other personal information. However, CU concluded that there is no foolproof way, other than blocking Internet chat room access altogether, to prevent a child from communicating a name and address in a chat room. That’s because of the many ways such words and numbers can be spelled. For example, a period can be inserted into a name, and numbers can be spelled out.

For a frank discussion of chat room behavior and other "cyber street smarts" for youth, visit the CyberAngels Website at http://www.cyberangels.org.

Beth Givens is director of the Privacy Rights Clearinghouse (PRC) in San Diego, California. The PRC is a project of the nonprofit Utility Consumers Action Network (http://www.ucan.org); E-Mail: prc@privacyrights.org. Visit the PRC Website at www.privacyrights.org.

General information about kids in cyberspace For general information about children in cyberspace see:

Child Safety on the Information Highway. Obtain this free brochure by contacting the National Center for Missing and Exploited Children, http://www.missingkids.org, 800/843-5678. The online version of this pamphlet is available at http://www.safekids.com.
A Parent's Guide to the Internet, by Parry Aftab, Esq., from SCPress, 1997. A thorough guide to the Internet for parents, that includes safety tips for children. For more information, visit the author's Website at http://www.familyguidebook.com.
The Parents' Guide to the Information Superhighway: Rules and Tools for Families Online. This guide is available for $5 from The Children's Partnership 310/260-1220. 1351 3rd St. Promenade, Suite 206, Santa Monica, CA 90401, http://www.childrenspartnership.org.
Get CyberSavvy: The DMA's Guide to Parenting Skills for the Digital Age: Online Basics, Behavior and Privacy (1997). Single copies are available free of charge from the DMA, 1111 19th St., NW, Suite 1100, Washington, D.C. 20036. Telephone: 202/955-5030. The report can also be printed from the DMA's CyberSavvy Website, http://www.cybersavvy.org. See also the DMA organization's Website, http://www.the-dma.org.
The American Library Association's Website for parents and children, http://www.ala.org/parents/index.html.
The FTC's brochure, Site-Seeing on the Internet, suggests rules for children. Contact them at http://www.ftc.gov/bcp/conline/pubs/online/sitesee/index.html.