Name, Rank and Serial Number - by Deb Radcliff
When it comes to protecting yourself on the World Wide Web, take the military approach to releasing your personal information. What you don’t want to do is lead predators right to you.
Back in June of ’01, Computerworld published one of my investigative stories about the sensational, newly developed “Am I Hot or Not?” Website. At the time, the concept took off like wildfire, and 670,000 registered members were posting their pictures to be rated, and rating others’ images.
HotorNot CEO James Hong did everything he could think of to protect the privacy of these members. He set up the interfaces so no contact information could be posted, dominantly placed the privacy rules, and messages between members were processed through a HotOrNot server.
The problem was, the kids wanted to be found, especially girls with hopes of attracting talent or modeling scouts. So they got around all this by hiding their location and contact information inside the HTML of the photos. A right click on the picture brought up the HTML coding. Scroll down the code, and there’s the e-mail, address, and phone number in plain view. A woman’s college dorm address appeared in one.
I actually contacted that girl from the dorm, and another, through their contact information inside the HTML - slight, vulnerable young ladies who appeared least able to fight of any ax-wielding murderer showing up at their doors. When I explained to them their vulnerability, they lol’d me, called me old and paranoid and unable to get a clue about youngsters in today’s Internet age. One even added that she’d been stalked before and it doesn’t matter, she still wanted to be easy to find.
Nowadays, young people appear to know better. According to a study on Teens and Privacy by Pew Internet released April 17, 55 % of the 935 teen respondents (between ages of 12-17) have profiles and actively manage their online profiles. Most restrict access to varying degrees (66% say their profile is not visible to all Internet users). And they mostly use social networks to stay in touch with those they know (91%).
But 49% also use social networks to make new friends, and 31% have ‘friends’ on their profiles they’ve never even met. This, to me means that community users still aren’t getting the basic tenant that keeps us safe in the real world: Don’t trust strangers.
On the ‘Net identification is even more problematic because you can’t use your physical senses to establish some sort of profile. In these social communities, anybody can pretend to be someone else and get away with it. Even 46 % of those polled for the Pew survey say they misrepresent themselves with some or much false information, either for protection or to be “fun and silly” (in other words, play acting because cyberspace isn’t ‘real’).
The 14-year-old Austin girl who sued MySpace in February for an assault committed against her by another MySpace member could have avoided her trauma had she followed the stranger rule. Instead, she gave her contact information to someone misrepresenting themselves as a member of a high school football team when he was 19 and not in high school at the time.
The case was dismissed in February at U.S. District Court, Western District of Texas, giving social networking sites breathing room to try and work these things out technologically. But clearly, that girl was not thinking about her safety and privacy when she gave out her contact information and agreed to meet her would-be assailant.
The don’t trust strangers rule would have saved at least four other girls from the same fate. In January their parents filed suit against MySpace for failing to protect their daughters from online predators using fraudulent MySpace memberships to lure and assault their daughters.
If they didn’t know them in the real world, they shouldn’t have agreed to meet them alone or entrust them with any information that can be used to locate them. This includes phone number area code, address, name of school, hangouts, your employer, etc. If you don’t know them but want to, find someone you know to vouch for them – not as someone they met online but someone they’ve talked to and know in person before handing over any information or agreeing to meet. When you do, don’t go alone.
And watch for our series on cyberstalking. It’s a real eye opener on how criminals track down and terrorize their victims using solely online means.
Deb Radcliff is a veteran, award-winning security writer and vp of publishing for the information security think tank, the Security Consortium, in San Jose, Calif.