At the Internet Society’s Student Pizza Night during IETF 96, I asked several students from Europe, Asia, and North America how they would respond to the same question:
How do we make young Internet users more secure?
Every student I asked said that security for young Internet users is a problem. The majority thought that both poor security practices and a general ignorance of the risks contribute to the problem. Pokémon Go was used as an example. Millions of younger users may be playing games without considering the security and privacy implications they may have. In this specific case, the developer, Niantic, gathers data from its users and may give it to third parties. Although it has since been removed in a patch, the Pokémon Go app also demanded full access to some users’ Google accounts.
While a few students supported better education about security for young users, most argued for a technical solution. They suggested that strong end-to-end encryption should be automatic on apps and services. By taking away the effort or knowledge needed to use security tools, most students thought that a greater number of young people would be better protected. This is particularly important for the youngest of users who may not yet know how to put good security practices in place.
Some students felt that improved education would help young people learn security and privacy skills. Many others disagreed. They said that few young people will apply difficult to use security tools, regardless of education. Indifference was also cited as a problem. This reminded me of a friend who said, only half-jokingly, that “in exchange for Pokémon? Niantic can read all my emails and my google searches if they want.”
While I agree that technical solutions can help reduce the problem, I do not believe they are the only solution. It is important that we give people better tools to protect themselves and that they are automatically or easily implemented. There are some attacks, like phishing or social engineering, that may be difficult to address with technology. Education and awareness campaigns, particularly those developed with input from young people, are important for equipping youth with the knowledge and skills necessary to defend against these attacks.
Although the students I spoke with focused on either technical or educational solutions, there are many more ways to help young users be more secure online. It is important that youth think about their security online, talk about it with their friends, and are actively involved in creating new security solutions. [1]
In Pokémon Go, the closer you are to a Pokémon, the more likely you are to find and catch it. In life, the closer you are to a problem, the more likely you are to solve it.
Five Ways Young People Can Boost Their Online Security
1. Talk to your friends and family. How do they stay safe online?
2. Become active. Join the Youth Observatory – a group of young people around the world who are changing how we make Internet policy!
3. Check out your social media privacy settings and app permissions. Read US-CERT’s tips for Staying Safe on Social Networking Sites and Tripwire’s article on flashlight app permissions.
4. Learn about your online life! There are some great tutorials that can help like the Internet Society’s Digital Footprint.
5. Tell decision makers your voice counts when it comes to discussions around the future of the Net. Use the hashtag #dreamInternet and let people know your solutions for helping young people be more secure online.
Note:
[1] The Internet Society Fellowship to the Internet Engineering Task Force enables technology professionals, advanced IT students, and other qualified professionals from emerging and developing economies to attend IETF meetings.
Image credit: University Life 30 CC BY 2.0