When I received a friend request from my mother on Facebook, my first reaction was to go through all the information on my profile: the messages on my wall, my status updates, photos, groups, EVERYTHING! I finally realized that there was nothing there that would shock her; there was nothing on my profile that she didn’t already know about my interests and social life. I accepted her request.

When this kind of situation arises, some people automatically refuse the request; others accept, but give their parents limited access. The decision is up to you. You know your parents… and their real intentions

Facebook can be a good thing if it’s used the right way. Increasingly popular, social networking sites allow us to create a second identity, a digital identity that goes beyond who we are physically and how we think of ourselves. It’s a platform that many of us use to reveal ourselves, in the simplest forms, through status updates, the likes and interests listed in our personal information, and photos illustrating our lifestyle. The most important thing to keep in mind is that all this information is public and permanent.

Whether it’s a stranger, your parents, your colleagues or your employer who looks at your profile, you should be comfortable with the information that they can view. If you think that a certain photo or information should not be seen by these people, you should not post it online. Screen what you upload. Using Facebook appropriately will avoid any uneasiness.

If having your parents on Facebook makes you uncomfortable because they are constantly writing messages on your wall and commenting on everything you do, then it’s at your discretion to reject their friend request or give them limited access. I encourage you to visit a site that I found very funny called Oh Crap. My Parents Joined Facebook. It was created by two twenty-something girls who discuss and give examples of the parent child relationship on Facebook. A really interesting concept!

Lastly, just try to use the Internet to your advantage. Adjust your privacy settings and, above all, think before you click.

Today is National Child Day – also the 20^th anniversary of the day the United Nations General Assembly adopted the Convention of the Rights of the Child and made privacy a basic human right for everyone under the age of eighteen.

This means that privacy is your right. And with today’s world being so different than it was 20 years ago, this is something you may not think much about. Today, you are videotaped by security cameras almost everywhere you go. You are asked for your postal code or driver’s license when you buy a pair of jeans. You can instant message, update your status, download music, talk to friends on Facebook and play games on your computer with people all around the world. Twenty years ago if someone wanted to get in touch with you they had to phone you or send you a postcard!

Today, it is so easy to forget about privacy and why it’s important. And it’s easy to forget about the risks that are out there if you don’t protect your personal information. These risks can range from nuisance (all those marketers who are looking for people to target their ads to) to serious (from the people on the Internet who are looking for identities to steal, to the predators looking for victims). It’s also easy to forget that when you post comments, photos and videos, online, that information is public and permanent and almost impossible to remove.

So today, on National Child Day, we wanted to remind you that privacy is your right. And today is your day. So take some time to look around youthprivacy.ca. Click through the pages and find out how you can have fun online while protecting this valuable basic human right.

In the world of computer security, the word “phishing” unfortunately doesn’t relate to sitting lazily in a canoe in the middle of a lake, waiting for a whopper to take your bait. What it actually refers to is how criminals attempt to gain access to private or sensitive data (like internet passwords and credit card numbers) by posing as a trustworthy and legitimate organization online. Phishing is very frequently seen in e-mails or instant-messaging. The message will contain a link to a website that looks and feels almost identical to a legitimate one, and it is sometimes very difficult to determine that the website is not genuine.

Many social networking sites have become a prime target for phishing, as these websites contain personal information or details that can be used for identity theft. Criminals will often create a website that looks identical to the homepage of a social networking site to get you to enter your username and password. This information is then sent to the creator of the website and used to hack your account and gain access to all of your information. Criminals might also set up a link in a message within the internal messaging system of the social networking site itself.

There are a few measures you can take to avoid getting “hooked” by phishing websites. First of all, don’t respond to an e-mail asking for personal banking information. This process is rarely ever authentic, and if a bank really does require such personal information, you should call them instead of sending the information online. Authentic companies will not ask their clients for their username or password via e-mail.

Exercise caution with e-mails and personal messages. If you don’t know the sender, try to find out if they are legitimate. Chances are, if something feels “phishy”, it probably is. While many websites have been detected by e-mail servers as potential phishing websites, it is not possible for them to catch every single one.

Protect your computer with spam-filters and anti-virus software, and make sure your firewalls are turned on. These programs are usually helpful in avoiding phishing scams and will help you to detect scams that might be hidden within your computer.

Overall, be cautious and critical of messages from people you don’t know and trust. Never enter personal information online unless you are 100% sure that the website is legitimate and authentic. If you are not sure, it’s a good idea to ask an adult for help.

Good luck, and don’t take the bait!

After reading countless blogs and articles on how important it is to keep your information safe online, you may ask yourself…Is it better to avoid social networking sites all together? This of course is one of the simplest ways to keep your personal information out of the hands of harmful individuals. But can not having an online identity at all be harmful as well?

Not having an online profile, while it may ensure your personal information is safe, could also be detrimental to your chances at a job later in life. “Today’s employers are looking for candidates who have a degree of social media and communications skills as well as an online presence” (National Post). Today’s youth are expected to be extremely knowledgeable when it comes to the internet and its communication possibilities. By establishing a presence in social networks and among your friends and colleagues, you show potential employers that you are familiar with how these tools work. Your social networking and e-communication skills may even look good on your resume.

This doesn’t mean that all employers expect you to have a Facebook or Twitter account. There are several other ways to leave your digital footprint, including; writing a blog or posting comments, posting opinions on news articles, creating a specialized website, signing up for a profile on professional networking sites. It goes on and on …

Before you start posting away, keep in mind that no matter what you’re doing on the Internet it’s always important to think carefully about the message you leave behind. The Internet can be a great tool to present yourself to future employers but can also turn out to be the reason for lost job opportunities.

Think of all the activities you do in a day. You might go to the mall, browse the Internet, chat with friends, play an online game…the list goes on. Now consider how many times you were asked to provide your personal information while doing those activities. It is so common these days that you may not even realize it. Retail stores may ask for your e-mail address, postal code or even telephone number, just to process a sale. On the Internet it seems as though you can’t play any online games without first registering. Have you ever wondered why companies ask for this information? We often just hand it over without questioning the reasons.

Next time you feel uncomfortable handing over your personal information for something as simple as buying a pair of shoes, ask the company why they need it. They should be able to tell you why they need the information, how they will be using it and how they will protect it. If you are dissatisfied with the answer they provide you can decline to provide it and you should still be able to complete the transaction. The law states that a business may only collect personal information about you that is essential to the business transaction. For example, if you are having a purchase delivered, you would need to provide your full address and possibly your name. If further information is requested, you have a right to ask why and to decline to provide it if you are dissatisfied with the answer.

Things become much less clear once you start using the Internet. The Canadian Association of Internet Providers (CAIP) has created a voluntary privacy code that every website is encouraged to adhere to. Although there is no face-to-face interaction, when you are online you still have a right to know how an organization is using your personal information. Answers to these questions should be covered in a site’s privacy policy. It is always a good idea to review a company’s privacy policy, especially if you don’t feel comfortable with the information they are asking for. A typical privacy policy might cover the following elements:

• What type of personal information the organization collects about you
• How your personal information is used and shared with third parties
• How the organization obtains your consent and how you can opt out
• How your personal information is safeguarded
• How you can update your personal information
• How you can contact the organization with your privacy concerns

You might wonder why it’s important to know what organizations are doing with your personal information. It’s simple: once you learn the reasons, you may be uncomfortable with what they’re doing with it. Some companies may sell your information to third parties, use it to send you junk mail, send you unwanted promotional materials or sign you up for contests and subscriptions. The list goes on! An organization can use your information for whatever purposes they feel are useful as long as you have provided them with the information and they have listed those purposes in their privacy policy. It’s up to you to read that policy or ask questions.

So be aware of your rights and you can better protect your privacy, both online and in the real world. You always have a right to know!

Our Commissioner, Jennifer Stoddart is worried that maybe you don’t. After conducting an investigation into Facebook’s privacy policies, we’re now turning our attention to you as the school year gets underway. Because while you may be savvy about using social media, many of you still may not know how to create a secure online identity.

If you’re listening to the radio today you may hear a message from our office that we created especially for you. In case you miss it, we’ve provided clips from it for you here. The gist of it is that many young people are still jeopardizing their safety, and possibly compromising their futures, by sharing photos and information – some of it inappropriate – with people they don’t know… people who may not be who they say they are.

You need to always be aware that the personal information that you post online could be used in a variety of shady ways, from embarrassing you, to stealing your identity – even for finding out where you live, go to school, or your plans for the weekend. Our radio message urges young people (and their parents and teachers) to regularly visit youthprivacy.ca for information on safely using the Internet and social networking sites.

The message also reminds everyone that we’re inviting all young people, between the ages of 12 and 18, to participate in our second annual video contest. Create a one- to two-minute public service announcement on the importance of privacy by Friday, December 11th and you could win some really cool prizes!

Often, starting a new school year also means things like opening a new credit card, going out with new friends, buying new clothes and spending more time online.

All of these things sound fun – and they should be. But you can take simple steps to protect your online identity so that others can’t use your information in ways you hadn’t intended.

Online or not, banking should be safe.

Start by never giving your PIN to anyone and choosing one that is not easy to guess. Plus, never leave your personal information lying around (and don’t write your password on the bottom of your keyboard!)  – even if your roommate is your best friend. You should also keep track of personal documents such as credit card statements. 

Don’t put your information on the marketplace.

Never give out personal information without asking why it’s needed and, if you have to, give marketers only the minimum amount of information necessary to complete a transaction.

Feel free as a bird when you go out! 

Never loan your ID to your underage friends, no matter how badly they may want it. And you should always carry around only the minimum amount of personal information that you need – especially when you go out! Who knows what you’ll lose!

Protect your online privacy – boring but easy to do!  

Read the privacy policies of the Web sites you use and make sure to use the privacy settings. You should also check security procedures on your computer – install anti-virus, anti-spy software and firewalls; make sure that the file and printer sharing options on your computer are turned off; clear your memory cache after browsing; reject unnecessary cookies; and use anonymizers while browsing. Be sure to watch out for scams and to keep your passwords safe and to change them regularly. And make sure you always check to see if a site has a clearly stated privacy policy and the ‘lock’ symbol before doing business and providing your credit card details.

Remember to think twice before you post information; you don’t have to put your whole life on social networking sites! And before you start the fun, make sure that the online forms/games/applications you are using are secure – once again, read the fine print.

You are at the age when you don’t want anyone watching over you – maybe your parents have already given up! This means you need to take responsibility for your private information and your online identity. When it comes to personal information, you never know who’s watching, so… Watch yourself!

Know your privacy rights: it’s your personal information and it’s up to you to protect it. http://www.youthprivacy.ca/

Remember when iPods first hit the market? The 20-GB, grayscale MP3 players were basically awesome. And how convenient they were, to be able to carry and store all of your music in one place. But they’ve definitely come a long way since then, especially with the introduction of the iPhone.

The iPhone is, as I’m sure you all know, an iPod touch combined with cell phone capabilities and technologies. Applications or “apps” can be installed to your iPhone through the internet. Applications can include just about anything: from games, to flashlights, to fake x-ray machines and restaurant finders as well as movie reviews and show times. And it doesn’t end there; the list of iPhone applications is enormous.

There are also applications with GPS technology incorporated into them. “GPS” is short for “global positioning system”, and is a technology that can track where you are in the world. It can also tell you how to get to a destination from where you are. This technology, while it can be incredibly useful, can also have a few privacy concerns.

The application called “GPS Tracker” (created by InstaMapper), for instance, is a program that allows you to create a free account using your e-mail address, a valid username, and password. You then install a small application to your iPhone which periodically sends your GPS coordinates to InstaMapper servers over the cellular data network. Login to your account from any computer and you will see the location of your phone, as well as historical data, on an interactive map.

This is a really neat technology, but is slightly worrying in the sense that your location data is being broadcast across the cellular data network. While it is believed the servers are secure, there is really no way of knowing who has access to your location information.

There is also an application available which allows you to show your location data to people on social networking sites (like Facebook). However, in order to do this, you must disclose your information to a third party, who can track you and your habits to direct marketing towards you and your peers. When you think about it, do you really want your friends and family knowing where you are at all times? Or being able to track your comings and goings? Probably not!

So, enjoy all the cool apps that come with the iPhone, but just be aware of where your personal or location data is going BEFORE you sign up for a service.

Are you a Dwarf, Elf, or maybe a Troll? If you have ever been any of these characters you have most likely played World of Warcraft or a similar online game. The world of online gaming has vastly progressed from an isolated individualistic activity to an entire society of its own, complete with online interactions with others. When you are playing games like this you need to understand that without the proper protection you and your information are vulnerable.

In just one example, more than a thousand gamers in South Korea had their identities compromised through a fantasy game called “Lineage”. Game accounts were created in their names without them being aware of it. In that case it was possible for hackers to attempt to make money by selling those people’s virtual weapons and the character abilities they had earned from spending hours playing the game.

Online game sites have become a growing area for people to access personal information. If someone obtains information about you from the profiles you create in games, they could use it to establish accounts in your name, resell it, or use it to access your existing financial accounts.

When on gaming sites it is important to be aware of having your settings in administrator mode. With some games, your computer will be put on that setting automatically. This is a problem because a hacker can gain full control of your computer at the administrator level. One way to avoid this problem is by web browsing from a user account – while this won’t completely safeguard your computer it is safer than using administrator mode. Some online games are played through a web browser which requires ActiveX or JavaScript in order for the game to work. If you play this way, you and your information are more vulnerable to attacks.

Whenever you’re online it is important to be careful about opening email messages or instant messages that seem odd, or that come from an unknown user. When these messages are opened, hackers can spread a virus or hack into your computer. This is why it’s important to keep an eye out for suspicious messages — especially from unknown users.

Users often use firewalls to help protect their computers. Playing a multiplayer game sometimes requires an exception in the rule set for the firewall. When removing your firewall it is important to understand that it is there to protect your computer from viruses and by removing it you are making you and your information extremely vulnerable. Remember that if you lessen your security measures you’ll be attacked by more than just Orcs!

As part of the Internet Generation, you get it when we discuss social networking sites, blogging, online shopping – often you know more about these things than many of the older people around you! But if you can teach us about new technologies, the Office of the Privacy Commissioner of Canada can teach you the importance of protecting your identity in all spheres of life and about the realities of identity theft.

As mentioned in the “Identity Theft and You” section of our main website, “There’s no widespread agreement on the meaning of identity theft,” but the term is used for “everything from cheque forgery and the use of stolen credit cards to sophisticated scams in which an impostor adopts somebody else’s identity to gain access to their assets.” We often associate identity theft with IT geniuses hacking into computer networks – this is sometimes the case and we shouldn’t turn a blind eye to technological development and its close connection to the emergence of new techniques for exploiting personal information. However, identity theft transcends the virtual world, and it often hits much closer to home.
 
Before addressing the profile of “identity thieves” it would be interesting to see if you are a person at risk. Just answer the following simple questions which will reveal a lot about your habits:
 
1)  Do you carry your Social Insurance Number in your wallet?
2)  Do you throw your balance statements and receipts in the garbage?
3)  Have you revealed your PIN code to your friends?
4)  Do you choose passwords that are common and easy to guess?
 
If you responded “yes” to any of these questions you are in danger of being the victim of identity theft.

Next, for a profile of an “identity thief”, we can refer to Benoît Dupont and Guillaume Louis’s second report (“Identity thieves: a common delinquency profile”) from the Université de Montréal’s Canada Research Chair in Security, Identity and Technology. The report states that an alarming 1.7 million Canadians were affected by identity theft in 2008.

They authors also produced a profile of an identity thief that is more frightening than the virtual profiles we tend to associate with these kind of crimes. They found that while more than 45% of cases of identity theft involve Internet use (mostly to commit fraud) the majority of the identity thieves don’t use the cyberspace to acquire information. Instead, they found that many of these criminals are “ordinary individuals”:

•  40% of offenders are women – this may be attributed to the absence of violence inherent to this sort of crime and the possibility of committing the crime without help from an accomplice.
•  The average age is 33 years.
•  64.6% of the offenders acted alone in the majority of cases.

And the approach these identity thieves take to committing theft is as ordinary as the thief’s profile. It’s a far cry from hacking into computer networks: instead, 53.4% of incidents involve the theft of wallets and purses, and fraud.

It turns out that many people choose to steal identities, simply because it’s easy! According to the research, identity theft is attractive because of the low risk involved and the ease of carrying on this activity. Identity theft has one of the fastest growing crime rates seen in recent years1.

As a result, an increasing number of measures are being taken to give you the tools you need to prevent identity theft, but in reality, day-to-day vigilance is necessary above all else.

Here are some Web sites you can visit to get more information on fraud prevention methods and identity theft:

Office of the Privacy Commissioner of Canada – Read the information compiled for individuals such as Identity theft and you.

The Consumer Measures Committee has a great information sheet for you about Identity Theft. You’ll find a quiz that will help you understand if you’re putting yourself at risk for identity theft, as well as information about what to do if you think your identity has been stolen, how to protect yourself when shopping on the Internet and more.

Privacytown – Privacytown is your online guide to protect your privacy and personal information in the age of electronic commerce and new information technologies.

1. Finklea, Kristin M. (2009). Identity theft: Trends and Issues. Congressional Research Service: Washington DC.