Our Commissioner, Jennifer Stoddart is worried that maybe you don’t. After conducting an investigation into Facebook’s privacy policies, we’re now turning our attention to you as the school year gets underway. Because while you may be savvy about using social media, many of you still may not know how to create a secure online identity.

If you’re listening to the radio today you may hear a message from our office that we created especially for you. In case you miss it, we’ve provided clips from it for you here. The gist of it is that many young people are still jeopardizing their safety, and possibly compromising their futures, by sharing photos and information – some of it inappropriate – with people they don’t know… people who may not be who they say they are.

You need to always be aware that the personal information that you post online could be used in a variety of shady ways, from embarrassing you, to stealing your identity – even for finding out where you live, go to school, or your plans for the weekend. Our radio message urges young people (and their parents and teachers) to regularly visit youthprivacy.ca for information on safely using the Internet and social networking sites.

The message also reminds everyone that we’re inviting all young people, between the ages of 12 and 18, to participate in our second annual video contest. Create a one- to two-minute public service announcement on the importance of privacy by Friday, December 11th and you could win some really cool prizes!

Often, starting a new school year also means things like opening a new credit card, going out with new friends, buying new clothes and spending more time online.

All of these things sound fun – and they should be. But you can take simple steps to protect your online identity so that others can’t use your information in ways you hadn’t intended.

Online or not, banking should be safe.

Start by never giving your PIN to anyone and choosing one that is not easy to guess. Plus, never leave your personal information lying around (and don’t write your password on the bottom of your keyboard!)  – even if your roommate is your best friend. You should also keep track of personal documents such as credit card statements. 

Don’t put your information on the marketplace.

Never give out personal information without asking why it’s needed and, if you have to, give marketers only the minimum amount of information necessary to complete a transaction.

Feel free as a bird when you go out! 

Never loan your ID to your underage friends, no matter how badly they may want it. And you should always carry around only the minimum amount of personal information that you need – especially when you go out! Who knows what you’ll lose!

Protect your online privacy – boring but easy to do!  

Read the privacy policies of the Web sites you use and make sure to use the privacy settings. You should also check security procedures on your computer – install anti-virus, anti-spy software and firewalls; make sure that the file and printer sharing options on your computer are turned off; clear your memory cache after browsing; reject unnecessary cookies; and use anonymizers while browsing. Be sure to watch out for scams and to keep your passwords safe and to change them regularly. And make sure you always check to see if a site has a clearly stated privacy policy and the ‘lock’ symbol before doing business and providing your credit card details.

Remember to think twice before you post information; you don’t have to put your whole life on social networking sites! And before you start the fun, make sure that the online forms/games/applications you are using are secure – once again, read the fine print.

You are at the age when you don’t want anyone watching over you – maybe your parents have already given up! This means you need to take responsibility for your private information and your online identity. When it comes to personal information, you never know who’s watching, so… Watch yourself!

Know your privacy rights: it’s your personal information and it’s up to you to protect it. http://www.youthprivacy.ca/

Remember when iPods first hit the market? The 20-GB, grayscale MP3 players were basically awesome. And how convenient they were, to be able to carry and store all of your music in one place. But they’ve definitely come a long way since then, especially with the introduction of the iPhone.

The iPhone is, as I’m sure you all know, an iPod touch combined with cell phone capabilities and technologies. Applications or “apps” can be installed to your iPhone through the internet. Applications can include just about anything: from games, to flashlights, to fake x-ray machines and restaurant finders as well as movie reviews and show times. And it doesn’t end there; the list of iPhone applications is enormous.

There are also applications with GPS technology incorporated into them. “GPS” is short for “global positioning system”, and is a technology that can track where you are in the world. It can also tell you how to get to a destination from where you are. This technology, while it can be incredibly useful, can also have a few privacy concerns.

The application called “GPS Tracker” (created by InstaMapper), for instance, is a program that allows you to create a free account using your e-mail address, a valid username, and password. You then install a small application to your iPhone which periodically sends your GPS coordinates to InstaMapper servers over the cellular data network. Login to your account from any computer and you will see the location of your phone, as well as historical data, on an interactive map.

This is a really neat technology, but is slightly worrying in the sense that your location data is being broadcast across the cellular data network. While it is believed the servers are secure, there is really no way of knowing who has access to your location information.

There is also an application available which allows you to show your location data to people on social networking sites (like Facebook). However, in order to do this, you must disclose your information to a third party, who can track you and your habits to direct marketing towards you and your peers. When you think about it, do you really want your friends and family knowing where you are at all times? Or being able to track your comings and goings? Probably not!

So, enjoy all the cool apps that come with the iPhone, but just be aware of where your personal or location data is going BEFORE you sign up for a service.

Are you a Dwarf, Elf, or maybe a Troll? If you have ever been any of these characters you have most likely played World of Warcraft or a similar online game. The world of online gaming has vastly progressed from an isolated individualistic activity to an entire society of its own, complete with online interactions with others. When you are playing games like this you need to understand that without the proper protection you and your information are vulnerable.

In just one example, more than a thousand gamers in South Korea had their identities compromised through a fantasy game called “Lineage”. Game accounts were created in their names without them being aware of it. In that case it was possible for hackers to attempt to make money by selling those people’s virtual weapons and the character abilities they had earned from spending hours playing the game.

Online game sites have become a growing area for people to access personal information. If someone obtains information about you from the profiles you create in games, they could use it to establish accounts in your name, resell it, or use it to access your existing financial accounts.

When on gaming sites it is important to be aware of having your settings in administrator mode. With some games, your computer will be put on that setting automatically. This is a problem because a hacker can gain full control of your computer at the administrator level. One way to avoid this problem is by web browsing from a user account – while this won’t completely safeguard your computer it is safer than using administrator mode. Some online games are played through a web browser which requires ActiveX or JavaScript in order for the game to work. If you play this way, you and your information are more vulnerable to attacks.

Whenever you’re online it is important to be careful about opening email messages or instant messages that seem odd, or that come from an unknown user. When these messages are opened, hackers can spread a virus or hack into your computer. This is why it’s important to keep an eye out for suspicious messages — especially from unknown users.

Users often use firewalls to help protect their computers. Playing a multiplayer game sometimes requires an exception in the rule set for the firewall. When removing your firewall it is important to understand that it is there to protect your computer from viruses and by removing it you are making you and your information extremely vulnerable. Remember that if you lessen your security measures you’ll be attacked by more than just Orcs!

As part of the Internet Generation, you get it when we discuss social networking sites, blogging, online shopping – often you know more about these things than many of the older people around you! But if you can teach us about new technologies, the Office of the Privacy Commissioner of Canada can teach you the importance of protecting your identity in all spheres of life and about the realities of identity theft.

As mentioned in the “Identity Theft and You” section of our main website, “There’s no widespread agreement on the meaning of identity theft,” but the term is used for “everything from cheque forgery and the use of stolen credit cards to sophisticated scams in which an impostor adopts somebody else’s identity to gain access to their assets.” We often associate identity theft with IT geniuses hacking into computer networks – this is sometimes the case and we shouldn’t turn a blind eye to technological development and its close connection to the emergence of new techniques for exploiting personal information. However, identity theft transcends the virtual world, and it often hits much closer to home.
 
Before addressing the profile of “identity thieves” it would be interesting to see if you are a person at risk. Just answer the following simple questions which will reveal a lot about your habits:
 
1)  Do you carry your Social Insurance Number in your wallet?
2)  Do you throw your balance statements and receipts in the garbage?
3)  Have you revealed your PIN code to your friends?
4)  Do you choose passwords that are common and easy to guess?
 
If you responded “yes” to any of these questions you are in danger of being the victim of identity theft.

Next, for a profile of an “identity thief”, we can refer to Benoît Dupont and Guillaume Louis’s second report (“Identity thieves: a common delinquency profile”) from the Université de Montréal’s Canada Research Chair in Security, Identity and Technology. The report states that an alarming 1.7 million Canadians were affected by identity theft in 2008.

They authors also produced a profile of an identity thief that is more frightening than the virtual profiles we tend to associate with these kind of crimes. They found that while more than 45% of cases of identity theft involve Internet use (mostly to commit fraud) the majority of the identity thieves don’t use the cyberspace to acquire information. Instead, they found that many of these criminals are “ordinary individuals”:

•  40% of offenders are women – this may be attributed to the absence of violence inherent to this sort of crime and the possibility of committing the crime without help from an accomplice.
•  The average age is 33 years.
•  64.6% of the offenders acted alone in the majority of cases.

And the approach these identity thieves take to committing theft is as ordinary as the thief’s profile. It’s a far cry from hacking into computer networks: instead, 53.4% of incidents involve the theft of wallets and purses, and fraud.

It turns out that many people choose to steal identities, simply because it’s easy! According to the research, identity theft is attractive because of the low risk involved and the ease of carrying on this activity. Identity theft has one of the fastest growing crime rates seen in recent years1.

As a result, an increasing number of measures are being taken to give you the tools you need to prevent identity theft, but in reality, day-to-day vigilance is necessary above all else.

Here are some Web sites you can visit to get more information on fraud prevention methods and identity theft:

Office of the Privacy Commissioner of Canada – Read the information compiled for individuals such as Identity theft and you.

The Consumer Measures Committee has a great information sheet for you about Identity Theft. You’ll find a quiz that will help you understand if you’re putting yourself at risk for identity theft, as well as information about what to do if you think your identity has been stolen, how to protect yourself when shopping on the Internet and more.

Privacytown – Privacytown is your online guide to protect your privacy and personal information in the age of electronic commerce and new information technologies.

1. Finklea, Kristin M. (2009). Identity theft: Trends and Issues. Congressional Research Service: Washington DC.

Dating is difficult no matter HOW old you are. There are always the same troubles and the same insecurities. Sometimes it’s hard just to meet someone, let alone go on a date! For that reason, some people choose the online dating route – which can make the whole process easier, as long as you partake in safe online behavior.

 You’ve got to keep in mind that the internet is completely anonymous, and there is no way of really knowing who you are speaking to over the internet. It doesn’t matter what the person on the other end is telling you – there is no way to verify if that person is telling you the truth. That’s why it is important to be extremely careful in the world of online dating.

 Many online dating sites only allow you to sign up if you are over the age of 18. This is for safety reasons. And it doesn’t matter what age you are – if you are part of an online dating community, there are some important tips that you should always keep in mind.

 Listen to your instincts. If something doesn’t feel right about a person, or you get a “creepy” vibe, just stop contact with that person and move on. Your instincts are telling you something for a reason, and its best to listen to them.

 Be extremely careful when giving out your personal information. It is best to try to verify who it is you are talking to before giving out personal information of any kind, even something as seemingly inconsequential as your first name. If you do not feel comfortable giving out any personal information, do not give any out. Remember that it is YOUR choice, and nobody should pressure you into sending them a picture or information that you do not feel comfortable sharing.

 It is a good idea to set up an anonymous email account if you wish to extend contact beyond the online dating community. This way, your personal and identifying information is kept anonymous and you’ll have a much easier time stopping contact if you ever choose to do so. It also allows you to better get to know a person without revealing any private information about yourself.

 If you have developed a good relationship with someone online, have verified that they are who they say they are, and have been talking to them for an appropriate length of time, you may decide to meet that person face-to-face. If you choose to do this, NEVER meet that person alone. Always bring a friend or friends that you can trust, and make sure that you are meeting in a public place. If you are under 18 years of age, ask your parents before meeting with anybody you met online.

 Overall, your instincts should tell you when something isn’t right about a situation. Listen to them! Keep these tips in mind if you ever consider joining an online dating community.

Take a minute… What do you think of when you visualize a bully? Did you think of the scariest kid in school who torments kids for their lunch money? Although these types of bullies still exist, there is now a new kind of bully to worry about. This kind doesn’t just steal your lunch money, but will send you nasty text messages from their iPhone or post embarrassing comments on your Facebook wall. Meet the cyberbully.

What exactly is cyberbullying? Cyberbullying involves the use of technology, such as cell phones or the internet, to harass another individual on purpose. Although you may not walk away with bruises or a black eye, cyberbullying can often be much more psychologically damaging than its physical counterpart. Today’s youth are experiencing cyberbullying at an alarmingly increasing rate. Why? Probably because when people believe that they are acting anonymously they are more likely to say hurtful things because they think they won’t get caught.

Many of you may have been a victim – or even the bully – at one point in time. A 2008 cyberbullying survey, conducted by the University or Toronto, indicates that nearly 1 in 5 students have been bullied online in just the last 3 months! Cyberbullying can often have devastating consequences for both the victim and the bully. Not only can it can lead to a student withdrawing from school, but it also contributes to depression, isolation, eating disorders and, in extreme cases, even suicide. In severe cases the police may become involved…this can be bad news for the bully. 

If you are the victim of cyberbullying the Media Awareness Network recommends following these four steps:

• STOP- immediately leave the online environment or activity where bullying is going on.
• BLOCK e-mails or instant messages received from bullies. NEVER RESPOND.
• RECORD all harassing messages and send them to your Internet provider (Yahoo, Hotmail, etc.). Most providers have policies about users harassing people on their server.
• TALK to a trusted adult about the cyberbullying; alert the police when bullying involves physical threats.

Long gone are the days where bullies were only found in the playgrounds. Unfortunately, they are now found sitting in their living rooms hiding behind the anonymous wall of their computers.

There is nothing like the freedom you feel when you first receive your driver’s licence! Finally, you can get yourself places without Mom or Dad giving you the third degree in the car, or yelling “I love you, honey!” in front of all of your friends (even though some of you secretly enjoy it). While driving is in itself a very exciting prospect, your driver’s licence has uses other than just being proof of your legal ability to drive.

Your driver’s licence is a piece of photo-ID, meaning that it contains identifying information about you such as your full name, age, height, and where you live, as well as a photo of you. This information is unique to you and is considered personal. It is important to realize that it can provide a direct link to you, and, if it falls into the wrong hands, could result in identity theft or fraud.

All of the information is printed on the licence, and is also coded into the strip on the back. In some provinces, you can also get a licence with a microchip that can broadcast this information to electronic readers nearby.

When stores ask you for your driver’s licence to swipe, ask why. When they swipe your licence, their system might just store ALL the information on the card. In cases like this, it’s very rare for the company or retailer to need all of the information that is provided when your card is swiped. It is a better idea to simply find out what the retailer is looking for and give them the information that you feel comfortable sharing with them, as opposed to them having all of your information on file. In cases of tobacco or liquor sales, swiping your card allows the cashier to confirm that you are in fact of age and that it is legal to sell these products to you.

If you’re underage, borrowing a friend’s ID to buy these restricted substances or for entry intro restricted areas (bars, clubs) is risky business! In doing so, you are actively posing as another person and in effect using their identity. In Ontario, having or using a fake, altered or fraudulently obtained driver’s licence could result in a fine of anywhere from $400 to $50,000. It is also possible to receive jail time for such an offence.

Remember to think it through before you take a $50,000 night on the town!

Have you ever posted personal information or pictures online without thinking about the privacy implications – and then regretted it afterwards? With the increasing popularity of social networking sites we often post without thinking twice. But what happens when you apply for a job, or try out for a competitive sports team – and realize that you’ve got pictures and comments posted online that you’d prefer to keep between you and your friends? Luckily, there are ways you can remove this information!

When it comes to removing information from social networking sites there are a few simple things you can try. (In this instance, when we say “information” we mean anything that you have posted or that someone else has posted about you – status updates, wall posts, pictures, blogs, messages.) Here is what you should do if you’re trying to remove information:

1. The obvious first step is to delete it if you can.

2. If someone else has posted information about you, kindly ask them to take it down.

3. If you can’t take the information off yourself or if someone else is refusing to take down your information, contact the website’s administrator and explain your situation. Here are links to guidelines for removing unwanted items at three popular networking sites:

Facebook
MySpace
LinkedIn

Now that we’ve covered tips on removing information from social networking sites, let’s take a look at search engines. Some of you have probably tried searching your own name on popular search engines such as Google or Yahoo. Here are some tips on what to do if you find something you’d like removed:

1. The first step is finding out what’s out there. This is easy – Google yourself!

2.  Does your name come up in direct correlation with any social networking site, blog or public profile? If it does, and you’d rather it didn’t, this is easy to prevent by using a pseudonym (another word for “username”) instead of  your full name as a username.

3. Contact the person in charge of the site which is displaying your information on Google. Kindly ask them to take the information off.

The best way to avoid having to do any of this is to think ahead from now on. Make sure you think before you click – don’t post anything you might not want up there a few days or even years down the road. This problem is so common that there are now companies who make a profit from people who want information taken off the web. This is because once something is online it often gets stored in so many places that it’s almost impossible to get rid of. Think twice before you post any information online and you won’t have to worry about any of this stuff in the future!

How safe is your information? Only as safe as your password. Without a strong password you’re vulnerable to others accessing your online information. One way to prevent this is by creating a strong password to protect yourself from possible hackers. Making sure that your password is protected is an important part of online activity. The Australian Government has even launched a Change Your Password Day in order to raise awareness about staying safe online.
 
There are many things you can do to create a safe password. The perfect password needs to be long (8 characters or more is recommended). The more characters you use, the stronger your password will be. It should also have a variety of characters. The combining of letters, numbers and symbols makes the password more complex and therefore harder to guess. Your password should incorporate both length and different types of symbols.

It is also very important not to make typical mistakes such as the use of sequences or repeated characters. Using a pattern will make it more likely that another person can predict it. Also, using any part of your name, birthday, social security number, or similar information for your loved ones is a bad password choice. You should also use different passwords for different systems – if one password and online system is compromised, then all of your other information that’s protected by that password could be compromised as well.

To avoid the possibility of security breaches it is important not to reveal your password to others. This includes providing your password through e-mail – especially if you receive an e-mail from a person or organization, asking you for your password.. Many of those requests are scams to gain access to your personal information. You should also be wary of typing passwords on computers that you do not control or own because others may be able to extract your password from that computer after you use them. Lastly, change your passwords regularly to reduce the likelihood of someone accessing your personal information. Happy Change Your Password Day!