In one episode of the HBO comedy “Silicon Valley,” the CEO of fictional startup Pied Piper, Dinesh Chugtai, found out that their messaging app, PiperChat, committed a massive data breach of its young users. Later, PiperChat was bought by a new owner, who soon closed the app after realizing he faced massive fines because of those privacy violations. While the hit TV series took a satirical look at the tech industry, it raised the real and serious matter of online privacy.
Issues surrounding privacy are growing as the world gets more connected and children, who seem to naturally pick up new technology more easily than grownups, learn how to surf the Internet almost as soon as they pick up a mouse, while they haven’t grasped the value of privacy or developed a wider worldview.
There is a reason why children under the age of 13 aren’t allowed on Facebook or other social media networks, why Google launched YouTube Kids, why most stores place products that might interest small kids at their eye level (like sweets, toys and junk food), why the advertising industry has spent more than $12 billion every year to reach the youth market, and why children under the age of 13 are becoming an important consumer group.
Most parents can surely recall at least one time when their kid badgered them to buy them a toy or a candy bar while inside a store. They ended up buying those things only to stop the nagging. Kids are the perfect consumers because, in placing a value on products, they simply don’t consider affordability, practicality or wellbeing.
Advertisers have known this weakness about children for decades and have expanded their strategy to social networks, mobile apps and the Internet, in general. Children have certainly become such a lucrative demographic that Internet giants, like Google, developed apps that allow advertisers to target young users. In the process, children have unwittingly waived their rights to online privacy.
We All Should Be Very Worried
Facebook, the world’s largest social media network, came under fire recently because of a scandal that involved the use of private data by a third-party developer accused of manipulating the 2016 U.S. presidential elections. While the collection of user data by advertisers has been known widely and largely accepted, the issue of privacy acquired more gravity given the expose on Cambridge Analytica.
Despite the age-limit to set up a Facebook account, more than 7.5 million kids in the United States managed to still set up an account. Facebook hasn’t made it very difficult for children, who need only basic arithmetic skills to enter the right year of birth. It has not set up additional checks or required any form of identity authentication.
Meanwhile, millions of pre-teens who manage to breach Facebook’s age requirement are served advertisements intended for adults, which creates another moral gray area for the social media company.
Because Facebook still allows targeted advertising through user data and unscrupulous developers use intriguing and seemingly harmless personality tests or fun quizzes, children remain vulnerable victims of online privacy violations. Child cannot resist finding out: Which Superhero Are You? or “Which Riverdale Character Are You?”. And when only one in five parents monitors what his or her children post online, the fear over losing online privacy rights is well-founded.
Another social media developer, Snapchat, was embroiled in a similar controversy when it launched Snap Map, which allowed users to share their location with everyone. The app, which has become more popular than Facebook among teenagers, doesn’t even request for birthdays from users when they sign up. So, there is a real danger of child predators creating a fake profile, befriending young users and seeing their current location. Just search for “online child predators arrested” and see for yourself.
Of course, social media apps aren’t the only ones responsible. Adults are fully aware of the fact that if the product is free it means we are the product. But kids don’t know that. All mobile app, website and video game developers are bound by Children’s Online Privacy Protection Act (COPPA), which prohibits the collection of data from children. There is even an online guide that shows them how to design apps that comply with COPPA, but a recent study showed very low compliance among developers.
The study found that of the nearly 6,000 children-specific mobile apps on Android (those specifically made for children under the age of 13), 19 percent of them collect personally identifiable data via SDKs (software developer kits). While those SDKs disallow data collection from children under the age of 13, app developers were not deterred to do so, a clear violation of COPPA. Perhaps, COPPA lacks teeth in protecting children in the digital age, given that more than 1,000 children-specific mobile apps violate COPPA regulations.
The study highlighted another disturbing fact: Of the 3,454 apps that share the resettable ID with advertisers (designed to protect children’s privacy and keep them completely unidentifiable by advertisers), 66 percent of them transmitted other, non-resettable, persistent identifiers as well, negating any intended privacy-preserving properties of the advertising ID.
How Can We Protect Our Children?
A first easy step would be to go to this website to check an app’s privacy cost see if it violates COPPA and right to online privacy.
However, a more substantial effort is to teach children the value of online privacy and how to protect it. Schools must take the lead because the truth is adults also know little about how to protect their own online privacy. And chances are these adults are working dads and moms, who don’t get to spend much time with their children.
One school in New Jersey already offers a class on online privacy. It identifies specific measures that students can take to protect their privacy while posting on social networks, using mobile apps and visiting websites.
Some schools can also teach kids about the modern, subtle techniques used by advertisers to appeal to them because, according to one study, children, especially from ages 5 to 8 years, are highly susceptible to TV ads.
We must make sure that adults know the latest technology and techniques used by companies to gather personal data. We should also guide parents on how to monitor and stay on top of their children’s online activity, especially if those kids are younger than 13 years.
Finally, we must convince our government to do more because companies continue to find new ways to obtain more user information to produce ads whose target are our kids. Despite COPPA, authorities should introduce more measures to strengthen enforcement and increase protection against companies whose main concern is profit, rather than our children and their wellbeing.
What Can Lawmakers and Companies Do?
Lawmakers must enact concrete, practical measures that sanction app developers when they collect private data under prohibited circumstances. While there are were some occasions when erring developers were fined, authorities must tighten sanctions to ensure that any fine or sentence will affect profits and disrupt business.
And to completely protect children’s online privacy, there should be a concerted global effort also, given the transnational nature of technology and the tech business. Perhaps, member nations can agree to include the right to online privacy in the U.N. Convention on the Rights of the Child.
Or maybe governments can completely ban ads that target children, which has been done in the past. While such a law would hardly control online advertisement, it could be a step in the right direction. Combined with COPPA and the GDPR, new laws that forbid ads that target children can improve the online environment where kids spend most of their free time.
Meanwhile, Internet companies and advertisers, like Google, can actively monitor apps made for young children and prevent developers from collecting sensitive data, like Apple does. Facebook and all other social networks could introduce new ways that will keep children under the age of 13 from creating accounts, such as using school IDs or another form of authentication. Nowadays, with advanced technology, nothing is impossible, especially if the willingness and resolve exist.
There are numerous ways to keep children safe and guarantee their online privacy. But it takes full commitment from parents, government and business to achieve that objective. Sadly, profit and complacency are keeping our children vulnerable.