You Might be Interested In

Louise is a central character in our upcoming Consumer Privacy Consultations – not because of her great hair, but because she’s engaged online the way many Canadians are…she buys clothing and books online, she updates her Facebook profile regularly, she’s got an iPhone.

She’s also our fictional case study for examining how our data travels as we engage with the online world – who’s got our data? What are they doing with it?

Below is just one of several scenarios we’ve developed to help ground our conversations during the consultation process. This one will be used during the Advertising panel this week in Toronto. As you read it, ask yourself:

Is Louise aware of how her information may be used when she searches for and buys materials at online bookstores?

How accurate is the advertising profile developed for Louise, given that she shares the computer with other members of her family including her nine-year-old brother?

How could Louise’s profile information be matched with publicly available information to draw inferences about her? What types of decisions are or could be made based on her profile information?  What are the risks of combining online and offline profiles? Or the risks involved in combining different online profiles, like Louise’s Facebook profile with the profile her favourite online bookstore has of her?

Louise is a stylish 21-year college student who likes to meet people and try new things. She is active online and does everything from buying trendy clothing and concert tickets to keeping up touch with friends through posting updates and photos to her Facebook page.  Now in her final year of college, Louise is starting to look for a job. She is putting herself through school by making jewellery and selling it online. She is also a collector of specialty comic books and belongs to an international network of comic book enthusiasts. Louise also has a younger brother, David, who is nine years old.

Louise bought some designer jeans at a store in her local mall with her credit card. She also had the clerk swipe her loyalty card.

When Louise arrived home, she signed into her new account at the store’s web site to learn more about the clothes she had carried into the changing room but not bought. In her excitement to see the store’s merchandise, she clicked through the site’s lengthy privacy policy.

In looking on the store’s web site for a blouse to go with her new jeans, Louise saw an advertisement for jewellery that really appealed to her, so she followed it. Louise felt comfortable at the small Canadian jewellery site because the style of the site was as though she were visiting a friend’s page.

She also liked the styles of jewellery on the site so she bought a necklace and clicked on the “Like” button to update her friends on her latest purchase. From there, she left the store site and searched for the listing of a concert and bought 2 tickets. After that, she checked the status of the online auction she was participating in to get a new specialty comic book.

After this, Louise updated her Facebook page to let her friends know about her purchases and to see who else would be attending the concert. From Facebook, she checked out her favourite online bookstore where she purchased a book that was recommended to her by another comic book expert.

We’re hoping to generate some discussion around Louise’s activities – join the discussion by commenting on our blog, or jumping into the Twitter-stream on Thursday (hashtag #priv2010). We also invite you to check out the live webcast.

The intersection of geolocational apps and social media has produced…virtual graffiti.

At several American universities, students with cellphones are tagging campus landmarks with comments and labels using location-aware apps like Foursquare. Some universities have found ways to teach through tagging:

“At North Carolina State University, meanwhile, a new library service shows smartphone users historical pictures of campus buildings based on where users are standing, including a snapshot of the first freshman class, from 1890, when the agricultural college’s hot mobile technology was horses.”

And students have found, er, innovative ways to tag spots around campus – one of the deans at the University as at Dallas discovered his office had been tagged in Foursquare with the comment “Watch out for lame jokes!”

The ability to virtually tag places, things and people isn’t new, but it does create challenges when it comes to managing our identities online – who owns that material? Foursquare? The tagger? The person tagged? Right now, the responsibility is in the hands of the tagged – for instance, look at the care university students take in reviewing, and untagging when necessary, photos of themselves that get posted to Facebook after a particularly spectacular weekend.

Is this likely to change? Probably not – online as in offline, we should all know what face we’re putting forward.

This post, by co-op student Erin Siksay, is cross-posted from our youth blog.

I searched myself online the other day and came up with a profile I had created some years ago, complete with picture and date of birth, name, and e-mail address. So many websites require at least some personal information in order to view exclusive content or enjoy the services provided by the website, it gets difficult keeping track of all the websites I’ve signed up for. Inevitably, some end up being neglected or forgotten. Then, years later, they pop up when I’m feeling bored (and perhaps narcissistic) and searching myself online.

I had the website e-mail me my username and password so I could delete the account (and all of its revealing information) from their server so it wouldn’t appear in the search engine queue. (Luckily I’ve used the same e-mail address for many years). If you find yourself in the same situation but with an unknown or expired e-mail address, you can always write to the moderators or developers of the website and request that your profile be taken down or removed.

You may be selective with what information you put into an online profile, but with lots of profiles online it can become difficult to keep track of exactly what personal information is available on the web. One website might require a postal code, another a birthdate. Pieced together, these separate profiles can reveal a lot about the user. This combined profile can then be used for targeted marketing or even more malicious purposes.

Make sure your profile doesn’t come back to haunt you.

Once again, students from the Encounters with Canada program have selected the winners of our annual student video contest! Here are the winners for our 2009 competition:

The three top video artists in the live action category were:

1^st place: Jeffery Burge, Vanessa Caicedo, Alexandra Georgaras, Gareth Imrie and Fiona Sauder of Canterbury High School in Ottawa, Ontario, with a video titled “Think Before You Click”. They win a $100 gift card and an iPod Touch.

2^nd place: David Borish and Mory Kaba of Glebe Collegiate Institute in Ottawa, Ontario, with a video titled “Friend or Foe”. They win a $250 gift card.

3^rd place: Jennifer Paul from Brampton, Ontario, with a video titled “Too Good to be True”. She wins a $150 gift card.

The three top video artists in the animation category were:

1^st place: Tyler Ford and Matthew Kerr of Osgoode Township High School in Metcalfe, Ontario, with a video titled “Privacy: Think Before You Click”. They win a $100 gift card and an iPod Touch.

2^nd place: Rebecca Kartzmart and Emily Patterson of Osgoode Township High School in Metcalfe, Ontario, with a video titled “Carol the Carrot”. They win a $250 gift card.

3^rd place: Scott Piper of Osgoode Township High School in Metcalfe, Ontario, with a video titled “Privacy Matters”. He wins a $150 gift card.

The three top video artists in the French video category were:

1^st place: Benjamin Dion-Weiss of l’École secondaire publique De La Salle in Ottawa, Ontario, with a video titled “Le réseautage social d’après le Comte Hackula”. He wins a $100 gift card and an iPod Touch.

2^nd place: Stéphanie Lemieux and Emily Vendette of l’École secondaire catholique Embrun in Embrun, Ontario, with a video titled “Le Journal de Lisa”. They win a $250 gift card.

3^rd place: Cosmo Darwin of l’École secondaire publique De La Salle in Ottawa, Ontario, with a video titled “Trouvée & Perdu”. He wins a $150 gift card.

The three top video artists in the Junior category were:

1^st place: Mackenzie Giffen, Chris Johnstone, Chris Nattrass, Curtis Sookhoo and Gabriel Zingle of F.R. Haythorne Junior High in Sherwood Park, Alberta, with a video titled “The Spanish Lottery”. They win a $100 gift card and an iPod Touch.

2^nd place: Trevor Aiello, Connor Bergersen, Chad Bullock and Lochlan Thomson of F.R. Haythorne Junior High in Sherwood Park, Alberta, with a video titled “A lesson In Privacy”. They win a $250 gift card.

3^rd place: Matthew Craner, Scott Deshane, Madison Gilchrist, Joe Matishak and Graeme Wyatt of F.R. Haythorne Junior High in Sherwood Park, Alberta, with a video titled “The Phone Number Test”. They win a $150 gift card.

We also recognized seven teachers for their enthusiastic participation in the contest. They were:

• Crystal Getschel, of F.R. Haythorne Junior High in Sherwood Park, Alberta, with 26 entries.
• Majed Mattar, of Osgoode Township High School in Metcalfe, Ontario, with 21 entries.
• Professor Kaduri, of Tanenbaum Community Hebrew Academy of Toronto, Ontario, with 15 entries.
• Grant Holmes, of École secondaire publique De La Salle, Ottawa, Ontario, with 11 entries.
• Carol Shaw, of Woodstock Collegiate Institute, Woodstock, Ontario, with 8 entries.
• Kevin Shae, of Sir Robert Borden High School, Ottawa, Ontario with 6 entries.
• Stephen Willcock, of Canterbury High School, Ottawa, Ontario, with 5 entries.

Each teacher will receive a $250 gift certificate at Indigo Books and Music to use for personal use or for the school they represent.

The videos will be posted as soon as possible to our youth site. They will also be available on our YouTube channel.

We were thrilled with the number and quality of submissions we received for our second competition. We’ll be launching the 2010 contest in May!

The combination of microblogging services like Twitter and location-aware social networking games on your mobile device like Foursquare is like the Red Bull and vodka of the internet – it’s one big party until your great-aunt’s end table is smashed.

Twitter, of course, enables its users to post short 140-character messages. Social networking games like Foursquare encourage players to post their precise location information in order to gain points – the more locations you “check in”, the more points you gain. These “check-ins” can also be automatically posted to a player’s Twitter or Facebook account.

A couple of Dutch developers have created a site called PleaseRobMe to point out the dangers of posting so much information on your whereabouts.

Don’t get us wrong, we love the whole location-aware thing. The information is very interesting and can be used to create some pretty awesome applications….  The danger is publicly telling people where you are. This is because it leaves one place you’re definitely not… home. So here we are; on one end we’re leaving lights on when we’re going on a holiday, and on the other we’re telling everybody on the internet we’re not home.

The creators of PleaseRobMe point out that users could be putting others around them at risk as well. Foursquare players, for example might also be posting location information for places they frequent…like the homes of friends and family.

The site – which took developers four hours to build – is a witty little reminder to consider the possible repurcussions of what we post online.

On Data Privacy 2010 we’d like to take a moment to remind everyone that is the responsibility of both individuals and companies to make sure that personal information is safe.

If you own a company, or work for a big one: in the past, you may have had to ensure that your customers’ name and address information (and in some cases credit card and billing information) were safe. Now, many of you are providing technology and tools for your customers to put increasing amounts of personal information online. Does your company have the systems in place to safeguard this information? Do you give your customers the tools and options to control how their information is used?

If you are a user of new and cool technology: in the past a telephone was a telephone, a video game was a video game, a stuffed toy was simply that – a stuffed toy. Today, more and more toys and handheld tools come with the ability to go online. Do you understand how to enjoy your toys and gadgets without putting your personal information at risk?

If you are a parent or guardian, teacher, coach or caregiver: do the young people in your life understand how to use all these new toys and gadgets while keeping their personal information safe? Our office has recently made youth privacy a key priority. Today, we have posted some new resources to the Parents & Teachers section of our youth web site. The resources include information on 12 privacy issues (such as the importance of privacy settings and knowing who your friends are on social networking sites), along with ideas for generating discussion about each issue with young people. You can use these resources to start discussion about personal privacy and the importance of thinking about what you post on the Internet.

Regardless of which group you are in – if you need any information about how to keep personal information secure, visit our web sites – priv.gc.ca and youthprivacy.ca.

Do your loved ones have toys on their wish lists this holiday? A stuffed animal for a little one… a cell phone or a camera for a teen? These days, these toys and gadgets are more than they used to be. Just a few years ago a stuffed animal was something to cuddle with and a phone was, well, just a phone! Now, many stuffed animals come with codes that allow kids to register them online so that they can play games, feed and care for them, and even chat and play with other kids. And many cellphones are phones, computers and cameras, all in one.

And while such toys and gadgets can be fun, we want people to enjoy them without putting their privacy and personal information at risk.

Here are our tips for protecting your privacy as you and your loved ones enjoy your new gadgets and toys. For parents especially:

Understand new toys and their capabilities – It is important to understand the capabilities of new toys and how your children will use them. Speak with your kids about how they will use the toy and, where appropriate, agree on guidelines and limits.

Pay attention to privacy settings and parental controls – Privacy settings on social networking sites control what people see about you. Only allow your friends to see your page, your posts, your photos and your applications. Parents, if you depend on parental control software that is installed on your desktop, remember that. Those controls won’t be in place on new mobile devices.

Remember, with Wi-Fi, children can access the Internet from anywhere in the house – And if their new toy/gadget has Internet capabilities they can also use it to access the Internet from locations and networks outside your supervision and control.

Here are our tips for protecting your privacy as you and your loved ones enjoy your new gadgets and toys. For everyone:

Think before you click – The Internet is a public arena, and photos and comments you post are permanent. Even if you delete them from a web page, they could continue to exist in archived pages, in your computer’s cache or on the computers of other Internet users who may have copied them. If you don’t want certain people to see something, now or in the future, don’t post it!

Pick and protect the perfect password – Your information is only as safe as your passwords. Use different passwords for different systems; make sure they are strong (eight characters or more and a variety of letters or numbers); never share them with anybody; and change them regularly.

Know your friends – Online, you can’t be 100 per cent sure who you are talking to. Don’t accept friend requests from people you don’t know in real life.

Protect your identity – Identity theft is a growing problem and the Internet is the least private of spaces. Don’t post or e-mail personal details such as your social insurance number, phone number, home address or birth date.

Be careful on online gaming sites – Online gaming sites are hotbeds of people accessing personal information. Be aware that ill-intentioned people can use information from your profile to establish accounts in your name, or use your stolen identity to access your existing accounts.

Be wary of e-mail or instant messages from unknown people – Don’t open online messages that seem odd or are from someone you don’t know. They could contain a virus or let a hacker gain access to your computer.

Have a happy holiday and enjoy all your new toys!

It’s also the 20^th anniversary of the day the United Nations General Assembly adopted the Convention of the Rights of the Child. A significant milestone, this made privacy a basic human right for everyone under the age of eighteen.

Privacy is a right that all young people should enjoy, no matter where they live. With today’s world being so different than it was 20 years ago, this is something they may not think much about. Today, young people are videotaped by security cameras almost everywhere they go. They are asked for their postal code or driver’s license number when they buy a pair of jeans. They can instant message, update their statuses, download music, talk to friends on Facebook and play games on their computers with people all around the world. Twenty years ago, if someone wanted to get in touch with you they had to phone you or send you a postcard!

It is so easy for young people to overlook their privacy rights and why they’re so important. And it’s easy to forget about the risks that are out there if they don’t protect their personal information. These risks can range from nuisance (all those marketers who are looking for people to target their ads to) to serious (from the people on the Internet who are looking for identities to steal, to the predators who are looking for victims). Many of them also tend to forget that when they post comments, photos and videos, online, that information is public and permanent and almost impossible to remove.

So today, on National Child Day, take a minute and remind the young people in your life, in your community, that privacy is their right. Have them look around youthprivacy.ca and click through the pages. Encourage them to find information about how they can have fun online while protecting this valuable basic human right.

Is there a young person in your life who is fixated on social network and video-sharing sites, online games and gadgets such as iPods and mobile phones? If so, you may want to take notice of the Media Literacy Week, which is taking place this week, from November 2 to 6, 2009.

This year’s theme is Media Literacy in the Digital Age, emphasizing the multiple levels of literacy that young people today need to access, evaluate, repurpose, create and distribute media content if they are to successfully navigate their digital media world.

Young people face many new challenges in this environment, but they also need to know how to protect their privacy while they are online and how to stay safe when using social networks.

This week, take a moment to familiarize yourself with all the great tools that are out there for you to share with your kids, students or other young people in your life. Here is a short list that we’ve compiled for you:

From This Office

If you haven’t already done this, spend some time on our site for young people, parents and educators, youthprivacy.ca. It’s full of tips about how young people can enjoy digital tools while staying safe and protecting their privacy. We are also featuring a video contest for 12-18-year-olds and a youth blog which discusses privacy issues that young people face. The site also features two teaching lessons on privacy (for grades 7 to 9 and 9 to 12) that were developed in partnership with the Media Awareness Network.

The Media Awareness Network

Their web site is full of valuable tools, including a Passport to the Internet, an online tutorial to help students in grades four to eight develop the critical thinking skills they need to navigate the web in a secure and ethical manner; and the Media Education: Make it Happen! program, which is a series of free resources to help educators understand and facilitate media literacy in their classrooms.

Our international partners face the same challenges and are working on various projects in order to reach youth. Check out the youth privacy web sites of some of our international partners:

Australia’s Office of the Privacy Commissioner – Whether you never think about privacy or always do, they have created a publication for you. They will tell you what some of the privacy issues are that you might face, some of the pitfalls to avoid, and who to turn to for help if your privacy has been affected.

The Office of the Privacy Commissioner for Personal Data of Hong Kong has developed an interactive web site that aims to provide access to information regarding the execution of the Ordinance. It offers unparalleled user-friendly functions and a Privacy Zone for Youngsters that includes a few games.

The Information Commissioner Office of the UK has a youth site that is aimed at helping them protect their personal information.

YOU decide… an ingenious campaign put together by the Norwegian Board of Technology, the Norwegian Data Inspectorate and the Norwegian Directorate for Education and Training. Their videos, web site and guidebooks are produced by kids, for kids.

As you might have noticed, we’ve spent quite a bit of time over the past year looking at the privacy issues surrounding social networks.

While we released the report into our investigation of Facebook in July, in recent weeks we have also made public other research we have commissioned.

Last week, it was a report on a series of focus groups examining Canadian’s attitudes towards privacy on social networks. These were originally held in December 2008, and seem to confirm observations made in the U.S. and Europe: the users of social networks will say they are concerned about their privacy online, will argue that they have taken steps to protect their privacy, but will gradually admit that they don’t invest too much time or thought into the process.

This week, we are releasing a research paper that examines the privacy protections available on social networks popular with Canadians: Facebook, Linkedin, Livejournal, MySpace, Hi5 and Skyrock.

This paper, by Jennifer Barrigar, was not meant as an exhaustive examination of these networks’ privacy practices: instead, it should provide users with a general indication of the protection each network provides. It also lists a number of steps social networks of any stripe can take to make themselves more privacy protective and respectful of the information their users make available.

As I note in a foreword to the paper, Jennifer originally finished her work in February 2009. As we all know, many social networks and online services regularly revise their privacy policies and improve the protections they make available to their users. As a result, you will likely find that this paper is out of date in places (say, the Facebook section).

Nevertheless, we are releasing the paper because we feel it is an important contribution to an ongoing discussion about privacy protection in social networks – and on many other online services. Jennifer’s observations serve as a useful reminder to these services that their users are increasingly expecting more from their providers.