What’s in store for children’s online safety?

André Lameiras, Security Writer at ESET explains as children’s safety and privacy online becomes a matter of increasing urgency, lawmakers around the world push ahead on new regulations in the digital realm

Tomorrow is Safer Internet Day (SID), an annual awareness campaign that started in Europe in 2004 and that aims to highlight the need for people to enjoy the benefits of the internet while mitigating their exposure to online risks. Now in its 20th edition, SID has evolved into a landmark event in the global digital safety calendar, with a range of supporting organizations from all over the world working together for a better internet.

This challenge becomes even bigger and, indeed, more acute when it comes to keeping children, teens and tweens safe. During the pandemic, kids’ screen time increased 1.5 times, making millions of overly confident digital natives vulnerable to scams, cyberbullying, abuse and doxing.

As overwhelmed parents, caregivers and educators are trying to keep up with the ever-changing realities of the online world and the growing and emerging risks, kids’ digital safety has evolved into a global concern. Whether you are a caregiver, educator, researcher or have a role in policymaking, there’s a lot we could all be doing to facilitate healthy digital behaviors in the younger and future generations.

FIRST: From governments to civic organizations
Despite all the risks, it is important to remember the benefits of technology: access to information, learning opportunities, socialization, discovery of different cultures and places, and more. Kids are exposed to an unprecedented amount of knowledge. And, inevitably, they will grow up immersed in technology and interconnectivity, making it even more relevant to prepare them for the online world just as we do for any other part of their daily well-being.

And while parents and educators are in the spotlight, it is safe to say that the way we take care of our kids is regulated by the work of lawmakers who bring into national legislation the matters agreed, for example, in the Convention of the Rights of the Child. Thus, lawmakers have an especially important job when it comes to ensuring the privacy and safety of kids online.

Several government entities at different levels have been working to help ensure the protection of children online. For example, the European Commission’s 2022 Strategy for a better internet for kids (BIK+) is “the digital arm of the rights of the child strategy and reflects the recently proposed digital principle that ‘Children and young people should be protected and empowered online.’” It includes several recommendations on developing age identification methods, a cyberbullying helpline and the need for cooperation with trusted flaggers to swiftly assess and take down illegal content. In parallel, the EU’s Digital Services Act (DSA) requires that companies “put the interests of children at the forefront of their considerations.”

Simultaneously, a similar discussion is taking place in the United States with the Children and Teens’ Online Privacy Protection Act (COPPA 2.0) and the Kids Online Safety Act (KOSA).

The former builds on the existing COPPA law that among other things, aims to protect children younger than 13 from websites and online services that ask for their personal information by requesting parental consent with the data collection and use. The latter, meanwhile, recognizes “the role of social media platforms’ in the mental health crisis” of children and teens. The act is expected to create a “duty of care” under which social media platforms, streaming services and video game makers are responsible for preventing harmful behaviors toward minors,, for example by implementing new content filters and giving new tools for parents.

To finalize these proposed laws, both EU and US lawmakers have looked to civic organizations, informal groups, NGOs and researchers for advice. In the US case, due to the specific nature of this law, the members of Congress responsible for KOSA included in their hearings the parents of kids who died due to the harmful effect of social media, thus making their voices heard.

On the other hand, as the legislation made its way to the US Senate, several organizations, including the Center for Democracy and Technology, the Wikimedia Foundation and the Yale Privacy Lab, addressed a letter to the upper chamber of the Congress alerting for the potential “unintended consequences” of passing KOSA. According to these organizations, “content filtering is notoriously imprecise; filtering used by schools and libraries in response to the Children’s Internet Protection Act (CIPA) has curtailed access to critical information such as sex education,” but KOSA could also have “the practical effect of enabling parental surveillance of 15- and 16-year-olds.”

SECOND: From academics and researchers to educators
In October 2022, four university researchers from North Carolina published a study called “Teacher and School Concerns and Actions on Elementary School Children Digital Safety”. The paper – published in TechTrends, a journal for professionals in the educational communication and technology field – echoed the concerns of schoolteachers over children’s digital safety, alerting that “while children know the online world at a younger age, they do not yet know how to navigate the world safely in terms of privacy and security.” Instead, teachers are left to “support the digital safety of their students by developing their own professional knowledge of digital safety.”

These researchers allowed a unique perspective on the problems teachers face by exploring their experiences on students’ digital safety, allowing for a categorization of five important areas of concern:

  • Content-related: searching for inappropriate material and accessing inappropriate websites
  • Contact-related: inappropriate contact with strangers online, sharing information without perceiving risk
  • Conduct-related: cyberbullying, inappropriate peer interaction, lack of awareness of digital footprint
  • Contract-related: lack of awareness of digital security and privacy
  • Home-related: lack of parental monitoring of online activity

Ultimately, this work, among other scientific research, reflects teachers’ experience and is an important resource for legislators and others who develop internet safety guidelines.

THIRD: Parents and caregivers
According to a Pew Research Center survey from December 2022, 46% of US teens aged 13 to 17 have been bullied or harassed online. Among the most common types of harassment are name-calling, spreading of false rumors, receiving unsolicited messages with explicit content, receiving requests for personal information, receiving physical threats or the sharing of messages without consent.

Meanwhile, in a separate questionnaire, parents revealed their biggest concern is their teens’ exposure to explicit content along with wasting time on social media and being distracted from homework. Being harassed or bullied was a concern for only 29% of parents.

Being a caregiver in the digital era is, undoubtably, a tremendous task that requires constant awareness, updated knowledge and, no less importantly, enough time: time to talk about digital safety, time to spend discovering all the apps kids use and all the games they play, and time to set up parental controls and oversee children’s online activity. And while school and work used to have a time and space, home offices and schooling from home have changed that.

While the work of lawmakers should make it easier for parents to ensure their kids’ safety, that is not always the case. Just recently, several streaming services and social media platforms started requesting kids’ birthdates in order to continue providing their services, leaving parents baffled and uncertain: should they give away such personal information? Or should they provide it to ensure their kids are watching age-appropriate content?

New legislation on kids’ online privacy and safety, including COPPA 2.0, KOSA and California’s new Child Privacy Law, are pushing the companies behind these services to request detailed information in order to ensure their compliance with the legislation. The problem, however, is that while kids still have a small digital footprint, they might become more subject to targeted ads and recommendations. Moreover, the risk of a leak involving more detailed information about a kid makes them more susceptible to malicious actors.

Small rules we can all enforce
As the distinction between “online” and “offline” seems to be fading or even becoming obsolete, finding the best way to guide kids through the complexities of safety, privacy, abuse, and the difference between “what’s funny” and “what’s damaging” can be extremely overwhelming.

So while we’re all figuring this out, there are a few small infallible things we can tell kids right now:

  • You don’t know who is on the other side of the screen.
  • Never share personal information (name, address, school, etc.) with people on the internet.
  • Use a nickname and an avatar.
  • Don’t argue online.
  • Don’t let anyone argue with you online. Block them and tell an adult.
  • Never meet an online stranger in person, just like you wouldn’t enter a stranger’s car.
  • What happens on the internet, stays on the internet – forever. Nothing is secret.
  • Even disappearing messages can live forever if someone takes a screenshot.
  • Even friends can share something you asked them not to share with anyone, so don’t send things you don’t want anyone else to see.
  • Don’t let friends take your devices and play with them without your supervision.