by Larry Magid

Facebook’s announcement last week that it passed the 500 million mark reminded me that the concept of a “face book” is not unique to Facebook.com.

Long before computers and the Internet, the term was used to describe printed books that included pictures and brief descriptions of students. I’ve read that founder Mark Zuckerberg’s high school, Phillips Exeter Academy, had a printed publication called “The Photo Address Book,” which students referred to as “The Face Book.”

My children’s elementary school didn’t have a face book but it did have a printed student directory. And probably because it was in print, and not online, I never heard parents express concern about the possible negative implications of having a printed book with the names, addresses and phone numbers of young children and their parents. Perhaps that was because we all appreciated how the book made it easy for us to reach other families who were part of our school “network,” or maybe it was because we weren’t quite so sensitive about privacy issues back then.

While Facebook.com might not look much like those original photo books and directories, it does help us find and communicate with people who share a common bond. Indeed, based on “friend” requests I’ve received on Facebook from former classmates in college, high school and even elementary school, it truly is a replacement for that old printed ”face book.” It’s also starting to replace those venerable high school yearbooks, and its impact on alumni inspired Time magazine, last year to run a story “How Facebook is Affecting School Reunions.”

To commemorate its 500 millionth member, Facebook launched “Facebook Stories,” where members are encouraged to share their experiences. Although it’s clearly a self-serving move on the part of the company, it’s nevertheless a revealing glimpse into how people are using the service to connect. Stories are organized by location and by theme, including crime fighting, grief, movements, pets, causes, lost and found, religion, natural disasters and, of course, love. Kevin’s story is not uncommon: “Because of Facebook I found my long lost crush since grade 4 “… now I’m 23 years old. She’s now my girlfriend and soon to be wife.”

Look at Privacy from Both Sides Now

My guess is that Kevin was able to find his long-lost crush because she made at least a little personal information available either to everyone with access to Facebook or to friends of friends. I say this because Facebook has received a lot of negative publicity (including from me) about its privacy policies, which, by default, expose some personal information to everyone.

While I understand why a lot of people object to these defaults (I have argued that the disclosure of most personal information should be opt-in rather than opt-out), I can also see the other side to this. The default settings that disclose users’ photos, posts, bios and family connections makes it easier for people like Kevin to make sure that the 23-year-old woman he found on Facebook is the same person as that fourth-grader he once fancied. This is especially the case for people with common names.

I met my wife a long time ago by one of the old-fashioned methods — at work. But I’ve certainly unearthed a lot of old friends on Facebook. In many cases, we found each other because we were “friends of friends.” For example, someone I worked with in the late ’70s “friended” me last year, and once I accepted him as a friend, I started browsing through his friends and came across a number of people we knew in common.

As a result of this one friend, I ended up “friending” several of our mutual friends and — two weeks ago — my wife and I spent the night on Cape Cod with one of them and her husband. I had posted a note on my profile that I was visiting Cape Cod and because she had access to my “news feed,” she knew I was nearby and sent me a message inviting us to stay with them.

That little reunion on the Cape would never have happened if my friend and I had maximum privacy settings turned on. We would have never found each other had either of us restricted our basic information to “friends” only. And had I used the “customize” feature to further restrict access to my news feed, she might never might have known I was on the Cape.

None of this is to suggest that watchdog groups and public officials shouldn’t continue to scrutinize Facebook’s privacy policies, or that people should uncritically accept Facebook’s default privacy settings. I think it makes sense to look at your settings periodically and think about what you want to expose and to whom. To that end, I created a tutorial on Facebook privacy that you can view here.

Disclosure: Facebook is a supporter of ConnectSafely.org, a nonprofit Internet safety organization where I serve as co-director.

After months of negotiations, Facebook has reached an agreement with the U.K’s Child Exploitation and Online Protection Centre that will result in a new safety application aimed at British 13-18 year olds.

CEOP, the UK government’s police agency responsible for protecting children against sexual exploitation, had been pressuring Facebook to install what many in the media called a “panic button” on every page for young people to report online crimes including sexual behavior and grooming.

The solution has nothing to do with “panic.” It’s about providing young people in the UK with the option of accessing a resource that provides internet safety messaging and links to places where they can report a variety of different abuses including cyberbullying, hacking, mobile problems, harmful content and “sexual behavior grooming.”

The big difference between the solution and what was first proposed by CEOP is that the “button” is optional. It’s really an application that helps CEOP build its brand on Facebook.

Facebook will donate advertising to promote the application but will not install it by default and will not place the so-called “panic button (actually a link to CEOP’s Advice, Help and Report Center) on each page.

The police agency and Facebook had been engaged in a very public dispute over the button. In April, CEOP’s CEO Jim Gamble told me that he felt the button would act as a deterrent to would-be predators, letting them know that Facebook was working with law enforcement to protect children. Facebook was concerned that the button could create as false sense of insecurity, making it appear that the problem is greater than it actually is. Facebook was also unwilling to turn over its abuse reporting process to a government agency, arguing that it was in a better position to police its own service.

The agreement does provide CEOP with a presence on Facebook, but Facebook will continue to operate its own reporting system. And, rather than a mandatory “panic button” on each page, it’s now an application that young people can install if they care to.

Facebook helped CEOP create the application and is donating advertising to promote the application, including an ad that will appear on the home page of every UK Facebook member under 18 along with ongoing advertising.

Except for Facebook’s donation of the advertising space, it’s like any other brand campaign. CEOP still has to promote its brand and its messaging on the service. “It’s up to CEOP to use Facebook to promote its brand,” said UK Facebook spokesperson Sophy Silver. “This is a different way to use Facebook than they initially anticipated but we’re convinced that with the viral nature of the social graph on Facebook that this will be a good solution for them.”

CEOP now has a Facebook page from which UK youth can install the CEOP application to their home page.

Stranded by the Icelandic volcano, I spent nearly a week in London in April talking with officials from both Facebook and CEOP.  That included a visit to CEOP’s London headquarters where I met several staff members who are doing an impressive job helping to protect British youth from all sorts of sexual abuse on and off the Internet. I was especially impressed by the agency’s educational outreach program and is work with non-profit organizations and social services.  Even though CEOP is a law enforcement agency, it understands that you can’t  arrest your way out of child endangerment.  The agency has an educational program that reaches out to schools across the country.

(Disclosure: Facebook provides financial support to ConnectSafely.org, a non-profit Internet safety organization where I serve as co-director)

by Larry Magid
(this article first appeared on News.com)

The headline of the press pitch I received a few days ago read “McAfee to release shocking findings of teen’s online behavior,” but the actual data from the study, “Secret Life of Teens,” are far from shocking.

McAfee’s study (PDF) is actually a reassuring portrait of how most young people are exercising reasonable caution in their use of technology. The study, conducted by Harris Interactive, included interviews with almost 1,400 10- to 17-year-olds.

The survey reported that “almost half of youth (46 percent) admit to having given out their personal information to someone they didn’t know over the Internet,” but when they break it down, the survey reveals that “when they do reveal personal information online, youth are most likely to share their first name (36 percent), age (28 percent), and/or e-mail address (19 percent). Only around 1 in 10 have given out slightly more personal information like a photo of themselves, their school name, last name, cell phone number, or a description of what they look like.

Considering that Facebook (used by 82 percent of the survey’s 16- to 17-year-olds and 66 percent of 13- to 15-year-olds) actually requires use of real names and encourages posting photos and such information as school name, I don’t find this at all shocking. If anything, I’m surprised at how little personal information young people are posting online.

And it’s also reassuring to read in the study report that “youth draw the line at giving out personally identifiable information such as their parents’ names, home address, or school address, and virtually no teens report having given out their Social Security number.”

The one statistic that I do find disturbing is that 37 percent of 10- to 12-year-olds are on Facebook, which not only violates the site’s policies, but requires the kids to lie about their age to get an account.

Cyberbullying on the decline
When it comes to cyberbullying, the report also paints a more optimistic picture than we’ve seen from some other studies.

Only 11 percent “admit to ever engaging in some form of cyberbullying behavior.

And even though the press release about the report says “Cyberbullying on the rise,” the report itself shows that the percentage of teens reporting that they have “ever been bullied or harassed online decreased substantially from 15 percent in 2008 to 8 percent in 2010. Far from an increase, that’s an impressive 47 percent decline in two years.

The press release on the report also says that “Nearly 50 Percent of Teens Don’t Know What to Do if Cyberbullied,” yet the report itself says that “1 in 4 teens say they wouldn’t know what to do if they were bullied or harassed online” and that a “a significantly higher proportion disagree with this statement in 2010 than in 2008, suggesting that teens may now be better equipped to handle cyberbullying.”

It further points out that “many youth who have been bullied or harassed online say they have made some adjustments to their online behavior as a result (72 percent).”

I would be interested to know what proportion of that “1 in 4″ who don’t know what to do have ever been cyberbullied. My sense is that most kids would figure out what to do, though it’s important to remember that how young people respond to bullying varies greatly. Some can deal with it while others find it extremely disturbing.

What do parents know?
Finally, there is the issue of what parents know about their kids’ online behavior. Some 91 percent said that their parents “trust me to do what’s right when I’m online,” though 56 percent of all kids in the survey and 70 percent of 16- to 17-year-olds specifically say that their parents and guardians “know some of what I do online but not everything.” A heading in McAfee’s press release interprets that as “Teens Hide What They’re Doing Online,” but as a parent of two former teenagers, I call that part of the process of growing into young adulthood.

Final report of the Online Safety Technology Working Group

Youth Safety on a Living Internet (PDF), the final report by the Online Safety Technology Working Group (OSTWG), found that the best way to assure youth safety on the Internet “points to the growing importance of online citizenship and media-literacy education, in addition to what has come to be seen as online safety education, as solutions to youth risk online.”

Before I go on, I have to say that I was a member of the Task Force and Chair of the Education Subcommittee and Anne Collier, my co-director at ConnectSafely.org, was co-chair of the Task Force itself along with former MySpace chief security officer Hemanshu Nigam.

Our goal in putting together the report was to look not only at the history of online safety efforts over the past nearly 20 years but also the emerging research that shows how young people use social media.

What we concluded is that we need to go beyond worrying about predators and pornography and start thinking about young people as active participants – true citizens – in an increasingly interactive online environment where young people are just as likely to create content as they are to consume it.

The title of the report, “Youth Safety on a Living Internet” says a lot about the thinking of its authors, “The Internet is a living thing reflecting all of life and, where children are concerned, that includes a spectrum of issues – from learning, child development, sociality, and entertainment at one end to crime and victimization at the other.” We urge Congress and other policy makers to “Please recognize this reality and draw upon diverse expertise in all policy making.”

The report finds that “civil, respectful behavior online” is less conducive to risk” and recommends “digital media literacy” as a powerful force towards reducing risk online and off. We recommend avoidance of scare tactics and we promote the social norms approach to risk prevention.

The report calls for solutions that are “fact-based, not fear-based” and recognizes that minors themselves “have a role to play in improving their own safety online and that of their peers.”

The Online Safety and Technology Working Group was mandated by Congress in 2008 when it passed the Protecting Children in the 21st Century Act. The unfunded group, which has been convening since June, 2009, worked out of the Commerce Department’s National Telecommunications and Information Administration (NTIA).

Recommendations include:

• Provide targeted online-safety messaging and treatment.

• Avoid scare tactics and promote the social-norms approach to risk prevention.

• Promote digital citizenship in pre-K-12 education as a national priority.

• Promote instruction in digital media literacy and computer security in pre-K-12 education nationwide.

More resources

CNET’s Elinor Mills summary on CNET

Blog post by OSTWG member Adam Thierer of Progress & Freedom Foundation

The Report

Online Safety and Technology Working Group Final Report

This 5:20 video shows how to configure Facebook’s new simplified privacy settings. Including: Using the new one-page simplified privacy controls, limiting what the world can see about you, opting-out of Instant Personalization and an introduction to customizing privacy settings.  Also see the more advanced video Facebook’s Granular Privacy Controls:  Who Can See What.

This video shows how to use Facebook’s more advanced granular controls. It’s a sequel to the introductory video, “Facebook’s Simplified Privacy Controls.”

This 10 minute video not only shows how to configure Facebook’s latest “simplified” privacy settings but also how to customize your settings for maximum control.  It also describes changes to their privacy policy.

On Wednesday May 27th, Facebook CEO Mark Zuckerberg announced that the company would simplify its privacy settings and require that less information be made available.

That afternoon, I spoke with Zuckerberg in a recorded interview for CBS News and CNET.  Here are some clips from that interview as well as links to the entire interview and an article about the interview on CNET.

Zuckerberg on kids under 13 on Facebook (57 seconds)

Zuckerberg on schoos banning use of Facebook & social media (54 seconds)

Entire interview (13 minutes)

CNET article & interview

In response to recent widespread criticism over changes made to its privacy policy in April, Facebook announced today that it has modified its user controls to make it easier to configure privacy settings and to retroactively control access to content that has already been posted. The company also said that it has “drastically reduced the amount of information that is available to everyone.”

Facebook also promised to “carry over people’s privacy choices for new products that facilitate sharing” and the company pledged to make fewer privacy changes in the future. “Facebook recognizes that the many privacy-related changes over the past year may have caused confusion, and the company will work within the framework announced today as it continues to innovate new features and products,” it said in a release.

The company announced the changes at a 10:30 AM (PST) press conference at its Palo Alto, California headquarters and wrote about it on the company blog.

New Privacy Control Center

A new “one click” privacy control center will make it easier to limit access to information to friends, friends of friends or everyone with a single click. A single grid displays all settings which makes your personal privacy profile a lot easier to understand. The company will continue to offer granular advanced settings to people who want more control.

A new “main setting” makes it easy to share on Facebook with friends, friends of friends or everyone — “all with just one click.” The corresponding settings are immediately applied and displayed in a grid. At the same time, Facebook has maintained its more granular settings for those who want to customize their level of sharing. These settings now all appear on a single page for easier access.

by Larry Magid

Except for rare situations where children are taking extreme risks, I’m not an advocate of spying on your kids. But there is a difference between snooping and accessing publicly available information by or about your child. If you can find it online without hacking into their private accounts, so can other people. And if your child is posting inappropriate publicly available content, or if people are saying things about your child in public, you have a right to know about it.

It’s easy to search for your kid on Google and other search engines, though you might get a lot of irrelevant hits if your child has a common name. You can also search for your child’s phone number, e-mail address or home address to see if anything has been posted that contains those strings. But even the most thorough search can’t find everything.

SafetyWeb.com, a new service that launched a couple of weeks ago, might be able to help. For $10 a month, or $100 for a year, the service will monitor your child’s publicly available online content.

The service, based in Menlo Park and Denver, scours social networking, photo sharing and other sites to find out what is being said by and about your kids. While it can’t promise to find everything, it’s remarkably thorough. My kids are now young adults, so rather than track them, I entered by own name and e-mail address and found more than I ever wanted to know about what I’ve posted onTwitter, Facebook and other services. I also found things that others posted about me and discovered accounts that I frankly forgot I had with content that I entered years ago.

For example, several years ago I established a Vox blogging account that I abandoned. Still, there was content there from 2007. I also found the Hi5 account I started when the service first launched and a MySpace account I hadn’t logged into for more than a year. Of course I also found my active Facebook and Twitter accounts with all of the publicly available content.

For each of these accounts, I saw what I had publicly posted and, in some cases, what others had written about me. I also found photos that I had posted on a variety of services, including Flickr and PhotoBucket.

Because the service tracks what your kids are saying and what’s being said about them, it can help alert parents to possible cyberbullying. It also helps parents advise their kids on how to protect their privacy by alerting parents to accounts that are public. If on Facebook, for example, your child is using maximum privacy settings, you might not see any content. That’s mostly a good thing because it shows that your child is protecting his or her privacy.

The site provides resources and advice on sexting, cyberbullying and other potential threats, and advice on how parents can contact services to attempt to have inappropriate postings remove.

Even without signing up for service, you can enter your child’s (or anyone’s) e-mail address to get a tease of what they posted online. You won’t see actual content but you will see the services they subscribe to under that e-mail address and whether they have public or private profiles.