Archive

Posts Tagged ‘YouTube’

Do you know what is your child’s age requirement to sign up online?

May 27, 2013 1 comment

As the Internet permeates every aspect of the economy and society, it is also becoming an essential element of our children’s lives. While it can bring considerable benefits for their education and development, it also exposes them to online risks such as access to inappropriate content, harmful interactions with other children or with adults, and exposure to aggressive marketing practices.

Children online can also put their computer systems at risk and disseminate their personal data without understanding the potential long-term privacy consequences.

In addition, there are other risks for children using online environments, such as:

Privacy risks

-cyber-bullying

-cyber-stalking

-age-inappropriate content

-online grooming

-identity theft

-emotional implications.

Beside support and guidance from parents when using the online environment, an appropriate mental development and understanding is important for a child when using an online platform. For these reasons, in both the United States and the European Union, a minimum age requirements for accessing the “online world” was set as a legal requirement.

E-Crime Expert thinks that the minimum age requirements a child should meet when signing up for an email account, Facebook, etc., should be a topic of interest for parents. For these reasons, we researched the minimum age requirements on some of the most popular online sites and platforms.

The Children’s Online Privacy Protection Act (COPPA) in United States applies to the online collection of personal information by persons or entities under U.S. jurisdiction from children under 13 years of age. It details what a website operator must include in a privacy policy, when and how to seek verifiable consent from a parent or guardian, and what responsibilities an operator has to protect children’s privacy and safety online including restrictions on the marketing to those under 13. While children under 13 can legally give out personal information with their parents’ permission, many websites altogether disallow underage children from using their services due to the amount of work involved.

In the European Union, the European Commission released in January 2012, a Proposal on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation).

This Proposal has specific requirements with regards to Children. They deserve specific protection of their personal data, as they may be less aware of risks, consequences, safeguards and their rights in relation to the processing of personal data. To determine when an individual is a child, this Regulation should take over the definition laid down by the UN Convention on the Rights of the Child.

“Article 8
Processing of personal data of a child

For the purposes of this Regulation, in relation to the offering of information society services directly to a child, the processing of personal data of a child below the age of 13 years shall only be lawful if and to the extent that consent is given or authorised by the child’s parent or custodian. The controller (i.e. the person in charge with the collection, use and disclosure of personal data) shall make reasonable efforts to obtain verifiable consent, taking into consideration available technology”.

Following, are the minimum age requirements for children using different Internet websites or Social Networking Services and other online platforms:

facebook-age-restriction

 1.      Facebook:

How old do you have to be to sign up for Facebook?

In order to be eligible to sign up for Facebook, you must be at least 13 years old.

The minimum age requirement on Facebook is more or less enforceable. Simply lying about your birthdate easily circumvents the policy.

The Children’s Online Privacy Protection Act (COPPA) mandates that websites that collect information about users aren’t allowed to sign on anyone under the age of 13. As a result, Facebook’s Statement of Rights and Responsibilities require users of the social network to be at least 13 years old (and even older, in some jurisdictions).

According to MinorMonitor, over 38 percent of children with Facebook accounts are 12-years-old and under. Even more worryingly, 4 percent of children on Facebook are reported to be 6-years-old or younger, which translates to some 800,000 kindergarteners on Facebook.

These results come from a survey of 1,000 parents of children under 18-years-old who use Facebook. The company provides a free, web-based parental tool that gives parents a quick view into their child’s Facebook use, including potential dangerous activities such as the friending of online predators, cyberbullying, violence, drug and alcohol use, as well as sexual references.

2.      Google:

Age requirements on Google Accounts:

  •  United States: 13 or older
  •  Spain: 14 or older
  •  South Korea: 14 or older
  •  Netherlands: 16 or older
  •  All other countries: 13 or older

Some Google products have specific age requirements. Here are a few examples:

  • YouTube: When a YouTube video has been age-restricted, a warning screen is displayed and only users who are 18 or older can watch it. Learn more about age-restricted videos.
  • Google Wallet: 18+
  •  AdSense: 18+
  •  AdWords: 18+

3.      Yahoo

When a child under age 13 attempts to register with Yahoo!, they ask the child to have a parent or guardian create a Yahoo! Family Account to obtain parental permission.

Yahoo! does not contact children under age 13 about special offers or for marketing purposes without a parent’s permission.

Yahoo! does not ask a child under age 13 for more personal information, as a condition of participation, than is reasonably necessary to participate in a given activity or promotion.

Yahoo! is concerned about the safety and privacy of all its users, particularly children. For this reason, parents of children under the age of 13 who wish to allow their children access to the Yahoo! Services must create a Yahoo! Family Account. When you create a Yahoo! Family Account and add your child to the account, you certify that you are at least 18 years old and that you are the legal guardian of the child/children listed on the Yahoo! Family Account. By adding a child to your Yahoo! Family Account, you also give your child permission to access many areas of the Yahoo! Services, including, email, message boards and instant messaging (among others). Please remember that the Yahoo! Services is designed to appeal to a broad audience. Accordingly, as the legal guardian, it is your responsibility to determine whether any of the Yahoo! Services areas and/or Content are appropriate for your child.

4.      Hotmail

As on Hotmail’s Terms of Use is no reference to the age requirements to join the service, we did our own registration and it appears that 13 is the age requirement for joining Hotmail, as shown below:

I.                   Attempt indicating the user is 6 years old

Step 1   

1

Step 2                        

2

Step 3

3

 

II.                Second attempt, indicating the user is 13 years old.

Step 1

4Step 2

5

 

5.        MySpace 

  • You must be at least 13 years old to have a Myspace profile
  • If you’re under 16 years old, you’re not allowed to list your age as over 16 and make your profile public (your profile must be set to private)
  • If you’re under 18, you’re not allowed to list your age as over 18
  • Users under 18 are not able to make changes to their listed age

Notes & Tips

  • If you break any of the above rules, MySpace will be forced to delete your profile for safety and security reasons (it’s all in their Terms of Use)

6.      Skype

Skype not directly sets up an age restriction within their Terms of Use.

“Jurisdiction’s Restrictions: If the law of Your country prohibits You from downloading or using Skype Software because You are under the age limit or because the Skype Software is not allowed in Your country, please don’t use it”.

According to this, for US the minimum age requirement is 13 + (COPPA).

7.      LinkedIn

PRIVACY POLICY, 18!

In terms of LinkedIn’s Privacy Policy:

 ”Children are not eligible to use our service and we ask that minors (under the age of 18) do not submit any personal information to us or use the service.”

8.      Twitter

Age screening on Twitter

Age screening is a way for brands and others to determine online whether a follower meets a minimum age requirement, in a way that is consistent with relevant industry or legal guidelines. This makes it easier for advertisers and others with content not suitable for minors (e.g. alcohol advertisers) to advertise on Twitter.

There apparently, is now age restriction for setting up an account on Twitter (as we set it up without being asked about our age). See below:

Step 1

6

Step 2: Done!

7

For more advice on how children could stay safe online (you could also share this with your child), click here to visit the material E-Crime Expert specially created for this purpose.

Any questions can be submitted to: dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

WHAT TO DO WHEN YOUR EMAIL GOT HACKED OR COMPROMISED

February 5, 2013 2 comments

E-Crime Expert explains in this blog post the steps to be taken when your email or Social Networking Site has been hacked or compromised.

When someone’s friends or close contacts start telling that they are receiving emails or messages that one never sent, or when appears online content that one never posted, it could mean that another person has gained illegitimate control over this individual’s email or Social Networking Site.

If this happened, in order to limit the damage and the possibility of spreading malwares/viruses to others, firstly the passwords to all accounts that have been compromised and to other important accounts should be changed*, and also notifications to all contacts regarding that they may receive spam messages that appear to come from the compromised account, should be sent.  

It could also happen that one cannot access his/her account anymore because a password has been changed.

If this happen, bellow are provided the contact details for the most popular email and Social Networking sites providers:

yahoo-logo

* Hacked account – click here:email-icon

* Account is sending spam – click here: email-icon

* Help Center – click here: telephone-logo

Gmail_logo

* Hacked account – click here: email-icon

* Inaccessible account – click here: email-icon

wave4hotmail

 * Hacked account – click here: email-icon

* Inaccessible account – click here: email-icon

* Help Center – click here: telephone-logo

twitterlogo_web

* Hacked account – click here: email-icon

* Inaccessible account – click here: email-icon

facebook-logo

* Hacked account – click here: email-icon

* Help Center – click here: telephone-logo

youtube_logo-copy1

* Hacked account – click here: email-icon

TIPS:

* How to choose a strong password:

Watch video : “Creatting a strong password video tutorial”

Read blog post: “Tips for a better, stronger password”

Frequently check your account activity/log in history as explained in this blog post: “Does anyone snoop in your email account? Find out”

If you have any question you could contact: dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

Have you seen your digital footprint lately?

January 28, 2013 Leave a comment

Today, E-Crime Expert is featuring a very ineteresting article on digital footprint, provided by the Internet Society. This Article also provides three interactive tutorials developed by the Internet Society to educate users about online identity.

We are the raw material of the new economy. Data about all of us is being prospected for, mined, refined, and traded…

  . . . and most of us don’t even know about it.

 Every time we go online, we add to a personal digital footprint that’s interconnected across multiple service providers, and enrich massive caches of personal data that identify us, whether we have explicitly authenticated or not.

 That may make you feel somewhat uneasy. It’s pretty hard to manage your digital footprint if you can’t even see it.

 Although none of us can control everything that’s known about us online, there are steps we can take to understand and regain some level of control over our online identities, and the Internet Society has developed three interactive tutorials to help educate and inform users who would like to find out more.

 We set out to answer some basic questions about personal data and privacy:

 1. Who’s interested in our online identity? From advertisers to corporations, our online footprint is what many sales driven companies say helps them make more informed decisions about not only the products and services they provide – but also who to target, when and why.

 2. What’s the real bargain we enter into when we sign up? The websites we visit may seem free – but there are always costs. More often than not, we pay by giving up information about ourselves – information that we have been encouraged to think has no value.

 3. What risk does this bargain involve? Often, the information in our digital footprint directly changes our online experience. This can range from the advertising we see right down to paying higher prices or being denied services altogether based on some piece of data about us that we may never even have seen. We need to improve our awareness of the risks associated with our digital footprint.

 4. The best thing we can do to protect our identity online is to learn more about it.

 The aim of the three tutorials is to help everyone learn more about how data about us is collected and used. They also suggest things you need to look out for in order to make informed choices about what you share and when.

 Each lasts about 5 minutes and will help empower all of us to not only about what we want to keep private, but also about what we want to share.

 After all, if we are the raw material others are mining to make money in the information economy, don’t we deserve a say in how it happens?

 Find out more about the Internet Society’s work on Privacy and Identity by visiting its website.

 * Robin Wilton oversees technical outreach for Identity and Privacy at the Internet Society.

If you have any question you could contact: dan@e-crimeexpert.com

 

“Cookie” Directive

October 28, 2011 6 comments

From the same series which is presenting the European legal framework regarding privacy and personal data aiming the help the readers be aware about their legal rights in order to better protect those legal rights, today it is presenting:

Directive 2009/136/EC amends and supplements Directive 2002/58/EC Concerning the Processing of Personal Data and the Protection of Privacy in the Electronic Communications Sector.

 

Directive 2009/136/EC addresses the issues of unsolicited commercial messages, the use of technologies for telemarketing purpose the use of traffic and location data, public directories and cookies: “a message given to a Web browser by a Web server. The browser stores the message in a text file. The message is then sent back to the server each time the browser requests a page from the server”. Through the implementation of this Directive, which complements and amends Directive 2002/58/EC, a better protection of users’ personal data is aimed at. Additionally, a new framework for disclosure of security breaches from the electronic communication provider to their users is set.

Regarding the access of the stored data (Article 4 E-Privacy Directive), in the view of this new Directive, the electronic communication providers should ensure that users’ personal data can be accessed only by “authorized personnel for a legally authorized purpose”. The new requirement essentially is that the communication service providers should implement security policies regarding the processing of users’ personal data. In regards to this stipulation, the national authorities are granted rights to audit the measures taken by the providers of communication services in regard to security and the processing of users’ data, and could provide best practices and techniques in achieving the best security measures for users’ data protection.

In the view of this Directive, regarding the breach of security, the communication service providers are provided with clear definitions and meanings of security breaches and risks, and the notion of personal data breach has been introduced. The scope of this Directive referring to security breaches is that the communication service providers should take appropriate actions to try stop or reduce the effect of security breaches, inform the user about the data that was at risk or breached, and when well-defined and potential security breaches could occur such as: “accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed in connection with the provision of a publicly available communications service.” The scope of identifying and defining those security risks is that from the moment this Directive will be implemented (e.g. June 2011), every communication service provider will refer to security breaches as to something well determined and are also obliged under the new Art 4 (3) to give Notice of security breaches to the competent national authority and to the user whose data is at risk, suffered an adverse effect or when data at risk could potentially disclose the user’s identity. The Notice is not required if the communication service provider proves that all the technical and security measures available were taken to protect users’ privacy and security breaches.

This directive applies to the collection of personal data placed on a EU user’s terminal (i.e. computer hard drive, smartphone, iPad) by using cookies as a mean of equipment. Consequentially, the EU users are protected against any website that uses cookies (without users opt-in consent),

The Directive requires before any cookie is sent to a user terminal, consent should be obtained. The user needs to express the opt-in consent before any cookie is sent. The user’s terminal is regarded as his personal and private space and an illegitimate installation of a program such cookies, is a privacy intrusion. In addition, if the user gives consent for cookies installation, the user should also be informed about any exchange of private information retrieved from his terminal. Precedent views regarding the user’s browser settings, assumed that if the browser setting allows cookies (i.e. the user set up his browser to accept cookies), then the consent is given. Furthermore, this Directive requires, even if the browser settings allow cookies, still the user must be informed regarding any exchange of private information between his computer terminal and the communication service provider.

For example, when a third-party website which uses Facebook “Like” button (even when the button is not clicked on that particular website, when the user visits it), when it is visited by a Facebook user, because of the cookie assigned to its unique Facebook ID number, makes him identifiable to the third-party website as well. The website “knows” then who is the visitor and can get access to that particular user’s Facebook profile (the “Like” button is designed to post on one’s Facebook Wall the website/business he likes). By getting access to private information this is a breach of this directive because the user should “be informed about any exchange of private information retrieved from his terminal”.

This Directive entered into force as of 2010, but the EU Member States should have transposed it into their national legislation by June 2011.

If you would like to read another E-Crime Expert Article on how the cookie “notification” is actually done in practice, check “Privacy: search for it and claim it“, post.

Any questions can be submitted to: dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

Did you know about this Directive? Are you aware of the use of cookies? Are you informed about the use of cookies on your machine?

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

%d bloggers like this: