ENISA warns about data-profiling risks to tech-savvy children

ENISA warns about data-profiling risks to tech-savvy children

European information security agency makes recommendations to mitigate online threats affecting children

Article comments

The European Network and Information Security Agency (ENISA) has issued recommendations to law enforcement agencies, European Union member states, civil society groups, as well as parents and educators on how to mitigate risks faced by children online.

The agency has identified cyberbullying and online grooming, which refers to gaining the confidence of minors with the intent of sexual abuse, as some of the top online risks to underage children and warned that data mining and profiling can facilitate these forms of abuse.

To provide context for its recommendations ENISA created a fictitious scenario centered around a 13-year-old girl named Kristie who has a very active social presence online and maintains a secondary profile where she presents herself as an adult by lying about her age and occupation.

This is increasingly common behavior for tech-savvy children. According to a recent study performed in the US, a large number of parents actually help their children evade age restriction controls on social media websites because they believe that such online services can further their educations, enable family communication and enhance their social interactions.

In ENISA's scenario, an attacker uses data mining and profiling techniques to build an online identity for himself that matches Kristie's interests so he can earn her trust. The young girl ends up starting an online relationship with a boy who she believes to be 16, but is actually a 35-year-old sexual predator.

Unfortunately, there are many cases where data profiling is used by online attackers for the selection of victims. Back in September, 32-year-old Luis Mijangos of Santa Ana, California, was sentenced to six years in prison for charges related to sextortion - extortion involving sexually explicit photos and videos.

According to the US Federal Bureau of Investigation, which investigated the case for two years, Mijangos had over 200 female victims, many of them underage girls, which he targeted through social networking websites. He impersonated their friends and family members to trick them into installing malware on their computers. This allowed him to intercept their private communications and hijack their webcams.

A 23-year-old man from Citrus Heights, California, named George Samuel Bronk pleaded guilty in January to hacking into the email accounts of dozens of women by using information they posted online. He searched the compromised accounts for intimate photos and used them to harass his victims.

ENISA said that its report is intended to complement existent national and international child protection initiatives with non-technical recommendations. The agency's suggestions range from EU member states strengthening law enforcement agencies and statistical data collection efforts regarding cases of information misuse, to launching more frequent online campaigns regarding the prevention of cyberabuse, and trying to close the knowledge gap between adults and teenagers when it comes to computer use and online issues.

ENISA recommended that teenagers use specialised security settings online and that applications that handle teenager data be assessed for their impact on privacy. It also wants mechanisms that allow the deactivation of online components to be made available in mobile apps and current age-oriented access controls to be enhanced.

Share:

Comments

Advertisement
Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *