by Lynette Owens
Last month, the Washington Post published a surprising op-ed from Mark Zuckerberg. In it, the Facebook boss called for greater regulation of the internet to protect individuals’ online privacy, among other things. Although the goals he sets out are laudable, we shouldn’t hold our collective breath that things will change anytime soon. While his position is meant to protect all users, there is a second wave of legislative proposals designed to protect kids online – the KIDS and DETOUR Acts in particular – following similar moves almost 2 decades ago in the form of COPPA and CIPA. All are designed to protect kids online, because current laws, new technologies, and tech industry self-regulation have fallen short.
However, legal solutions are limited in their ability to truly prevent a child from falling victim to an internet scam or being tempted to give up personal information that puts them at risk. With the multitude of apps, websites, and devices becoming available every day, enforcement of such laws are hard to ensure. They are still needed and worthwhile, but we should not wait or assume a new law is enough. Instead, we need to take matters into our own hands to protect our families from intrusive online tracking. Our online activities are a blueprint of our daily lives that should stay private.
A call for regulation
Zuckerberg set out four areas he claimed Facebook would like to see more government intervention on to protect society: harmful content, election integrity, privacy, and data portability. In the area of privacy, he called for a globally harmonized framework in line with the sweeping European law introduced last year known as the General Data Protection Regulation (GDPR). This would give consumers greater choice over how their personal data is used, and place greater accountability on the firms that use it to keep it safe and secure.
When online services stake their survival on advertising dollars, personal information is the product that they must mine, store and trade. Each time we go online, we become part of that ecosystem, leaving traces of our existence behind for big tech companies to dig up and sell to the highest bidders. It is hard to imagine a company like Facebook asking for less control over a system that has made it so rich for so long, but it is now seeing the full impact of its uncontrolled access (and a society very willing to give up so much privacy). They have finally concluded that the cost of bringing a powerful platform to the world is becoming greater than the good it first set out to do.
Laws can certainly help. They can force standardization, create strong incentives to play by the rules, and remove the inconsistencies and weaknesses of self-regulation. However, they take time to be passed and even once in place, must be enforced to be effective. There’s no guarantee that any new legislation would ultimately limit online tracking or be successful in discouraging bad behavior. Google was fined $57 million under the GDPR for failing to be transparent over how personal data is used to personalize ads, but it took 7 months after the law went into effect for this verdict to be found.
This makes it vital for us to act now and take control of our online lives.
A digital blueprint
Why should we care? Because the sites and apps we visit online, the terms we search for, and the things we buy, read and download can be pieced together to create a startlingly accurate map of our lives. Everything from the age, medical history, birth dates, location and incomes of family members could be tracked without your knowledge. Typically, social networks like Facebook, search providers like Google and other firms use these to serve up personalized content and advertising. The idea is that they’re creating a better experience for the user, while also making money off of more accurate advertising. It means the Google results returned for you might be very different from those of your kids, for example.
But, think about all the tens of thousands of clicks, you and your family make in a day. Are you comfortable with these companies having that data? Here’s a list of exactly how deep their knowledge of our lives can go. Even if you’re fine with these sites having access to your family’s internet data, the truth is that these sites also share it with third-party trackers, which in turn can share it with other third-party trackers…and so on.
At best, it’s a bit creepy. At worst, this data could end up in the wrong hands and put your family in danger of identity theft, blackmail, or worse.
How tracking works
The first step to taking back control is understanding how internet tracking works. There are three main ways internet firms track your activity behind the scenes, not to mention all the things shared deliberately. Let’s look at the covert tracking first:
Cookies: perhaps the best known. They’re small pieces of unique data sent from each website and stored in your browser to identify you each time you return.
Browser fingerprinting: another method used by websites to identify your machine. They collect information including browser type and version, OS version, screen resolution, supported fonts, plugins, time zone, language and more.
Web beacons: tiny invisible objects hidden in web pages/emails which alert the owner when you open it up.
But, these tracking methods are just the beginning. Everything you have knowingly posted, liked, downloaded, watched, bought, engaged with, etc. online is also tracked. This type of tracking is spelled out in terms of service agreements and privacy policies, but how often have you clicked “agree” without reading a word of those clauses?
Collectively, all of this tracking can paint a pretty detailed picture of your family’s life.
How can I stop it?
Fortunately, there are things you can do to protect your family’s online privacy from all forms of tracking. Let’s start with what you engage with intentionally. Check all social media, browser, and search engine settings to see what all is being tracked. I bet you will be shocked when you look in Facebook at all the “liked” organizations you’ve engaged with over time – because everything from the first day you turned on a Facebook account is still listed there.
Also be cognizant of what information you are volunteering about your family. Checking in at the mall, the path you ran around the neighborhood this morning, vacation plans, kids birthdays and school events, etc. all add up to a holistic picture of day-to-day and long term activities you take part in. These are not just helpful for Facebook to sell for ad revenue – criminals use this publicly shared information for real-world crimes, like robbery. Next time you share an update, think about whether it compromises your family’s privacy in a way that matters to you.
Finally, use what is already available to you. Privacy settings, while not perfect, have improved over the last decade. Often times, the apps, sites and games you and your kids are using may be set to public by default. Before you use them, use every privacy setting you can to protect yourself and your kids. If an app doesn’t need to have access to your cell phone location, microphone, camera or contact lists in order to work, decline these requests from any app.
As for the covert, behind-the-scenes tracking, what you need to do will vary from browser to browser. You’ll have to check the security and privacy settings in your browser of choice to understand what is being tracked and whether you want to take action. As an example, here’s what to do in Chrome:
- Click on the three dots in the top right-hand corner of the browser. Go Settings, Advanced (at the bottom of the page). Here there are a list of privacy and security settings you can toggle off if you feel uncomfortable with them. It’s recommended that Safe Browsing is kept on to protect you from dangerous sites, while enabling Do Not Track will help prevent third-party sites storing your data, although it’s not 100% effective.
- Click on content settings to look at additional privacy settings.
- Go into Cookies. Most people will Allow sites to save and read cookie data because switching this off means having to log-in to sites each time you visit them. However, you may want additionally to keep local data until you quit your browser to limit what data sites can harvest from you. Also, you may want to block third-party cookies, as these track your browsing history across multiple sites.
- Finally, consider using incognito browsing on Chrome (known as private mode in Apple’s Safari browser). Your browsing history will not be collected and cookies won’t be left on your computer. It doesn’t stop the sites you are visiting from tracking or knowing what you’re doing on their sites, but can provide some semblance of privacy.
A combination of laws, improved design, and our own actions is one of the best options we have to keeping the internet a safer place for all of us. But we don’t need to wait for politicians or tech companies to do more. There are things we can do today to strengthen our privacy and ensure a safer internet experience for our families.
Lynette Owens is the Founder and Global Director of Trend Micro’s Internet Safety for Kids and Families program. With 20+ years in the tech industry, Lynette speaks and blogs regularly on how to help kids become great digital citizens. She works with communities and 1:1 school districts across the U.S. and around the world to support online safety, digital and media literacy and digital citizenship education. She is a board member of the National Association for Media Literacy Education, an advisory committee member of the Digital Wellness Lab, and serves on the advisory boards of INHOPE and U.S. Safer Internet Day.
Follow her on Twitter @lynettetowens