In all my work on online child safety issues, I always try to stress how important education and media literacy efforts are. Indeed, technical parental control tools and methods, while important, should be viewed as just one part of a more holistic approach to encouraging digital literacy and digital citizenship.  In recent years, many scholars and child development experts such as Nancy Willard of the Center for Safe and Responsible Internet Use, Anne Collier and Larry Magid of ConnectSafely.org, Marsali Hancock of iKeepSafe, Common Sense Media, the Family Online Safety Institute, and many others have worked to expand traditional education and media literacy strategies to place the notion of digital citizenship at the core of their lessons and recommendations.

What does it mean? Anne Collier defines digital citizenship as “Critical thinking and ethical choices about the content and impact on oneself, others, and one’s community of what one sees, says, and produces with media, devices, and technologies.” And Common Sense Media defines digital literacy and digital citizenship as follows:

Digital Literacy programs are an essential element of media education and involve basic learning tools and a curriculum in critical thinking and creativity. Digital Citizenship means that kids appreciate their responsibility for their content as well as their actions when using the Internet, cell phones, and other digital media. All of us need to develop and practice safe, legal, and ethical behaviors in the digital media age. Digital Citizenship programs involve educational tools and a basic curriculum for kids, parents, and teachers.

Stephen Balkam, CEO of the Family Online Safety Institute, had an excellent essay in The Huffington Post yesterday on “21^st Century Citizenship,” that did a fine job of explaining these concepts in practical terms:

While there is a recognition that there must be a base-line of safety—using filters for younger kids and monitoring and privacy settings for the older ones—the emphasis is now placed on education, media literacy and a new kind of civics. It’s time for kids of all ages to understand and value the rights of free speech and assembly (i.e., connecting through social networking and other means) as well as an expectation of privacy and safety. And with those rights, go an important range of responsibilities and duties. These include the need to respect others views, even if they disagree with them, to adhere to terms of service (however lengthy and obtuse) and the rules regarding fair use, flaming, accessing or uploading porn, and so on. Just as we teach our kids to help at the scene of an accident, or to report a crime and to get involved in their local community, so we need to encourage similar behavior online. To report abusive postings, to alert a grownup or the service provider of inappropriate content, to not pile on when a kid is being cyberbullied, to be part of the solution and not the problem. We need to use what we’ve learned about social norms to align kids and ourselves with the positive examples of responsible behavior, rather than be transfixed and drawn towards the portrayals of the worst of the web. It may be true that one in five kids have been involved in sexting, but that means the vast majority exercise good judgment and make wise choices online. The social norms field is ripe with possibilities and guidance in how to foster good digital citizenship.

That’s 100% correct. This approach must be at the center of child safety debates going forward. As Nancy Willard notes, digital citizens:

1. Understand the risks: They know how to avoid getting into risk, detect if they are at risk, and respond effectively, including asking for help.
2. Are responsible and ethical: They do not harm others, and they respect the privacy and property of others.
3. Pay attention to the well-being of others: They make sure their friends and others are safe, and they report concerns to an appropriate adult or site.
4. Promote online civility and respect.

Only by teaching our kids to be good cyber-citizens can we ensure they are prepared for life in an age of information abundance.  Talk to your kids, people!  Teach them well.

Online child safety — especially the fear of predators lurking on social networking sites (SNS) — continues to spur calls by state and federal lawmakers for regulation.  At first, some federal lawmakers advocated outright bans on SNS in schools and libraries via the Deleting Online Predators Act (DOPA).  Meanwhile, state and local lawmakers — specifically state Attorneys General (AGs) — have been even more vociferous in their calls for regulation in the form of mandatory age verification for social networking sites, which would cover a broad swath of online sites and activities according to their definitions of SNS. But the question that ultimately gets lost in this debate is: Just how much risk do social networking sites really pose for teens?  Which risks are real and which are overblown? And what’s the best way to deal with the risks that we find to be legitimate?

Nancy Willard devotes her life to answering those questions. Willard is one of America’s leading experts on online safety and risk prevention. She runs the Center for Safe and Responsible Internet Use and she is the author of two outstanding books, Cyberbullying and Cyberthreats and Cyber-Safe Kids, Cyber-Savvy Teens.  In my opinion, Willard’s general approach to online child safety is the most enlightened, level-headed, and likely to be effective. That’s because Willard focuses on putting fears in perspective, identifying the actual risks that kids face online, and devising sensible strategies to deal with risks and problems as they are discovered. Her approach is holistic and built upon sound data, targeted risk-identification strategies, and time-tested education and mentoring methods. For my money, it’s the most sensible approach to online safety issues. In fact, when other parents ask me for “just one thing” to read on the topic, I usually recommend Willard’s work — especially her amazing book Cyber-Safe Kids, Cyber-Savvy Teens. And her background in early childhood education, special education for “at risk” children with emotional and behavior difficulties, as well as experience in computer law, means she is uniquely suited to be analyzing these issues.  In sum, this is woman we should all be closely listening to on these issues.

Recently, Willard has been responding to criticisms that state AGs have leveled against the Internet Safety Technical Task Force (ISTTF) and its final report. [Disclaimer: I was a member of the ISTTF.] I’ve already outlined the ISTTF’s work at length here, but the three key takeaways from the report were that:

1. the risk of predation on social network sites has been over-stated; the data suggest that cyber-bullying is the bigger problem on SNS;
2. there is no silver-bullet technical solution to online child safety concerns, and mandatory age verification, in particular, would not make kids safer online but could even create bigger problems in the long-run;
3. education and empowerment are the real keys to keeping kids safer online.

The response from some state AGs to these findings was quite hostile, with some arguing that the ISTTF did not take online risks seriously enough, or that we relied on “outdated and inadequate” data in reaching our conclusions.  Willard addresses those arguments in a new white paper: “Research that is ‘Outdated and Inadequate?’ An Analysis of the Pennsylvania Child Predator Unit Arrests in Response to Attorney General Criticism of the Berkman Task Force Report.”  In this study, she analyzes data from arrest records from Pennsylvania’s Child Predator Unit to determine exactly how these individuals were operating online. Although it’s just one state’s worth of data — that’s all that seems to have been made publicly available in a single database at this time — it can give us a clue to what might be going on out there. The results are illuminating.

Here’s what Willard found:

The search yielded 143 responses. As noted by the Attorney General, 183 predators had been arrested. All of these arrests were described in the press releases dated from March 21, 2005 to January 13, 2009 – thus allowing for a full analysis of the arrests of sexual predators in the state Pennsylvania for the last 4 years by the Attorney General’s Child Predator Unit. The analysis of the arrests that involved predatory actions, excluding the arrests for child pornography, revealed the following:

• Only 8 incidents involved actual teen victims with whom the Internet was used to form a relationship.
  • In 4 of these incidents, teens or parents reported the contact. The other 4 cases were discovered in an analysis of the computer files of a predator who had been arrested in a sting operation. Five of the cases had led to inappropriate sexual contact. The other situations were discovered prior to any actual contact.
• There were 166 arrests as a result of sting activities where the predator contacted an undercover agent who was posing as a 12 – 14 year old, generally a girl.
  • The vast majority of the stings, 144, occurred in chat rooms. Eleven stings occurred through instant messaging. Nine of the arrests failed to specify the location, but the description bore significant similarity to the chat room incidents. One involved an advertisement that had been placed on Craig’s List.
  • There were only 12 reports of predators being deceptive about their age.
  • The descriptions of these chats incidents bear out what the research reviewed by the [ISTTF’s] Research Advisory Board found – that online predators are rarely deceptive about their interests.

Specifically,”Because the attorneys general have been focusing their attention on the social networking sites, MySpace and Facebook,” Willard made sure to give “special attention to any case that mentioned any activity occurring on either of these two sites.” Here’s what she found in that regard:

• One of the incidents involving an actual teen victim, communications took place on MySpace. This was a rearrest of a person who had already been arrested through a sting.
• A police officer who was arrested for sexual abuse of many teens with whom he had interacted with in the line of duty also had a MySpace account with friendship links to teen girl, but there was no assertion that these communications had led to sexual activity.
• One predator in a sting provided the agent with a link to his Facebook page.
• In 5 of the stings that took place in a chat room, reference was made to the fact that the predator had either looked at the teen’s MySpace account or suggested the teen look at his profile.

Importantly, Willard points out, “Despite the establishment of one or more public profiles on MySpace [by the PA Child Predator Unit], there has apparently not been one successful sting operation initiated on MySpace in the more than two years during which these sting profiles have been in existence.”

From these findings, Willard concludes that:

The insight gained through an analysis of the Pennsylvania Attorney General’s press releases on arrests for online sexual predation provide strong support for the validity of the conclusions of the Berkman Research Advisory Board and demonstrate the need for greater collaboration between law enforcement and researchers to address the actual risks to young people from sexual predators online.

In other words, the Pennsylvania data seem to confirm that predation is not as serious of a risk on SNS as some AGs had claimed. “It appears that chat rooms are far less safe than social networking sites and that there is limited inclination and ability of predators to use social networking sites to contact potential teen victims,” Willard notes. Consequently, she argues:

Attention must be paid to the obvious risks related to chat room communications, as well as the risk factors that are being manifested by the young people who may still be frequenting these chat rooms, especially the chat rooms where sexual relations are being discussed. It appears that rather than seek ways to discourage teens from participating in social networking sites, these sites are destinations that should be encouraged as much safe than the alternatives. A focus must be placed on improving the protective features of chat rooms that are frequented by minors.

We need to know more about which chat rooms are in question and why some youth visit those chat rooms. More importantly, how can we develop sensible messages for youth about the dangers of chat rooms that are targeted to adults and adult sexual activity?

But it is vitally important not to lose sight of the big picture here. As Willard summarizes it:

The incidents of online sexual predation are rare. Far more children and teens are being sexually abused by family members and acquaintances. It is imperative that we remain focused on the issue of child sexual abuse – regardless of how the abusive relationship is initiated.

Indeed, volumes of research on child abuse, child predation, and child abduction all point to this same conclusion: Your kids are actually more at risk from known acquaintances — especially family members — than they are from random strangers (including random strangers they might meet online).

Of course, this doesn’t mean we shouldn’t continue to develop sensible educational messages for youth about proper online behavior and how to report legitimate problems or troubling interactions that they experience online. Again, Willard has done this elsewhere and many of us (including those of us involved in the Berkman Center task force) have long been pushing for increased resources for online safety education and media literacy efforts as the first, best step towards improving online youth safety. We need to get AGs and other policymakers to work together with us to get this important task started — now!

Finally, Willard correctly notes that the AGs and other law enforcement agencies need to be willing to release more data like the Pennsylvania AG did such that further analysis of this problem is possible. If the AGs’ primary complaint with the ISTTF report was that the data we used was somewhat dated, then the best solution to that problem is for the AGs and other law enforcement agencies to open up their records to the child safety community so that risk researchers like Willard can get a better feel for what’s going on out there and devise strategies to deal with it.  Unfortunately, there’s still too much horn-locking going on between these communities and, sadly, I think some AGs are using this issue to create an atmosphere of fear for political gain. We need to find ways to communicate actual risks — such as those that kids would face in some specific, adult-oriented chat rooms — without going overboard and making parents and the general public think that there’s a bogeyman on every cyber-corner of the Internet.

[ Further reading: As usual, my friend Anne Collier over at Net Family News.org has done a much better job summarizing an issue than I have. Read her discussion of Nancy Willard’s paper and its implications here.]

In a big post two months ago entitled “Age Verification Debate Continues; Schools Now at Center of Discussion,” I noted that there has been an important shift in the age verification debate: Schools and school records are increasingly being viewed as the primary mechanism to facilitate online identity authentication transactions. I pointed out that this raises two very serious questions: Do we want schools to serve as DMVs for our children? And, do we want more school records or information about our kids being accessed or put online?

Brad Stone of the New York Times has just posted an important article with relevance to this debate. In it, he points out that:

performing so-called age verification for children is fraught with challenges. The kinds of publicly available data that Web companies use to confirm the identities of adults, like their credit card or Social Security numbers, are either not available for minors or are restricted by federal privacy laws. Nevertheless, over the last year, at least two dozen companies have sprung up with systems they claim will solve the problem. Surprisingly, their work is proving controversial and even downright unpopular among the very people who spend their days worrying about the well-being of children on the Web. Child-safety activists charge that some of the age-verification firms want to help Internet companies tailor ads for children. They say these firms are substituting one exaggerated threat — the menace of online sex predators — with a far more pervasive danger from online marketers like junk food and toy companies that will rush to advertise to children if they are told revealing details about the users.

Stone highlights the efforts of eGuardian, a California company that, “asks a parent to submit the birth date, address, school and gender of a child, then it asks schools to confirm the information.”

Over the last year, eGuardian has been approaching schools, primarily in California, and offering them the entire $29 sign-up fee when they persuade parents to sign up their children. EGuardian’s real money-making hope — and this is what makes [Nancy] Willard nervous — is to have Web sites pay a commission for each eGuardian member. The Web site can then use the data on each child to tailor its advertising.

Nancy Willard, one of America’s leading online child safety experts, is the executive director of the Center for Safe and Responsible Internet Use, and the author of the outstanding book, Cyber-Safe Kids, Cyber-Savvy Teens. The concern she raised with Brad Stone is that “Age verification companies are selling parents on the premise that they can protect the safety of children online, and then they are using this information for market profiling and targeted advertising.” Basically, companies like eGuardian give the software to schools or parents and then hope to make it back through targeted advertising. According to Stone’s article, “EGuardian’s real money-making hope — and this is what makes Ms. Willard nervous — is to have Web sites pay a commission for each eGuardian member. The Web site can then use the data on each child to tailor its advertising.”

I’m not quite as concerned about the advertising / marketing issue as Nancy Willard, but I am equally disturbed about the prospect of using schools as online age verification agents– or partnering with others to make that happen. I apologize for quoting myself at length on this point, but here’s how I stated my concerns before:

[I]nvolving schools in any age verification scheme would raise serious privacy concerns and administrative problems. Depending on how the scheme worked, the administrative burdens imposed on schools could be significant. Someone at each school would have to be in charge of answering phones calls and e-mails from potentially hundreds of website operators looking to age-verify minors. Who will be liable if things go wrong? The school? The school district? An employee in the school’s administrative department who accidentally releases thousands of digital records? And will schools receive the additional funding needed to administer whatever scheme is mandated? Moreover, if schools are required to create more accessible databases containing personal information about minors, who else besides social networking websites would be given access? Data breaches would become a real concern for both students and schools alike. Such a scheme could run up against federal or state laws. For example, the Family Education Rights and Privacy Act of 1974 makes it illegal to release school records without written permission from parents. Both parents and government officials have long demanded that access to school records be tightly guarded because, as a society, we take the privacy of our children very seriously. Thus, serious questions remain about the wisdom and practicality of roping the schools into the age verification process. Most schools and school districts are already over-burdened with federal and state mandates and probably wouldn’t like the sound of additional mandates of this variety.  But what if a technology vendor could serve as the middleman and facilitate the easy transfer of some basic data about kids from the school system in an effort to provide digital credentials? That’s probably where we are heading.  Even the most vociferous advocates of age verification for minors must realize how absolutely radioactive this issue could become since school records about our kids are in play here.  Identity theft concerns are already running at an all-time high in our country and the thought of being required to surrender more info about our kids in this environment is not going to go over well with many parents. But, again, what if we could keep to a minimum the amount of data being transferred about the child to the vendor or the SNS?  Perhaps at the beginning of each school year when a minor is registering they could be given a “secure” digital token or ID number that only associated a grade year (i.e., “sophomore”) with their name, and little or no additional info was included in that token in order to minimize the threat of identity theft or privacy violations.  Of course, the fewer pieces of information contained in that token or credential, the less likely it will be a credible verification tool, or the more likely it is it will be easy to forge or defeat (especially by kids themselves). Regardless, whether we like it or not — and I do not like it one bit — schools are now at the center of the online age verification debate. It will be very interesting to hear what the educational community itself has to say about this development going forward. […] Something tells me that school administrators and educational officials aren’t going to look too kindly on proposals that would turn them into the equivalent of a DMV for kids.

Interestingly, Richard Blumenthal, the attorney general of Connecticut, who has been one of the leading proponents of age verification, told Brad Stone that the privacy issues raised by Willard and others are now on his radar screen:

“The attorneys general would be very concerned about using age verification to promote marketing or any other kinds of promotional pitches or gimmicks aimed at specific age groups,” he said. “Targeted marketing may have its place, but it should not be coupled with the issue of childhood safety.”

That’s good to hear. But I hope Mr. Blumenthal and the other AGs realize that that is just one of many reasons to be concerned about mandatory online age verification, especially if it involved schools as age verification agents. It has troubling implications for schools, kids, parents, free speech, online anonymity, privacy rights, and much more. Most importantly, as I made clear here, it remains highly unlikely that online age verification would actually do anything to really keep kids safer online. In sum, the costs far outweight the benefits when it comes to mandatory age verification.