The ‘real world’ is a lot more dangerous than cyberspace

by Larry Magid

This post first appeared on

The media is full of horror stories about online dangers, but — in all but a few categories — offline risk dwarfs its online equivalent.

Stranger danger vs. trusted adults

Let’s start with children. Every parent worries about their kids being harmed by strangers, but – whether offline or on — children are at far more risk from trusted adults than people they don’t know.

According to the U.S. Department of Justice’s Facts, Myths and Statistics page, “in as many as 93% of child sexual abuse cases, the child knows the person that commits the abuse” and as many as 47% of the perpetrators are family or extended family members. And there are numerous cases of abuse by teachers, clergy, police officers, pediatricians and others kids trust. Based on actual risk statistics, instead of keeping kids offline, maybe we should keep them away from school, clinics, houses of worship and even their own homes.

We also worry about cyberbullying, but research from the Centers for Disease Control and other studies puts both the rate of cyberbullying below physical bullying. And, where cyberbullying does occur, it typically is an adjunct to bullying at school or other places where children gather. If you are concerned about cyberbullying, check out this parents’ guide I helped write.

Even sexting, which sometimes gets kids into legal trouble, has been blown out of proportion. As a general rule, I think it’s a bad idea to send out naked pictures of yourself — even to an intimate partner, but lots of people do and most of the time the pictures stay where they are intended and aren’t shared. But as problematic as it might be, it’s arguably a form of “safe sex” that — unlike real sex — can’t possibly cause a sexually transmitted disease or an unwanted pregnancy.

Physical safety

Like most parents, I worried about my kids’ physical safety, but I was a lot more worried about car and even bike accidents than about online dangers.  Hundreds of thousands of children and teens are injured annually in car accidents.

And don’t forget school sports. Every year children are injured playing baseball, football, soccer and other sports. Yet most families encourage school sporting programs because of all the benefits. Social networking, texting and smartphone use also benefits and even though they are associated with some risk, the harms associated with these technologies are a lot lower than what can happen on an athletic field.   According to Safe Kids Worldwide (not affiliated with my site,, one in three children who plays a team sport is injured seriously enough to miss practice or games.

I’ve been a print and online journalist since the 1980′s but the most dangerous job I’ve ever had in the publishing industry was when I delivered newspapers by bicycle as a kid.

Although we were of course concerned about our kids’ online contacts, my wife and I were a lot more concerned about the friends they knew from school. Most, of course, were great, but I can think of a couple of who were pretty bad influences on our kids who, fortunately, had the discipline, resilience and self-respect to resist those negative influences. And there were also those non-friends, including the girls who bullied my daughter in middle school and the boys that bullied me in school, long before there even was an Internet.

And lest you think things have gotten worse since kids started going online, check out The Internet, Youth Safety and the Problem of “Juvenoia” by Crimes Against Children Research Center director David Finkelhor who points out that since the early 90′s, the rates of sexual assault, unwanted pregnancy and even bullying, crimes committed by teens and teen suicide has gone down, not up.

Risk for adults

Adults face risks both online and off. For example, there are risks associated with shopping online, but there are also risks when you shop offline. Your wallet could be stolen, you could leave the credit card at the store, the clerk could clone your card or you could have a car accident on your way to or from the store.

Adults who date online also take risks, but so do those who meet their partners in bars and other locations.

Regardless of our age, there are privacy risks when going online or using smartphones and I would agree that online tracking, phone geolocation features and the hundreds of thousands of mobile apps do present some privacy concerns that we don’t have in the physical world.  Still, there are plenty of reasons to worry about privacy in non-cyber settings, including school, workplaces, hospitals and even grocery stores that track what we buy. Failing to shred sensitive paper records remains a risk as does talking about private matters in public.

The bottom line is that we need to be concerned about all risks whether online or off, but we should thinking that technology related risks are any more pernicious or serious than ones we’ve been taking for centuries.

And, whether the risk comes from online or offline activities, we also need to remember that life can never be risk free. Everything we do has risks and the trick is to try to balance those risks while still enjoying life.


Posted in Child safety | Comments Off

Why I don’t want to hear about any new parental control products

It’s hard to get through a week without hearing about a new product designed to protect children online or on mobile devices. Some of these products block content, others give parents some control over who their kids can communicate with but most offer some sort of monitoring, giving parents a glimpse into what their kids are doing on their mobile and other connected devices. Increasingly, these products are being marketed as a way of detecting and preventing bullying.

It’s not uncommon for these products to be developed or at least inspired by parents who have had an experience with their kid being bullied or exposed to inappropriate material. The parent may have been outraged by the incident with a sincere desire to help other parents avoid the same issues.

My advice to anyone thinking about creating such a product is to first take stock of the many other products and services in this already saturated field and second take note that even those products — collectively — have relatively low penetration rates.

I also urge any would-be parental control entrepreneurs to consider that one product can’t possibly serve all families. Controls that block inappropriate content usually work well for young children but not for older ones. Products to monitor Internet or mobile use may be necessary for some kids, but not for most. Studies have shown that kids who get into some type of trouble online are usually risk-takers in other aspects of their lives as well. And if you think a monitoring program will stop cyberbullying, consider that the majority of bullying takes place in-person and not online, and even when it is online (or mobile) it is often a reflection of what’s going on at school or wherever kids gather in the physical world. For more on bullying, see A Parents’ Guide to Cyberbullying.

And, before you think you’re going to earn a lot of money from your product, be aware that there are a number of excellent free parental control tools from Microsoft, Symantec and other companies.

I’m not aware of any accurate up-to-date data on the parental control marketplace but everyone I’ve spoken with in the know admits that it’s pretty small. A 2011 study done by Hart Research for the Family Online Safety Institute (FOSI) found that just over half the parents (53 percent) said they have used controls to limit or monitor their child’s online behavior with products ranging from PC filtering programs that limit what sites a child can visit to services that monitor children’s activities on mobile devices. But “have used” is not the same as using. I’m one of many parents who used controls for a short period of time and then stopped after realizing that having occasional conversations with my kids was a more effective, and lasting, way to influence their behavior. 

Even though the survey found that 47 percent of parents haven’t used these tools, 87 percent of them were aware that such tools are available, and 93% had a set rule to limit or monitor their children’s Internet usage. Parents know these products exist and most have other ways to help their kids stay safer online.

That same study found that 60% of parents who are not using controls say that controls aren’t necessary because they have household rules that their kids follow.

And even for parents who do feel a need to use parental-control software or service, it’s important to remember that they are never a substitute for common sense, engaged parenting and — most important — teaching kids to be respectful of others, self-protective and resilient. Eventually your kids will grow up and one of the purposes of childhood is to learn to protect yourself long after mommy and daddy and whatever tools they employ are off the job.

Screen Shot 2014-07-03 at 7.53.37 AM

FOSI survey summary. Click here or on image for full-size infographic


Digital citizenship & media literacy beat tracking laws & monitoring

Evolution of online safety: Lessons learned over 20 years

The Internet, Youth Safety and the Problem of ‘Juvenoia’,” by David Finkelhor PhD

Posted in Child safety | Comments Off

PTA panel tackles digital citizenship (slideshow)

I was honored to be on a panel at the National PTA Conference in Austin, Texas focusing on digital citizenship (scroll down for a description and list of fellow panelists).

Panelists explored both the meaning of digital citizenship and strategies for educating students and parents on how to navigate 21st century technology productively and safely. While cognizant of challenges, each speaker emphasized the incredible value of technology at school and at home, stressing the importance of access while reflecting on how parents and kids can put thought into how they present themselves in a digital environment.

The panel was sponsored by Lifelock, which is helping support the PTA’s efforts in this area. is working with the PTA on digital citizenship, Safer Internet Day and the One Good Thing campaign. 

Here’s my KCBS radio segment about the panel.

Below is my PowerPoint that covers the evolution of online safety, some thoughts on risk and protection, my definition of digital citizenship (which includes rights) and a bit about and the work we’re doing.

PTA’s description of session

When students do homework on their tablet or computer or network with friends, how do we ensure they are creating a thumbprint of their digital self that will positively affect their present and future? How do we establish screen time limits? How do we make sure that positive social media etiquette is as natural as looking both ways before crossing the street?

A panel of leading experts including National PTA, a leading online safety organization, and educators will lead a discussion about the best ways to engage with our kids to establish safe practical ways that students, parents and teachers can encourage simple and effective online habits that will carry through to adulthood.

Attendees will also learn ways to engage student leaders in bringing awareness to this issue, especially during celebrations like Digital Citizenship Week in October and Safer Internet Day in February.


  • Mary Pat King, Director of Programs & Partnerships, National PTA
  • Catherine Teitelbaum, Digital Safety Expert and Consultant for LifeLock
  • Larry Magid, Co-director,
  • Rebecca Levey, Co-founder,
Posted in Child safety | Comments Off

Aspen task force would take learning ‘back to the future’

This post first appeared in the San Jose Mercury News

The Aspen Institute Task Force on Learning and the Internet released an outstanding report whose title, “Learner at the Center of a Networked World,” suggests a radical rethinking of how we approach education.

Screen Shot 2014-06-20 at 12.38.54 PMThe report was the product of about 20 leaders with expertise in technology, public policy, education, safety and privacy including my co-director at, Anne Collier. Jeb Bush and Rosario Dawson served as honorary co-chairs.

I’ll get to the report in a moment, but as I read it, I couldn’t help to reflect back to my own experiences from a few decades ago, beginning when I was an undergraduate at UC Berkeley.

In 1967 I had the privilege of being one of the student coordinators of Berkeley’s Center for Participant Education, a student-initiated course program that was born out of Berkeley’s Free Speech Movement. CPE, like other “free universities” and “alternative schools” that popped up around the world in the ’60s and ’70s, promoted student-centered learning by giving students the power to initiate and help direct their own learning, using resources from local faculty, the community and subject matter experts, including some without traditional academic credentials. By getting faculty sponsors, we were able to offer academic credit for non-traditional learning.

There was no Internet back then, but we did have museums, libraries and access to people from the community such as artists, musicians, bakers, bankers, park rangers, social activists, and people with and without all sorts of advanced degrees and impressive credentials, including some who were internationally recognized as leaders in their fields. And — even without the Internet — there were plenty of other resources, including newsletters, films, records, and of course, books and periodicals. We didn’t have blogs, but we did have mimeograph machines and megaphones. But, mostly, we had an attitude that students were the center of their own learning and that any student had the right to help fashion a learning environment, based on his or her own needs and learning style.

Screen Shot 2014-06-20 at 1.18.55 PM

A.S. Neill’s Summerhill was written in 1960 and helped inspire the movement for educational reform

In 1969, I moved to Washington, D.C., to run the Center for Educational Reform, a Ford Foundation project of the now-defunct National Student Association, that helped bring this concept to universities and secondary schools around the country. Another nonprofit, New Schools Exchange, published a newsletter that supported hundreds of student-centered “free schools,” where even young children were able to help shape their own learning environment.

Fast forward to 2014. Technology has unleashed incredible resources for individualized learning, but — somewhere between 1970 and today — educational reform got hijacked and redirected by well-meaning policymakers whose strategy seems to be more aimed at preparing students to take standardized tests and less toward student and parent empowerment and the ability for young people to articulate and achieve their own dreams, goals and aspirations.

So, imagine my delight that a group of 21st century experts assembled by the Aspen Institute took us back to the future with recommendations for a “new culture of learning” where “learners must move from the passive absorption of content to a new sense of agency that enables them to find a path that makes sense for their individual interests and learning styles.” These are great ideas, reminiscent of what pundits like John Holt, Ivan Illich, Herb Kohl and Jonathan Kozol wrote back in the ’60s.

What is different of course is that with modern technology there are no more excuses for education to remain in the dark ages. As the Aspen report ably documents, the proliferation of broadband and mobile devices is already “helping students chart their own unique pathways of learning subjects as well as adjusting the pace of their learning.”

I fully support the task force’s recommendations, which include redesigning “learning environments to empower learners to learn any time, any place, and at any pace, both in school and beyond,” as well as building “an infrastructure that will connect all students in all of the places they learn.” The task force also called for open standards and “protocols that simplify and promote interoperability of learning resources” and — my favorite recommendation — that schools adopt “policies to incorporate digital, media and social-emotional literacies as basic skills for living and learning in the digital age.”

I also applaud the Aspen task force for taking on laws like the Children’s Online Privacy Protection Act, which, though intended to empower parents to protect their children’s privacy, has the effect of preventing children under 13 from participating in popular social media services along with what the report called the “unintended consequence of encouraging children to make use of sites that do not attempt to enforce COPPA’s restrictions and that may be less conscientious about protecting young users.”

The task force also calls for “deeper research on the efficacy” and possible negative side effects of privacy and safety laws such as the Family Educational Rights and Privacy Act (FERPA), the Children’s Internet Protection Act (CIPA) and various state laws.

I’m not anti-regulation and I certainly agree that government has a role to play in protecting the privacy of both children and adults, but I agree with the task force that we need to examine the unintended consequences of even the most well-meaning legislation.


Learner at the Center of a Networked World splash page. Full report (PDF)

A task force report & a student bill of rights: Task Force member and ConnectSafely co-director Anne Collier’s commentary about the report and the work of modern-day student activists

Make personalized learning a realty says ed tech task force: Observations and commentary by Family Online Safety Institute (FOSI) CEO Stephen Balkam



Posted in Child safety | Comments Off

Parents have a lot to learn about mobile safety, privacy and security: from their kids

After spending a lot of time writing and editing our new free booklet, A Parents’ Guide to Mobile Phones, my colleagues and I came to the realization that parents do have a lot to learn — from their own kids.

Sure, our guide has all sorts of tips and suggestions, but our most important point is that parents should talk with their kids about their mobile use.  Note I said “with,” not “to.” An open, two-way conversation with your kids about their mobile use is a lot more effective than a lecture. Besides, you might discover they know more about safety, privacy and security than you think. Maybe more than you do.

ConnectSafely produced the guide in partnership with CTIA, with support from AT&T, Sprint, T-Mobile and Verizon Wireless.

Studies from Pew Research Center and as well as ethnographic research from danah boyd and others have found that kids are far from clueless when it comes to privacy and safety issues. That’s not to say that your kids don’t have anything to learn — we all do — but that you shouldn’t assume that they’re using their technology in a reckless fashion, even if you’ve seen some press reports making that claim.

Advice for parents

As far as our guide is concerned, we advise parents on things that matter including the best age to get a child their first cell phone, how to make sure your child’s privacy is protected and how you can help assure your child uses apps that are safe and appropriate. We also talk about how to use the phone’s settings to maxiumize privacy and security and advise parents to be sure their kids are using a pass code of some type to make sure that others can’t use their phone. In addition to protecting their data, keeping others from accessing their phone reduces the risk of someone using it to harass or bully others and get your kid into trouble.


The guide warns parents about the possible misuse of geolocation — the feature that allows apps to pinpoint the phone’s (and therefore the user’s) location. While these features can enhance safety and give parents the ability to track their kids, they can also be misused. As we say in the guide, “With the exception of E911, it’s possible to turn off geolocation, either for the entire phone or just for specific apps.”  Parents and kids “can review the apps on their phones to see which apps share location. If you’re uncomfortable with any of them, you can try to turn off the app’s location feature or just delete the app.”


There are parental control tools from carriers, phone makers and app developers that parents can use to monitor or even limit what they’re kids can do on their phones and while such tools can be helpful in some cases, they’re not for every kid. If you do use monitoring or filtering tools, talk with your kids about why you’re using them and consider weaning them away from those tools as they show that they are responsible mobile users. Kids don’t stay kids forever and our goal as parents is to teach them the critical thinking skills that will last a lifetime in whatever situations they encounter. As my ConnectSafely co-director Anne Collier pointed out, “safety, privacy and security depend less and less on external safeguards (such as parental control tools, which can give parents a false sense of security) and more and more on the “filtering software” in their heads and hearts.

A Parents Guide to Mobile Phones is available in both English and Spanish.


Posted in Child safety | Comments Off

Aspen Institute Task Force takes on education in the Internet age

The report: Learner at the Center of a Networked World

A task force report & a student bill of rights: Task Force member and ConnectSafely co-director’s commentary about the report and the work of modern-day student activists

Make personalized learning a realty says ed tech task force: Observations and commentary by Family Online Safety Institute (FOSI) CEO Stephen Balkam

Posted in Child safety | Comments Off

Google complies with “right to be forgotten” but is it the “right” ruling?

The European Union Court of Justice ruling about the “right to be forgotten” is more wrong than right. Of course I sympathize  with the individual who pressed the claim — a Spanish citizen who was upset that Google was linking to a notice  in a newspaper about his repossessed home from 1998. But even though the newspaper article may have been old and by now irrelevant, it was still factual and Google’s only crime was pointing to a web page without making any value judgement — something Google has proudly done since the day it was founded.

Why it’s a bad decision

I have several problems with the court’s order. For one thing, it puts Google into the position of having to make editorial decisions about the content it points to, which kind of defeats the purpose of a search engine. I’m all for curated content, but that’s not what Google does. It simply scours the web to unearth content and makes that content available via search. If Google has to start making decisions about whether to include content that someone might want forgotten, what other editorial decisions might it make about content? Do we really want Google effectively censoring the web by failing to surface legal content?

Another problem I have with the right to be forgotten is that history is history, regardless of how unhappy someone might be to have it revealed. If something happened — even if it is outdated or irrelevant — it still happened and stories about it are part of the historical record. It’s the electronic equivalent of shredding old newspapers because you don’t like what’s printed in them.

It also creates a false sense of security because the court ruling doesn’t require that the information be taken down — just removed from search results. In other words, it’s still there and there may be other ways for people to find it.

Google’s Search removal request form

Google has created a web page where you can request that they “remove results for queries that include their name where those results are ‘inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed.'”

On that page, the company said that it “will assess each individual request and attempt to balance the privacy rights of the individual with the public’s right to know and distribute information.” Factors will include whether the results include outdated information about you, as well as whether there’s a “public interest in the information—for example, information about financial scams, professional malpractice, criminal convictions, or public conduct of government officials.”

Europe only

The form is for Europeans only. The person has to select their country from a dropdown menu of 32 countries and must provide some form of identity verification and check a box certifying that the “information in this notification is accurate and that I am the person affected by the web pages identified, or I am authorized by that person to submit this request.”

People are required to provide the URL they want removed along with an explanation.

No appeal

Google has no choice but to abide by the court’s decision and, because it is the highest court in Europe, there is no appeal.

For more, see Anne Collier’s post, Remember: The ‘right to be forgotten’ is shared

Posted in Child safety | Comments Off

Missing Children’s Day — let’s bring them all home

Screen Shot 2014-05-25 at 10.13.26 AMSince it was founded 30 years ago, the National Center for Missing and Exploited Children (NCMEC) has helped reunite thousands of missing kids with their families.

I have had the privilege of serving on NCMEC’s board for nearly two decades and, since that time, we have seen a dramatic increase in the recovery rate thanks to NCMEC’s dedicated staff along with alert members of the public who report sightings of missing kids. From 1984 through December 2012, NCMEC has assisted law enforcement with more than 195,300 missing-child cases resulting in the recovery of more than 183,100 children, according to the organization. The  recovery rate for missing children has grown from 62% in 1990 to 97% today.

Screen Shot 2014-05-25 at 10.54.32 AMI became involved with NCMEC in 1993 during the search for Polly Klass, a 12-year-old girl who was abducted from her Northern California home, about 80 miles north of where I live. During the search I helped post Polly’s picture online. When Time magazine wrote about the effort, I was overwhelmed by requests from parents of other missing kids, which led me to contact NCMEC’s then CEO Ernie Allen who quickly realized the potential for using online tools to help find children. Even though we couldn’t save Polly, online tools such as are now used routinely to help in the recovery of missing children.

Public-Private partnership

NCMEC is a non-profit organization, not a government agency, though it was authorized by Congress to serve as the national clearinghouse for information about missing and exploited children. Congress has also designated NCMEC to run the national, toll-free, 24-hour missing children’s hotline; and operate the CyberTipline for online reporting of the sexual victimization of children and inappropriate sexual content.

NCMEC is a unique public-private partnership which receives funding from both the Federal government and numerous private donors ranging from large companies individual donors from all walks of life — including young children who conduct fund-raisers or donate their pennies to help other kids.

Key facts

As you can see from the key facts below, only a tiny percentage of missing children cases involve “stereotypical’ abductions but even children who are abducted by members of their own family can be in extreme danger and deserve to be protected and returned to their lawful parent or guardian.

And it’s not just missing children. NCMEC helps prevent and prosecute cases of child exploitation, including sexual exploitation of children as young as infants. The organization also works to rescue underage victims of prostitution, helping them recover from the trauma of what is often forced or coerced and extremely traumatic exploitation by adults who profit through human trafficking.

NetSmartz workshop's "Clicky" teaches young children about Internet safety and digital citizenship

NetSmartz Workshop’s “Clicky” teaches young children about Internet safety and digital citizenship

NCMEC also operates the NetSmartz Workshop, which provides high-production value materials to help educate young people about how to stay safe on and offline.

Here are some “key facts” from NCMEC’s website.

The most recent, comprehensive national study for the number of missing children estimated in 1999: [1]

  • Approximately 800,000 children younger than 18 were reported missing.
  • More than 200,000 children were abducted by family members.
  • More than 58,000 children were abducted by nonfamily members.
  • An estimated 115 children were the victims of “stereotypical” kidnapping. These “stereotypical” kidnappings involved someone the child did not know or was an acquaintance. The child was held overnight, transported 50 miles or more, killed, ransomed or held with the intent to keep the child permanently.
  • To find the number of children missing from a specific state or territory contact the state’s Missing Child Clearinghouses.
  • The first three hours are the most critical when trying to locate a missing child. The murder of an abducted child is rare, and an estimated 100 cases in which an abducted child is murdered occur in the U.S. each year. A 2006 study indicated that 76.2 percent of abducted children who are killed are dead within three hours of the abduction. [2]
  • The National Center for Missing & Exploited Children® has assisted law enforcement in the recovery of more than 193,705 missing children since it was founded in 1984. Our recovery rate for missing children has grown from 62 percent in 1990 to 97 percent today.
  • The AMBER Alert program was created in 1996 and is operated by the U.S. Department of Justice. As of April 2, 2014, 688 childrenhave been successfully recovered as a result of the program. [3]
  • As of Dec. 2013, NCMEC’s toll free, 24 hour call center has received more than 3,899,964 calls since it was created in 1984. Information about missing or exploited children can be reported to the call center by calling 1-800-THE-LOST (1-800-843-5678).
[1] Finkelhor D., Hammer H., Schultz D., Sedlak A. National Estimates of Missing Children: An Overview, U.S. Department of Justice, 2002.
[2] Brown K., Keppel R., McKenna R., Skeen M., Weis J. Case Management for Missing Children Homicides: Report II, National Center for Missing & Exploited Children and U.S. Department of Justice, 2006.
[3]AMBER Alert, U.S. Department of Justice.


Posted in Child safety | Comments Off

Internet security is a global issue that requires global cooperation

This post first appeared in the San Jose Mercury News

PARIS — The National Cyber Security Alliance, or NCSA, is a Washington, D.C.-based organization that promotes online security and safety. Its board consists of representatives from Microsoft, Google, Facebook, Comcast and other U.S. companies, and it works closely with the Department of Homeland Security to provide security advice for American businesses and consumers. I’ve attended meetings in Washington, Pittsburg and Silicon Valley with NCSA staff, and the agenda has always focused on U.S. security issues.

NCSA, along with the Anti-Phishing Working Group, is the main force behind the “Stop. Think. Connect.” campaign, at, that seeks to raise awareness by encouraging people to pause and think about what they do before they “connect.” It’s kind of the cyber equivalent of the “buckle up for safety” campaign that promotes safety for motorists and passengers.

So I was a bit surprised when NSCA invited me to participate in an international online safety awareness meeting in Paris, attended by representatives of nonprofits, governments, universities and companies from several countries. The event was hosted by Microsoft and took place at its Paris office.

But I was reminded of the global nature of cyberthreats on the day we convened our meeting last Tuesday as news broke that the Justice Department, with the help of law enforcement agencies from other countries, issued indictments in connection with the Blackshades Remote Access Tool (RAT) “that enabled users around the world to secretly and remotely control victims’ computers,” according to the Manhattan U.S. attorney’s office, which said the bust involved more than 90 arrests in 19 countries.

The Blackshades RAT is malicious software, or malware, that has been used by criminals in more than 100 countries to “infect computers throughout the world to spy on victims through their Web cameras, steal files and account information, and log victims’ key strokes,” according to the Justice Department. The alleged co-creator of Blackshades, Alex Yucel, who is from Sweden, was arrested in Moldova and is awaiting extradition to the United States. Brendan Johnson, who is charged with helping to market and sell malware, including the RAT, and provide technical assistance to its users, was arrested in Thousand Oaks, California.

Blackshades provides a good example of how you could be sitting in your home in Palo Alto and be victimized by a criminal on another continent or vice versa. Thanks to botnets, where malicious software spreads itself from computer to computer without the knowledge of the machine’s owners, it’s possible for a computer from Estonia to infect your home PC and for your home PC to then infect someone else’s PC in Germany.

There are plenty of other examples of international cybercrime. I’m on the board of the National Center for Missing and Exploited Children, which regularly cooperates with counterparts in other countries to try to stem the tide of illegal child pornography across borders. John Carr, a child safety adviser to the United Kingdom government, told me that a “substantial proportion” of the illegal images that make their way to the UK come from the United States.

Privacy is also a global issue, as we were reminded last week when the European Court of Justice in Luxembourg ruled that search engines (the biggest two being U. S.-based Google and Microsoft’s Bing) can be required to delete search listings of posts, including stories in newspapers, that may be dated or irrelevant, even if they happen to be true. This ruling could not only affect U.S. companies that offer search, but also those of us in the United States and other countries who use these services, even though the delete order was issued by a court on another continent.

At the Paris meeting, the discussion turned to international cooperation, and it was generally agreed that it’s a good idea for organizations in countries around the world to coordinate at least some of their messaging because of the similarities of the issues that we all face. That doesn’t mean that a campaign that works in Istanbul will necessarily resonate in Indianapolis. But in our increasingly globally connected world, there are plenty of common themes and practices that we can share.

In an interview, NCSA Executive Director Michael Kaiser summed up the purpose of the meeting. “We are trying to reach everyone on the globe because we’re all connected to the same Internet and, unless we’re all safe and secure, we won’t have a safe and secure Internet.”

Posted in Child safety | Comments Off

Facebook changes new user default privacy setting to friends only — adds privacy checkup

This post first appeared on

Until now, when new Facebook users sent out their first post, the default setting was public, which means that anyone could see it. It’s long been easy to change the audience to Friends only but if you didn’t know about that option, you could have accidentally told the world what you meant to only tell people you know and trust.

Disclosure: Facebook is one of the companies that provides financial support to, the non-profit Internet safety organization where I serve as co-director.

Change for new users only

Facebook is changing the default for new users so that, going forward, the default setting is Friends. The change will have no impact on existing users. The first time someone posts, they will see a reminder to choose an audience for that post and if they don’t make a choice it defaults to Friends.

In a statement, Facebook said that “We recognize that it is much worse for someone to accidentally share with everyone when they actually meant to share just with friends, compared with the reverse.”

Changeable but sticky

 You can easily change the audience of each post and once you make a change it becomes sticky, which means it remains that way till you change it again. So, if you normally post to friends and decide to post something to the public, your subsequent posts will also be public until you change it back to friends only.

That stickiness is important to remember. If you normally post just to friends and decide to post something publicly, you must remember to change the setting back to Friend the next time you post or your posts will remain accessible to the public.

Privacy checkup

Facebook is also launching a “privacy check-up” to enable users to review their privacy practices and settings such as “who they’re posting to and the privacy settings for information on their profiles,” according to Facebook. It also helps users review which apps they’re using and “the privacy of key pieces of information on their profile.”

Earlier App privacy changes

At the F8 Facebook developers conference last month, Facebook CEO Mark Zuckerberg announced changes to its app privacy policies including allowing people to interact anonymously with apps (Facebook knows who you are but you have the choice about whether to reveal your identity to the app developer). Facebook is also providing users with more control over what information they reveal to apps as well as more control over what others can share about them via apps.

Steps in the right direction

I have to give Facebook credit for giving users more control over their privacy and changing the default from public to friends. Its always been possible to control your privacy on Facebook but it’s often been too complicated — especially for new users who could so easily to a broader than intended audience. I’m not entirely sure what motivated these most recent changes but I suspect they will be welcomed by users.

The privacy checkup is another important step. One of the biggest complaints about Facebook privacy is that users don’t know what is out there that others can see and may not be aware of how to control who has access to their content. Of course, this isn’t the first time Facebook has sought to simplify its privacy settings. There have been numerous changes over the years including, for example, the addition of an activity log, a couple of years ago, that helps people uncover what they’ve posted and what’s been posted about them.

There is still more work to be done in terms of educating users about their privacy and how to limit what people can see about them on Facebook and beyond. Facebook also needs to do more to educate people about how their personal information is used to direct advertising.

Posted in Child safety | Comments Off