There was an interesting article in the Seattle Times today about MySpace’s efforts to protect kids.
Click here for the Seattle Times Article.
Entry Filed under: legal and privacy
Add comment January 15th, 2008 at 05:12pm
Chris Tugwell
Permalink
Is a minor bound to an agreement with the operator fo website where such minor promises to waive liability, to refrain from conduct that may lead to liability, or to other terms of using the website? What does this mean for Youth Commons?
What terms are common among websites with minor users? What are some terms we would recommend Youth Commons include in its user agreement?
What are the reuirements of the Children’s Online Protection Act (”COPPA”) and the Chid Online Protection Act (”COPA”) that Youth Commons must follow?
read entire summary Download YouthCommonsTermsofUseHansonKnight.doc
Entry Filed under: legal and privacy
Add comment January 10th, 2008 at 10:55am
Chris Tugwell
Permalink
Any website featuring content posted by both the site administrators and users should be aware of their tort liability; YouthCommons is no exception. This memo focuses on the tort of defamation under Wash. State law and the related Federal law, including brief description of both. Although the users of YouthCommons may be liable for content posted on the site, as a neutral service provider, YouthCommons itself is probably protected by the federal law described below… read entire document
Download YouthCommonsTortLiabilityHallRingland.doc
Entry Filed under: legal and privacy
Add comment January 10th, 2008 at 10:51am
Chris Tugwell
Permalink
Hi all,
This is a relevant thread from Sam’s DigitalAid site which I am reposting to the blog for posterity. ~DEEN
—Hello there.
Digital
cameras store, in addition to photographs themselves, some metadata
about the photographs. This metadata is often embedded with the image
itself. This can provide interesting data about a photograph. But it
can also be a privacy issue. Here is a post about this issue: http://netzreport.googlepages.com/hidden_data_in_jpeg_files.html
Question for you:
Lemme know!
-Sam
Hi Lance,
I got your email but not because of the reply – to post to the website
project management site you have to click on the link in this mail and
log in. I think there is a way to retrieve a forgotten password but I
can reset if needed.
I could post it to the blog, but the nice thing about the PM site is that
it keeps our email correspondence about the topic threaded and I get
the emails. Does the blog send emails of all comments? Deen?
I wonder, depending how the blog works, if we might use the PM site for
all this stuff and if somebody might, at some point, create blog posts
either copying or referecing the relevant PM messages.
Trying to keep it simple, but also be sure we all get included on the conversation.
Maybe just because of holiday but I didn’t see any response to my blog post about YouTube versus Blip TV - did folks see that?
Thanks!
Thanks
for the information, Sam. I went to the netzreport site and actually,
there is a link at the bottom for a pdf of various examples where you
can actually see the whole image after it had been cropped.
I believe the site needs to be a safe place for youth to express
themselves and am not sure that they will feel as safe knowing that
images they had manipulated and placed on the site can expose what they
don’t want others to see. I also see this as an educational
opportunity, as I didn’t know that this was an issue with larger
implications.
I would like to hear from the Y folks who work directly with kids and whether they have experienced this as a problem.
Thank you!
Thanks for bringing this to our attention, Sam.
Sam,
do you know why most people don’t bother to strip or print the data? Is
it because they are unaware there is metadata stored on the photo?
The link you provided included a couple of real life scenarios where the
embedded metadata created some problems. I would hate to see something
like this happen to any of our users.
What’s the added cost for stripping photos?
Do you have a strong opinion on what we should do?
I’m sure most people have no idea. I had no idea either, to be honest,
until I stumbled on a Drupal module that attempts to strip some of it
out, and researched the issue a bit.
My personal opinion is that it is a very good thing to educate youth (and parents!) about. And
that actually stripping out the data on the PSO
site would be a good gesture, but not a whole lot more than a gesture
if we presume that youth are out uploading photos other places too.
Plus, I’m wondering about videos – is there any such encoding on videos? Etc. I have no idea.
I think it would be a very interesting project for a student to research
this issue. I bet there are software programs – probably at least one
free program – that you can run photos and videos through to completely
strip all the information before then sending it on to whatever website
or other place you’re sending it. It might be cool to encourage youth
to do that or to at least know how.
In terms of having the PSO site strip the info from JPG
files: There is a module already that makes the attempt to strip most
of the information – it would have to be modified to make it work with
this site, because I’m using a different and better method for image
handling, but i’ll put together a cost estimate. However, I’m
optimistic that we can get it done within our current development
budget.
Naturally it wouldn’t impact video or images from third party sites.
Amazing stuff!
Best,
-Sam
Entry Filed under: PSO website development, legal and privacy
1 comment January 4th, 2008 at 09:52am
Deen Freelon
Permalink
CONTENT POLICY
Puget Sound Off (PSO) is designed to provide youth with a forum for discussion, artistic expression, and action as a way to empower and encourage youth voice. PSO aims to be a catalyst for increasing youth involvement and engagement within the community. We desire to build community by encouraging expression of one’s beliefs while maintaining respect for others.
Important issues may sometimes require the addition of controversial or sensitive content, but good taste must come first in PSO’s content. PSO will be inclusive and respect the rights and feelings of others. In order to attain this goal, the following content is prohibited on Puget Sound Off:
· Content that is obscene, pornographic, or sexually explicit;
· Content that is violent;
· Post or share any personally identifiable or private information of any third party;
· Harm members in any way;
· Collect or store personal data about other users.
· Stalk or otherwise harass another;
· Engage in any predatory or stalking behavior.
Postings, blogs, photos, videos, or other content are not necessarily reviewed or approved by PSO or does the content reflect the views of PSO. Failure to adhere to this code of conduct may result, among other things, in the termination of your account and the deletion of content that you have posted on Puget Sound Off, with or without notice. PSO may reject content that, in its judgment, is deemed inappropriate.
This Code of Content is subject to change at any time at Puget Sound Off’s sole discretion.
Entry Filed under: legal and privacy
4 comments January 3rd, 2008 at 06:20pm
Chris Tugwell
Permalink
I received an email from Michael at Power of Hope about getting some content from their organization for the launch of our site. He responded with interest:
“I’m about to go in to a meeting with my team here, and will discuss your proposal and get back to you right away. One main thing to consider - in our field we are very protective of contact info for our youth participants, to keep them safe. Is there a safeguard built in to your system that keeps their contact info hidden? Naturally we understand that a safeguard of this kind adds a layer of complexity and ‘web monitor’ time to someone’s plate.”
I wanted to make sure we’re all on the same page with an answer to this important question. Sam’s response was:
“* Email addresses will not be published
* Contact info will not be published other than neighborhood and/or zip code
* IF we want to enable one-on-one email correspondence between site users then we can give youth a contact form that people can use to send them email messages. Not sure if this is desirable. This is not on the feature list but it’s about 2 clicks to set up so it would be easy to add.
* In a wireframe I’d suggested having IM usernames but this was a dumb suggestion given the youth audience; we’re not doing that.”
Let me know if you have anything to add here, as this is a question I imagine we will receive from potential new partners often.
Thanks!
Entry Filed under: legal and privacy, partner strategy
2 comments December 4th, 2007 at 10:38am
Toby Campbell
Permalink
David has asked me to post the following article on cybersecurity. It’s definitely worth a read.
Moneybookers, a provider of secure online payment solutions, has said that internet users are at an increased risk of identity fraud, owing to the growth in the number of online social communities.
The company’s security department monitors and analyses internet user behaviour as part of its risk analysis. It says the popularity of Facebook in particular, combined with the privacy settings offered by the community, could be more dangerous to personal identity security than tricksters who resort to phishing.
Facebook uses privacy filters which allow users to choose their privacy levels and the kind of information they would want to reveal. However, Moneybookers security experts have expressed concerns regarding the fact that most users aren’t aware of the risk they expose themselves to by posting personal details on the web. Moreover, they consider Facebooks’ current default privacy settings to be risky, considering the size of the community.
Amongst the many reasons listed is the fact that the user is asked to provide his/her real name, location, company and date of birth at the time of registration. This information is by default available for all the networks and friends to see. In addition, the community is no longer restricted to students.
It now includes a growing number of professionals, a hard-to-resist temptation for fraudsters. Popular networks are pre-selected by Facebook, such as the London network for Londoners, while registering. This makes the profile available to all members of the network by default, unless the settings are changed.
Vigilance and caution is what the security experts recommend. They suggest changing of privacy settings if the user joins a popular network. This way, members will not have direct access to sensitive information. They also recommend that users don’t display their date of birth and do not allow external search engines to index their profile. Finally, Moneybookers advises users to ensure that hints to their passwords are not available on their Facebook profile.
Entry Filed under: legal and privacy
1 comment November 29th, 2007 at 10:11am
Deen Freelon
Permalink
Below the fold you’ll find a copy of my draft privacy policy. In the document I’ve noted several places where input is needed, so feel free to help with that or anything else you see that needs fixing. The parenthetical citations at the end of most sections indicate the sources of the foregoing text which I modified for our purposes (TIG = TakingITGlobal, YN = YouthNoise, YAN = YouthActionNet). I’ve also attached a Word file containing the same text here: Download psoPrivacy.doc
———-
Privacy policy
What this privacy policy covers
This Privacy Policy covers Puget Sound Off’s (hereafter PSO) treatment of anonymous and personally identifiable information that we collect when you are on the PSO site or when you use PSO’s services. (TIG)
Information collected
PSO collects the following information from members upon signing up:
This information will only be accessible by the user who entered it and PSO.
PSO also automatically collects certain non-identifying information from every visitor. These include but are not limited to:
Use of collected info
PSO reserves the right to collect, to use, and to disclose to third parties information about general access to and usage of PSO and any related services, including information gathered during use of PSO. Any information disclosed will be in the form of aggregate data (such as overall patterns or demographic reports) that does not describe or identify any individual user. PSO will not sell or rent your personally identifiable information to anyone. PSO may perform statistical analyses of user behavior in order to measure interest in the various areas of PSO for funding or product development purposes. PSO will not release Personally-Identifiable Contact Information to third parties, except in compliance with the legal process or otherwise with the permission of the Member, Visitor, or other individual user whose Personally Identifiable Contact Information may be released. (YAN, TIG)
Cookies
PSO may set and access cookies on your computer, used to identify your member account and to allow for the proper functioning of the PSO web site and accompanying services. Cookies are small data files that are sent to your browser from PSO’s Web server and stored on your computer’s hard drive. PSO uses cookies to keep and sometimes track information about you in order to deliver better and more personalized services. (TIG, YN)
Protection for personal information
Your PSO Profile is password-protected. This means that only you will have control over who can access your identifying information. To make the password protection helpful, do not give your password to anyone. If you are using a shared or public computer, we suggest that you sign out of the PSO site and sign off from the computer when you are finished. This will help protect your information. (For example, don’t leave the school or a library computer running and open at the PSO site and sign off before someone else starts using it.) When you create your username and password, please avoid using personally identifiable information such as your name. PSO does endeavor to use secure technology where practical, however, no data collection technology or data transmission technology is 100% secure. Unfortunately, we cannot guarantee the security of information provided or sent to us. Remember, you are participating in PSO at your own risk. (YN)
Changes to this Privacy Policy
PSO may amend this policy from time to time. If we make any substantial changes in the way we use your personal information, we will notify you by posting an announcement as a rotating spotlight and/or similar method on our home page. (TIG)
Contact
If you have any questions, comments or complaints about how we use your information, please contact us.
Via postal mail: address
Via telephone: phone number
Via email: email address (TIG)
Entry Filed under: legal and privacy
2 comments November 27th, 2007 at 10:48pm
Deen Freelon
Permalink
Something to pay attention to, some big companies are trying to pass some new principles to protect copyright infringements in sites that host UGC (youthcommons would qualify as one). Some of this requirements are quite complex.
http://www.ugcprinciples.com/
Electronic Freedom Frontier response:
http://www.eff.org/issues/ip-and-free-speech/fair-use-principles-usergen
Blogged with Flock
Entry Filed under: legal and privacy
The NYT reports today that Facebook will be revising its child safety
information in response to a recent investigation by the New York state
attorney general’s office. State prosecutors discovered that fake teen profiles created as part of the investigation attracted “sexually suggestive” messages within days. This is something we’ll definitely need to keep strongly in mind, as our site will target kids under 18 almost exclusively. Perhaps this is another reason to outsource the social networking aspect of our project to the experts . . . ? In any event, the upcoming full set of legal disclaimers and privacy policies that Savannah and I are working on will no doubt shed additional light on this troubling issue.
Entry Filed under: legal and privacy
1 comment October 16th, 2007 at 06:25pm
Deen Freelon
Permalink
