This document provides information and guidance to teens on protecting their privacy and personal information when using social media and the internet. It discusses why online privacy is important, how personal information can be accessed and used, basic guidelines for safe social media use and disclosure of personal information, how to adjust privacy settings, security risks like passwords, phishing and spyware, and resources for further information. The overall message is that teens should be aware of privacy issues and risks when online and take steps to protect their privacy and personal information.
Teen Privacy Online: Social Networking, Privacy Policies and Security Risks
1. Teen Privacy Online
Social Networking, Privacy Policies
and Security Risks: How to protect
your personal information online.
2. Brought to you by . . .
Intel and the International Association of Privacy Professionals
proudly join in the celebration of Data Privacy Day 2008. We
encourage all students to learn as much as possible about how to
use the Internet and its many communication and ecommerce
tools as safely as possible in ways that protect the privacy of your
personal information.
2
3. Online Privacy for Teens
Online Privacy: Why It is
Important
Social Networking
You Can’t Get Something for
Nothing
Know the Basics: Disclosure
of Personal Information and
Networking Behavior
It Isn’t All About Common
Sense
Think About Tomorrow
When You Act Today
Privacy Policies and How to
Read Them
Security Risks
Sources and Resources
3
4. Online Privacy: Why It’s Important
Teens and young adults
among most knowledgeable
and creative users of the
Internet
Personal Information (PII)
Name, address, phone
numbers, birth date,
social security number,
credit card numbers,
photos, shopping
history
Technology Increases Risk of
Inadvertent Sharing
4
5. Data Privacy Day 2008
28 January 2008
United States and 27
European countries
celebrating Data
Privacy Day
Raising awareness
about data privacy,
protection of
personal information,
and online safety
5
6. Privacy: What Is it?
Privacy is the right or opportunity to decide
who has access to your personal information
and how that information should be used.
Knowledge is power.
When you go online, KNOW:
Who has access to your personal information?
How will your information be used?
Is that okay with you?
6
8. Social Networking: What Is It?
Facebook, MySpace, Friendster, and
other social networking sites
Creating personal profiles
Interacting with other people online
You can interact with school friends,
people from your city, people you work
with, people from your region, people in
a particular “network,” or people all over
the world
8
9. Data Protection and Privacy in
Social Networks: The Main Ideas
You usually can’t get
something for nothing
Know the Basics:
Disclosure of Personal
Information and
Networking Behavior
It isn’t all about common
sense
Think about tomorrow
when you are acting
today
9
10. You Can’t Get Something for
Nothing: The Cost of Networking
You can participate in many social
networks for free. BUT . . .
you must provide personal information to
participate.
Who can benefit from that information?
How do they use your information?
How can you protect your privacy?
10
11. Who can benefit from your Personal
Information?
Web Site Operators
Make money by advertising. The more users they
attract, the bigger the audience, the more valuable
the ad space, the greater the ad revenue.
Companies that want to sell you things
Want to advertise and sell you their products
Want to know about you and your brand loyalties,
preferences and interests
May want to track and tell your “friends” about items
you purchase as another form of advertising
11
12. Who Else Could Access your
Personal Information?
Colleges
May want to know more about you than just your
grades and test scores. Your profile may be a
good resource.
Current and Future Employers
May want to know what kind of person you really
are – beyond your resume and interview.
Parents
Sexual predators and pedophiles
12
13. Know the Basics
Disclosure of Personal Information
and Social Networking Behavior
14. Basic Guidelines for disclosure of
personally identifiable information:
Be sparing with
personal
information. If you
network socially,
provide only that
information you need
to provide to network
effectively.
14
15. Basic Guidelines for disclosure of
personally identifiable information
If you have a username, avoid including your
actual name or birth date. Never share your
password with anyone.
In a profile, generally speaking, do not provide
your last name, your phone numbers, home
address, date of birth, school or team name, or
travel plans. Do not provide your social
security number, family financial information,
bank or credit card numbers.
15
16. Exceptions to basic guidelines:
Birth Date: You may be required to provide
your birth date to sign up for a social network
or other online service because federal law
prohibits the collection of information from
children under 13 years old.
Arrange your privacy settings so the birth date
is not visible on your profile. If you want to
display your birthday, show the day of the
month but not your birth year.
16
17. Exceptions to basic guidelines:
School Name: Although you generally
should not provide your school name
online, some sites feature school-specific
networks, and the name of the network
will reveal your school online.
Limiting your social networking participation to
a school group, as opposed to the world at
large, may provide an extra degree of
protection and privacy for you.
17
18. Back to the Basics:
Use Privacy Settings!
Only share the
information you are
comfortable sharing.
Limit your audience.
Default settings usually
allow sharing. Take
affirmative steps to limit
disclosure.
18
19. Adjusting privacy settings can be a
multi-step process:
Access the Privacy Settings page on the
social network of your choice and learn
how to protect the privacy of your
information.
Some sites offer you the ability to set
different privacy settings for different
parts of your profile page.
19
20. Privacy Settings are not Foolproof
Maintaining privacy requires diligence and
maintenance.
Learn about the privacy settings of each site
you use. If you don’t understand the options,
contact the site and ask.
Regardless of the settings you use, privacy
settings are not foolproof. You should always
continue to be cautious about information
about yourself you place online regardless of
how restricted you believe your audience is.
20
21. Basics of On-line Social Networking
Behavior: The Number One Rule
Unless you would be willing to attach
something to a college application or
resume, share it with your parents, your
grandparents, current or future
employers, don’t post it. If you wouldn’t
put it on a poster and hang it on your
locker or your dorm room door, don’t
post it.
21
22. Basics of Behavior (cont.): Blogging,
Journals, The Wall
When you journal or blog online, these entries are
archived, or saved, and the content of these entries
can be searched.
Some blogging sites offer you the ability to choose which
subscribers can see what you have written, and some allow
you to block any anonymous replies.
Think about why and how you are using your profile
page. If you are blogging about your daily activities or
your social life, be extremely cautious what personal
information you provide about yourself and others in
those contexts.
22
23. Basics of Behavior (cont.):
“Friends”
Don’t invite people to be
your friends on-line if
you do not know them in
the real world.
If you must accept a
“friend” that you do not
know, do so cautiously,
recognizing that often
people are not who they
claim to be.
23
24. Basics of Behavior (cont): Photos
Do not post images of yourself that you
wouldn’t want to share with grandparents,
colleges, and future employers.
Don’t post images of other people that they
wouldn’t post of themselves.
If possible, ask permission before posting
an image of someone else on your site.
Always honor any individual’s request to
remove a specific photo of him or her from
your page.
24
25. Basics of Behavior (cont.):
Avoiding Risky Behavior
Sex -- Just don’t
talk about it on the
Internet, particularly
with people you do
not know.
Never agree to meet
someone in person
that you “met” on the
Internet.
25
26. Other Ways to Protect your Privacy
Use services with age and identity
verification systems
Use services that allow you to report
inappropriate content
Look for sites with privacy seals like
TRUSTe and the Better Business
Bureau
26
27. More Ways to Protect your Privacy
Talk with a parent, older sibling, or other adult
you trust about your Internet use.
Educate your parents about technologies that
are new to them.
Check out any safety tips provided by the site
you are using. Use online resources to find
additional safety and privacy information.
ALWAYS KNOW how your information is
being used and stored by others.
27
28. It’s not just common sense.
“Don’t get in a car with
someone you don’t
know.”
“Don’t open your door to
a stranger.”
But . . . Don’t talk to
strangers? Isn’t that the
whole point for some
users?
Common sense only
takes you so far. Some
technological
understanding is helpful.
28
29. Caching
If you put something on the Internet, it is
difficult if not impossible to take it back.
Search engines and browsers cache
websites, allowing photos, videos and
text to be retrieved long after the website
has been deleted.
29
30. Caching and Public Computers
Caching also raises issues
you should be aware of when
you use computers in public
libraries or other public
spaces.
Web browsers cache sites
that you have visited.
Web browsers can also
cache temporary internet
files, cookies, info that you
enter into websites and
address bars as well as
passwords.
30
31. Think About Tomorrow When You
are Acting Today
Do you know how much money it
costs to remove a tattoo? Hundreds
or thousands of dollars, depending
on the size and quality of the tattoo.
This doesn’t mean you should never
get a tattoo – it just means you
should be well aware of the costs
and consequences associated with
making such a decision, now and in
the future, before you do it.
Social networking and blogging
online are the same –
information and images can be
extremely difficult if not impossible
to take back. Even when you
delete information from your profile
or site, older versions are still
accessible to others.
31
32. Think About Tomorrow (cont.)
Do not jeopardize the privacy of others.
Treat others the way you would want to be
treated online.
Respect the privacy and personal
information of others.
Don’t identify others on your page in a way
they would not identify themselves or post
photos they would not post.
32
33. Privacy Policies
Many websites have
privacy policies or
statements.
Main function: to
describe what
personal information
they will collect,
whether they share
it, how they will use
it, and how they will
secure it.
33
34. Privacy Policies should provide:
Notice Exactly what information they collect
and how they use it
Choice You should be given a choice about
the collection and use of your
information
Access The ability to access your information
maintained by the site and the
opportunity to correct inaccurate
information
Security Reasonable security measures to
protect your information from loss,
misuse, or alteration
34
35. Privacy Policies (cont.)
The language can be
confusing.
Look for:
Whether the site will
sell or share your
information with
third parties
The chance to opt-
out of practices you
do not like
35
36. BUT . . . .
Always keep in mind that a policy is merely a
policy.
Because the policy is essentially the measure
of your rights on the site in which you are
participating, pay careful attention to the ways
in which the policy limits the site’s exposure
and accountability.
Look for a web seal that lets you know the site
takes its policy and your privacy seriously.
36
37. Recap:
Find the privacy
policy and read it.
But always continue
to act cautiously
online with your
personal information
regardless of a
policy’s
representations.
37
38. Security Risks
Passwords, File-Sharing, Spyware,
Phishing and Updating
39. Protecting your personal
information: Passwords
Keep your passwords in a secure place.
Do not share passwords.
Experts suggest: the strongest passwords have at
least 8 characters and include numbers and
symbols as well as letters.
Do not use your personal information, your login
name, or adjacent keys on the keyboard as
passwords.
Change your password every 90 days or so.
Use a different password for every online account
you access (or at least a good variety).
39
40. File-sharing software
Avoid down-loading file-sharing software.
If you use this software be extremely
careful about the information you share
in order to protect your personal
information.
Read end user agreements, understand
whether you are allowing spyware to be
installed on your machine, and
understand the risks of free downloads.
40
41. Spyware
Spyware is a program
that can be installed on
your computer from a
remote location to steal
your personal or
financial information or
to monitor your online
transactions to capture
that information.
Install antispyware
software to detect and
remove these spyware
programs.
41
42. Phishing
A phishing scam is one
designed to elicit your
personal information
(username, password,
account information) on
a fake website.
When you receive a
suspicious email, do not
click on a link provided
and provide personal
information.
42
43. Phishing Protection
When you receive a suspicious email, go
to your browser, contact the company,
and ask whether it is trying to reach you
or if there is a problem with your
account.
Use anti-phishing software.
43
44. Automatic Updates
As a final note, automatically updating
your computer helps ensure that your
computer is protected against the latest
threats.
44
45. Sources and Resources
The foregoing information was drawn largely from
information found in a number of articles and on
websites concerned about online safety and data
protection. These sources and resources will provide
additional, helpful information for you if you are
interested in learning more about any of the privacy
issues discussed today.
Please visit www.privacyassociation.org for a full list of
sources and resources, along with links to educational
videos about data protection and online safety.
45
48. Creative Commons License
This work is licensed under the Creative
Commons Attribution 3.0 Unported License. To
view a copy of this license, visit
http://creativecommons.org/licenses/by/3.0/
Or send a letter to Creative Commons, 171
Second Street, Suite 300, San Francisco,
California, 94105, USA.
Any use of these materials requires attribution to
the IAPP and Intel.
48