While I was driving to work this morning I listened to a piece on Radio 4 about an Ofcom study published today (also reported on the BBC News website). The report and interview on the Today programme was essentially suggesting that children in the UK are routinely sharing too much personal information on social networking sites. One mother interviewed said that she didn’t really understand the privacy settings on the social networks her son used, that she trusted him, and then admitted that she had “abdicated responsibility” for his use of the sites.
It was another of those segments that made me gnash my teeth and make comments at the radio. While I very strongly believe that children (and their parents) do need to be well-informed about the ways to make effective use of social networks and how to protect themselves online, I wanted to share an interesting experience that may indicate that the problem may not be as bad as the media makes out.
During the Blue Fusion event we ran at IBM Hursley recently, I spent a day running an activity that was all about identity theft and online privacy. The idea of the game was that the students were given a single piece of information – someone’s name – and then had to see how much they could find out about them through social engineering: web searches, finding paper information, or passing themselves off as various official organisations in roleplays. It was entirely contrived, of course… the designers of the activity had deliberately setup a social network profile for the person with “just enough” data to put the youngsters on the right track, and then laid a bunch of other clues based on the individual being quite hapless (not shredding documents, giving out personal data entirely too freely, etc). It was a lot of fun to run, and also brilliantly put together.
At the end of the activity I made a point of bringing the teams together and talking to them about how careless use of social networks could theoretically provide openings to identity theft. We had a short Q&A session that revolved around what networks they used (interestingly, most of them were on Bebo or MySpace, and not Facebook), and what kinds of information they shared. Home addresses, telephone numbers and dates of birth were not generally on the list, which was a bit of a relief! The overriding impression I got from the exercise was that these students had a high degree of common sense… not that I’m saying that the sample group should be taken as indicative of every UK student, but their degree of online literacy was highly impressive.
On top of today’s Ofcom study, whilst I was at Male’ airport on the way back from vacation I caught a snippet on Sky News covering last week’s publication of the Byron Review. There’s a lovely statement in the Executive Summary of the review:
Children and young people need to be empowered to keep themselves safe – this isn’t just about a top-down approach. Children will be children – pushing boundaries and taking risks. At a public swimming pool we have gates, put up signs, have lifeguards and shallow ends, but we also teach children how to swim.
Again, from what I’ve read I think I broadly agree with some of the findings, but the point at which the teeth-gnashing comes in is where the report (and the media) start to talk about regulation, which just seems to me to indicate a fundamental misunderstanding of the nature of the Internet. Educate, don’t always seek to regulate.
The question is: just who needs educating here? The adults, the children, or the media? I think it’s obvious that today’s youngsters are streets ahead of most of their parents in terms of online literacy. I hope their parents can be persuaded to keep up, and not to attempt to crack down. And I hope the need for a weekly scare story about social networks can actually subside at some point this year – seriously, it’s getting old.
Apparently the Home Office is due to publish a set of recommendations later this week. I await their thoughts with a mixture of interest and dread.