Parry Aftab wants to make the Internet safer--one social network at a time.
Founder of Wired Safety, a global Internet kids-safety nonprofit, Aftab is turning her passion for protecting kids online into a consulting business for the fast-changing world of Web 2.0 widgets, social networks, and virtual worlds. In July, she plans to launch Wired Trust, an Internet security business and certification program designed to act like an insurance policy for social sites.
Among other things, Wired Trust will advise companies on best practices involving spam, phishing attacks, member safety information, and moderating communities. It will also run a new best-practices seal program that, if effective, could give parents at least one clue about which social networks to trust.
CNET News.com talked to Aftab, a longtime attorney, before her planned announcement of Wired Trust.
(Credit:
Courtesy of Parry Aftab)
Q: So what will Wired Trust do?
Aftab: (Last year) I started thinking about creating a consulting company that would assist everyone in the Web 2.0 space with managing all of the risks--from spam to phishing; to securing their networks; to creating safety information for their users; to creating safe content for kids; to reviewing age-verification technology; to creating and screening their moderation practices.
We will go in and kick the tires and tell companies what they need to do. If they need help writing their safety policies and practices, we'll do it for them. Or we'll do the moderation for them in six languages on a 24-7 basis. We'll develop the technology for them one time, and we'll spread that technology among all of the sites and spread the cost.
And we will certify best practices for the industry. So if a site, a Web 2.0 technology, or a widget meets our standards of practices, we will upload the Wired Trust seal from our site. What we're doing is professionalizing safety in the Web 2.0 space.
What that means is we'll have a course that you can take online to get certified for risk management in a Web 2.0 world. We're working on courses with Pace University in New York right now in the field. You can get credits for college, and eventually we'll have courses on sexual predator management or cyberbullying management.
Why do you think this is important now?
Aftab: Everyone is moving into the Web 2.0 market--brands like Nike, Disney, and Procter & Gamble. They've always controlled their brands, but now they're creating Web 2.0 networks, and they're finding out they can't control anything. So a lot of them don't know what to do. The big consulting firms don't know what to do either.
We've had a lot of venture capitalists and big companies in acquisition mode, looking at $500 million to $700 million acquisitions, ask us to look at a company and assess how safe it is, and help them find better cyber citizens in the Web 2.0 space.
Which company, which acquisition?
Aftab: I can't say. But one of the largest entertainment companies in the world approached me about a teen Web site. I reviewed the teen Web site and thought it was doing a good job.
What does "doing a good job" mean?
Aftab: They were paying attention to their users, they made it easy for people to report abuses, and they were responsive when the abuses were reported. Everyone has a Web 2.0 network these days and having one that is safe and responsive is crucial.
What was the genesis of Wired Trust?
Aftab: It came about from a conversation a year ago with a friend at an ISP I trust who wanted my help to deploy Wired Safety volunteers and help monitor their networks for risks. (Through my nonprofit), I've got thousands of volunteers to assist the networks in handling risks. But I explained that Wired Safety is a charity and not for profit and we typically don't help companies that can hire these people. We're a charity with unpaid volunteers.
The problem is that the people who are generally the one moderating the networks are offshore. They work remotely, they don't have much training, and they may not have background checks, so quality control is a real issue and so is price. If you move the task to where the consultants are trying to do it, it's very expensive, so it's a lot cheaper to it in the Philippines or China.
What kind of risks are we talking about?
Aftab: It's the risks of a Web 2.0 environment, which is an interactive Internet. It's users talking to each other while using the site as a tool; it's user-generated content where people are taking their clothes off, etc. In the Web 2.0 environment, it's like herding cats. You don't know who your users are and you can't control what they do. But you can try to control the risks.
But what are the biggest risks on social sites?
Aftab: It depends on the demographic. But for kids, it's cyberbullying. It's the biggest single problem that I have and the Web 2.0 industry has. Because 85 percent of middle schoolers I've polled--that's 40,000 of them over the last year--indicated that they've been cyberbullied at least once. The important part is not asking, "Have you been cyberbullied?" but, "Has anyone ever stolen your password, changed it, and locked you out? Or posted a picture of you online, and altered it to embarrass you?"
So back to the start of Wired Trust...
Aftab: So in February 2005, I reached out to MySpace at the time, when it only had about 5 million members. I was screaming that they had 13-year-olds on the site sharing information and their general counsel said, "Help us make it safer." And I said, "Call me on my expert attorney line and not the charity line."
After we talked to them (from the charity perspective), we agreed to give our safety tips to them and spot risks for them and make MySpace safer. Their privacy settings came out because we asked them to. I told them what to do, and it would have cost them hundreds of thousands of dollars. The time came that they didn't listen as well, but we were inside MySpace, Bebo, and all the leading social networks.
So when I got this phone call from friend at an ISP, I started to think it's better for a for-profit company to advise the industry instead of a watchdog group. The industry is more likely to share what's really going on with me if we have a nondisclosure agreement and they know I'm not going to pick up the phone and call you or the Federal Trade Commission.
How is your certification different from Trustee's privacy seal?
Aftab: I was on the board of Trustee for eight years, so I know that organization. Wired Trust deals with all aspects of best practices. If someone has a Trustee seal, we will accept that on privacy. I'll just look at everything else, and that is: What have you done about reporting different types of abuses on your site? Do you have a technology that lets people report abuse when they find them? Are you handling the abuses reported...with the most important things getting priority?
We're making sure people who are doing this and are trained in how to do it have had background checks and are consistent, so if Mary gets an e-mail, you'll get the same response from her every time. We're ensuring that they have a policy for dealing with parents, and that it's articulated. And that they have a policy for dealing with schools, so if you have a school issue involving bullying that moves online, that someone from the school can easily contact you and inform you that it's going to explode on your site. You want to make it easier for schools to control you when something hits.
We want to make sure that there's a law enforcement policy--teaching the law what information you have and what people can do on your site. How does law information get information from you in any investigations they have on a 24-7 basis? So if you have a missing child that could have anything do with your site, the last thing you want to do is tell someone to call back at 9 a.m.
Another thing is responsible advertising practices, so that you're not putting Victoria Secret ads on a profile of someone who's told you that they're 13. A good part of this is making sure that their users are educated about how to protect themselves. Another requirement of the seal is that the company will have to register with us their after-hours contact information that we will share with all the attorneys general in the United States so that if an emergency hits, the AGs can contact who's in charge.
All of these things are common sense: How safe are you? How responsive are you to the risk? And do you have a place to report abuse?
How does your group fit in with what Facebook and others are already doing with the state attorneys general?
Aftab: I'm on the task force already for MySpace and the 49 state AGs, and Facebook is on that task force with me.
It's a good fit because we have the AG in New Jersey who has come up with things she thinks are best practices. We'll keep on top of that and we'll fold that into our requirements so that you know that by qualifying for my seal, you will comply with everyone. We kind of fit on top of all of this and put it all together and make it easy to do what's right.
How much will the seal cost?
Aftab: It will start at $25,000. The price depends on how many users you have, the level of risks, how professional you are, and whether you're dealing with kids. Because when you're dealing with kids, I want to make sure they're as safe as possible.
Now you're seeing these sites where 3-year-olds can share their stuff with others. It sounds nice, but once you allow a 3-year-old to click and send, things will go wrong. Once you allow someone who's too young to judge something, you want to make sure there's a control in place that they're not going to get spammed, and parents need to know what to do to keep their kids safer. So you need tutorials.
Parents should be able to go to the parents page and get a straightforward list of five points of what the site does and what it permits kids to do--and where to go if something goes wrong. If the site charges for something, let people know what it will cost them. Everyone really is so busy trying to make money and survive in this space that safety gets short shrift.
I'm happy to let them make money and survive; and they can hire us and we'll make them safer. We created this to meet a need, but more importantly to make people safer.
A group of Internet safety experts plans to announce next month a new start-up aimed at helping social networks provide safer Web 2.0 environments for kids and adults.
The company, called Wired Trust, will officially launch July 1. It will be one of the first consulting companies designed specifically to help social networks and kids' virtual worlds navigate safety issues in an age of cyberbullying, Internet predators, and anything-goes content from members.
_270x92.JPG)
(Credit:
Wired Trust)
Parry Aftab, a longtime Internet attorney, said she will announce the for-profit entity next month at a cyberbullying conference in New York put on by Wired Safety, a charitable watchdog group that she founded in the '90s.
Aftab will be joined by Peter Cassidy, head of the Anti-Phishing Working Group; Linda Criddle, former chief internal kids-safety expert at Microsoft; Catherine Bolton, who just stepped down as president of Public Relations Association; and Kelly Emerick, who will run one-to-one government relations in Washington. The group has also teamed with McAfee and the National Research Council in Canada, a government think tank, for technology development.
"All of us are joining forces to help these social-networking sites manage risks," Aftab said in an interview.
The move comes as all the major social networks including Facebook and MySpace, along with companies like Disney and Nike, are trying to figure out how to build a virtual safety net in their social environments online to protect themselves and users from trouble. For example, Facebook just reached an agreement with the attorneys general of 49 states and the District of Columbia that requires it to set up principles for user safety on its social network.
Aftab said that her company will advise small and large companies on industry best practices for running a safe social environment online. That includes looking at spam and phishing vulnerabilities, security of the network, member-safety policies, age-verification technology and moderation practices around user-generated content. For an undisclosed price, Wired Trust will even do the work for clients.
"We go in and kick the tires and tell them what they need to do. If they need help writing their safety policies and practices, we'll do it for them. Or we'll do the moderation for them in six languages on a 24-7 basis," Aftab said.
In addition, the company will introduce a new best practices certification program, which includes courses on cyberbullying and sexual predator management. Wired Trust is working with New York-based Pace University on an online course curriculum, Aftab said.
At next month's conference, Wired Trust will announce its first trusted seal recipients, which will include a popular teen social network. The seal is called the Wired Trust Best Practices.
The company, which will open its doors formally on July 1, is currently building an institute and center in Canada to house about 30 people. Aftab said that Wired Trust will hire as many as 300 staff by the end of the year.
The company is funded with money from the Canadian government, several charter members and ongoing client projects, Aftab said. For example, Wired Trust is talking to a major ISP about creating an animated version of its new privacy policy so that more people will read the otherwise dry document, according to Aftab.
She said that Wired Trust will also have seven charter members to help fund the start-up. (She would not name the potential partners.) But those members would have access to services from Wired Trust not available to clients, including a safety "swat" team that would handle any fallout related to a data breach or a child-safety incident, for example.
"We'll come in with a leading expert to put out their fire. We'll deploy on a 24-7 basis," she said.
Richard Smith, a longtime security expert who's not involved with the project, said that demand for these kinds of services typically comes down to corporate risk management--a company simply wants to stay out of trouble, or avoid bad stories in the press.
But Smith said he would rather see an industry or academic focus on teaching kids about the dangers of posting so much information about themselves on sites like Facebook and MySpace. He said that issue still hasn't been fully addressed.
"In terms of education, I see people being too open and not thinking through the consequences. Whether an organization can deal with that, I'm not sure. But we need to ask kids, 'Do you really want to have these online diaries?' And that what's these sites end up encouraging," he said.
Google is making its first public relations play for parents.
On Tuesday, the search company will unveil a new Family Safety Guide, a parent's resource for kids' safety online. Mountain View, Calif.-based Google also teamed with the media-awareness group Common Sense Media to produce an online video called "A common sense approach to Internet safety." The video will be featured on the guide page, on YouTube, and throughout the video-on-demand services provided by Comcast, Time Warner Cable, and Cox (which are partners of Common Sense.)
Of course, Google has long offered technology and resources for parents. Google's "safe search," for example, filters out inappropriate material for kids from its list of search results; and the Google directory lists kid-safe sites. But before this, Google lacked a central hub for children's safety tips and information like those offered by rivals Yahoo, AOL, or Microsoft. The educational video is also a big gesture. (Google plans to post a blog about the site on Tuesday.)
For its part, the video is fairly basic, with tips like "not to give out passwords." But with Google's reach, the video could educate millions of people on the tenants of online safety and literacy. It could also boost traffic to Google services: the video, for example, plays up privacy controls in Google services like photo-sharing site Picasa or chat service Gchat.
Elliot Schrage, vice president of Google's global communications and public affairs, said "Working together, we can help parents and kids take advantage of tools that help put them in control of their online experiences and make Web surfing safer."
When PBS's Frontline reported on "Growing Up Online" this week, it called the gulf between kids who grew up with technology and their parents "the greatest generation gap since rock 'n' roll." That's a bitter pill to swallow for adults in their '30s and '40s who have been involved in computers for 20-plus years, but I have to say I agree with their assessment. Maybe we kicked it old school with Pong and the Atari 2600. Or we had a Commodore 64 or a Macintosh with a whopping 512K of memory. We may have even written code since we were teens ourselves, but that's nothing compared to growing up with ubiquitous access to cell phones, media, and social networking.
Producer Caitlin McNally describes this shift in thinking that exists even between her, as a twentysomething, and the teens she interviewed:
Despite the research we did, I don't think I was prepared when we started talking to kids for the extent to which the Internet and other electronic communication has permeated all aspects of being a teenager. Almost every kid expressed the utter importance of being connected with friends all the time and how unthinkable a life without that connection would be. I think a lot of kids were bemused by our list of questions about 'life online,' because they don't sit around thinking about the Internet in their lives. It's just there, always, another tool for them to use or place for them to go.... Read more
I've been writing about parenting and technology long enough for themes to begin to emerge. Like Lou Dobbs talking again and again about the "War on the Middle Class," I am going to keep following the evolving story about kids and online safety, and supporting the idea that "Safe Product Design is Good Product Design."
Monday's announcement that MySpace has unveiled a new safety plan, working in cooperation with 49 attorneys general, is a step in the right direction. However, it did draw the predictable criticism epitomized by this reader comment on The Social blog:
A Novel Idea...: reader comment from jltnol Posted on: January 14, 2008, 2:24 PM PST Story: MySpace agrees to social-networking safety plan
Why can't parents just do what the [sic] are supposed to do? Part of parenting is knowing what your kids are up to all the time.
If you can't do it then hire a baby sitter who can.
You need a license to drive and a license to fish, but anybody can have a child.
Go Figure.
Wonderful! Another chance to hone my argument against such an unrealistic point of view. This is like saying, "You had a kid, so it's your job to drive safely. Why should car makers have to provide seat belts and antilock brakes? If you don't like it, don't drive at all."
Parents can't know exactly what their kids are up to at all times, especially when the category "kids" includes teenagers. In fact, I bet that if I told you that I maintained absolute surveillance on a 15-year-old at all times, you'd think I was a paranoid, hyperinvolved parent.
... Read more
Kids online safety advocates got their hackles up last week after the passage of a House bill that aims to channel $25 million over five years to one provider of online safety materials. Critics say that the measure is unfair to other child safety organizations and could impede competition and promote mediocrity in the field.
The bill, H.R. 4134, was passed by voice vote last week, less than a week after California Democrat Linda Sanchez introduced the legislation, according to National Journal's Technology Daily.
The legislation, which hasn't been introduced in the Senate yet, would grant Carlsbad, Calif.-based i-Safe with $25 million to help educate kids around the country about online safety. The bill will also channel $5 million annually to the Justice Department so that it could run a competitive grant program for other online safety groups.
Still, other kids online safety groups are worried about one group having too much power in Internet safety education.
"There are a number of organizations in this space and it makes no sense for Congress to single out one organization," Larry Magid, co-director of ConnectSafely.org, a nonprofit Internet safety organization, wrote in an e-mail.
"I would prefer specific funding to be handled by a federal agency rather than Congress, which really isn't in a position to evaluate effectiveness or appropriate messages."
According to National Journal article, i-Safe has received $11 million in appropriations since 2002, but the group is not scheduled to receive federal funds after this year. The latest bill is the first to designate a set amount. i-Safe has also received support from Microsoft, Yahoo, Verizon, the American Society of Composers and the Recording Industry Association of America.
Representatives from Sanchez's office did not immediately return a request for comment.
It's back to school time, and Internet safety expert Linda Criddle has come up with homework for schools, students and parents: Do a safety checkup of your school's Web site to ensure that it is not making too much personal information publicly available.
She has created Guidelines for Safer School Web Sites to help schools cope with the new realities of our information society. News that can be appropriately shared within a school community--student names, team affiliations, sports practice times, and photos, for example--can expose students to considerable risk for misuse when shared with the whole world online.
Criddle says, "When you know that a student likely lives within the geographical boundaries of the school district, a full name or photo provides too much information. A simple phone book look-up will likely provide their address. These key pieces of information may also unlock other information about a child. For example, a simple search on the child's name gleaned from the school Web site can, for example, be used in Web services like MySpace, Friendster and Facebook to provide even more information that can be used for criminal purposes."
There is a realistic solution to this problem, which is to ask schools to look carefully at the information they are sharing, and to create a two-tier Web site that sequesters identifying information within a password-protected area.
Criddle wants school Web sites to serve as one example that fits into a larger social context. The 4-H club's local Web site, the opera's donor list, or a grief support group's online chat all face similar challenges. Criddle teaches that these issues apply to organizations of all kinds and people of all ages, and raising awareness within schools is one good place to start.
As a previous generation of children was given the blanket advice "Don't talk to strangers," today's kids are told "never give out your personal information online." A new study suggests that this well-intentioned advice is not sufficient to protect children from unwanted sexual solicitation and harassment. The study comes to the controversial conclusion that sharing information online is not correlated with victimization. Many other online safety experts maintain that privacy protection is always a good first line of defense, though clearly not the only step.
The study, published in the February 2007 issue of Archives of Pediatrics and Adolescent Medicine and reported by the AP, found that victimization is likely to be associated with online behavior such as talking about sex with people met online, or intentionally embarrassing someone else on the Internet.
... Read moreMy recent posting about child abuse concerns inherent in "$100 laptop" distribution in the developing world elicited strong responses both in favor and against my position. A new report about the ties between a live Webcam chat site, Stickam.com, and a large online pornography conglomerate underlines the seriousness of these risks, hitting us close to home here in the United States.
... Read more- prev
- 1
- next
