Law in the Internet Society

Teach Your Parents Well: Creating a New Data Literacy via Educational Intervention

-- By AlisonRobins - 09 Oct 2020

By teaching children what data privacy means, we can create a world in which data mining and other common practices under surveillance capitalism have no choice but to die out. The problem is with the adults in charge who are illiterate about data privacy.

The Monster in the House

COPPA and its Failures

The current framework for protecting children online is insufficient with respect to data mining. Congress intended the Children’s Online Privacy Protection Act of 1998 to protect the “personal information” of children thirteen years old or younger online. However, it could not account for rampant behavioral data mining practices. Even in 2010, scholars saw COPPA as an ineffective measure for protecting children on social media. One reason? The assumed privacy concern was children giving up their own information voluntarily. In reality, that swiftly became usurped by cookies, behavior tracking, and targeted advertisements.

A Lack of Checks

COPPA’s failures are also tied to the naïveté of its components. Many of the restrictions rely on children accurately giving their age on the internet, which they do not. Age verification is a useless tactic, even more so when one considers that the only way to fortify it would be to encourage children to throw more personal information (perhaps a birth certificate) onto the fire as a way of keeping them safe.

There are also incredibly low-grade consequences for COPPA violations. Should a company violate a child’s privacy online in the United States, it faces but a five-figure fine. To companies like Google or Facebook, this is nothing. Conversely, the GDPR in Europe fines up to 4% of annual global revenue; still pennies, but much more than the American policy.

Reforming COPPA Meets the Same Insufficient End

The Senate introduced legislation to cover these issues, such as the Do Not Track Kids Act; but, it advocates for personal consent before collecting data. The point should not be to allow companies to seize your data, but rather that such seizure should be seen as an invasion of a right that cannot be contract[-of-adhesion]ed away. A newer House bill, the Preventing Real Online Threats Endangering Children Today Act, would extend COPPA protections to children up to age sixteen and cover geolocation and biometric data, which may be a better step, but a small one.

The Political Inability to Legislate What You Do Not Understand

The reasons for COPPA’s failure are tied to the political misunderstanding as to the identity of the threat. Legislation is caked in the idea of asking users for consent to use data; this begs the question that mining a user’s personal data and behavior is something to which a person may consent. “The flaw in this reasoning, however, is that consumers are unaware of the broad and sweeping control that a website may have over their personal information” and have no idea to what they are consenting.

One must only think back to the 2018 Facebook Congressional hearing to understand the incompetency of our legislators’ technological intellect. So much time was wasted by lawmakers with no idea how lucrative data mining can be (“Senator, we run ads.”). This created a political economy in which tech companies have free rein from a government that can offer no checks. Child advocacy already suffers from the inability of its subjects to protect themselves; what is to come when those tasked with protecting children cannot see the monster?

Investing in Technological Competence with Respect to Privacy

The Prevalence of Virtual School and Privacy Violations

As the majority of children learn via online platforms as an only option this year, there is little recourse for them to navigate privacy concerns. Schools are having to provide hard and software to children so that they can learn. Under COPPA, “schools can consent on behalf of parents to the collection of student personal information by educational technology services,” meaning that the decision-maker on data privacy is now two degrees removed from the affected party. When schools, needing to move swiftly, do not check how safe these devices and programs are, they are essentially handing over personal data about their students that they should have no right to concede. Zoom has an educational version of its program that supposedly complies with FERPA, but no one has time and the knowledge to know to check that. Even when parents know what to do, it can take years—a significant part of a young child’s life—to see if companies are adhering to their deletion policies.

The Harm of Teaching Data Invasion as a Way of Life

We need to be more vigilant about teaching children about their data rights. Without a curriculum that empowers children to assert their privacy rights online, we teach them to accept data mining as a fact of life. When children must have a camera into their home on constantly and are penalized for the slightest misbehavior in the privacy of their home, we create “a kind of digital panopticon” that regulates the private sphere. Public schools do not just teach math and literature, but also civic duty. You cannot have a democracy that regulates its citizens within their own homes purely because it is the most convenient option for technologically-lacking educators. If there were educators who knew the importance of protection from behavior tracking, they would be aghast.

Conclusion

If we mandated data privacy in school curricula, a generation would know how to protect itself and would later form the adult population that knew of such danger. Until the law accurately encompasses the actual monster online, political economy truly disincentivizes violations, and the technological know-how is widely prevalent, children and future generations will be oblivious to the pillaging of their online lives.


You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. To restrict access to your paper simply delete the "#" character on the next two lines:

Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list.

Navigation

Webs Webs

r1 - 09 Oct 2020 - 19:38:39 - AlisonRobins
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM